On Tue, Oct 26, 2010 at 6:24 PM, George Herbert
<george.herb...@gmail.com> wrote:
>..
> But I would prefer to move towards a logged-in user by default goes to
> secure connection model. That would include making secure a
> multi-system, fully redundantly supported part of the environment, or
> alternately just making https work on all the front ends.
>
> Any "login" should be protected. The casual "eh" attitude here is
> unprofessional, as it were. The nature of the site means that this
> isn't something I would rush a crash program and redirect major
> resources to fix immediately, but it's not something to think of as
> desirable and continue propogating for more years.
I agree. Even if we still do drop users back to http after
authentication, and the cookies can be sniffed, that is preferable to
having authentication over http.
People often use the same password for many sites.
Their password may not have much value on WMF projects ('at worst they
access admin functions'), but it could be used to access their gmail
or similar.
--
John Vandenberg
_______________________________________________
Wikitech-l mailing list
Wikitech-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikitech-l
