On 08/23/2013 03:23 PM, Martijn Hoekstra wrote: > Requiring https for advanced privileges seems odd. Would that require a > second set of credentials over a https only page?
You're missing the point. People who have (for instance) checkuser or oversight should be simply disallowed from logging in through HTTP at all. -- Marc _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l