George Herbert wrote: > The current WMF situation is becoming "quaint" - pros use > secure.wikimedia.org, amateurs don't realize what they're exposing. > By professional standards, we're not keeping up with professional > industry expectations. It's not nuclear bomb secrets (cough) or > missile designs (cough) but our internal function (in terms of keeping > more sensitive accounts private and not hacked) and our ability to > reassure people that they're using a modern and reliable site are > falling slowly.
I don't understand what you're saying here. Most Wikimedia content is intended to be distributed openly and widely. Certainly serving every page view over HTTPS makes no sense given the cost vs. benefit currently. As Aryeh notes, even those who act in an editing role (rather than in simply a reader role) don't generally have valuable accounts. The "pros" you're talking about are free to use secure.wikimedia.org (which is already set up and has been for quite some time). If there were a secure site alternative, I think you'd have a point. As it stands, I don't see what's very quaint about this situation. It'd be great to one day have http://en.wikipedia.org be the same as https://en.wikipedia.org with the only noticeable difference being the little lock icon in your browser. But there are a finite amount of resources and this really isn't and shouldn't be a high priority. If the goal is to reassure people that they're using a "modern and reliable site," there are lot of other features that could and should be implemented first in my view, though the goal itself seems a bit dubious in any case. MZMcBride _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
