On Wed, Oct 15, 2014 at 11:11 AM, Mark Bergsma <[email protected]> wrote:
> I think if we can't allow secure HTTPS by keeping SSL 3.0 enabled, we > should probably disable it even if it breaks a small number of > requests. 1.5% doesn't seem insignificant though. Obviously we'd need > to communicate that very well, as we don't seem to have good options > for doing any sort of fallback to HTTP. I guess it also depends on > what the public awareness of this issue will be... > I should clarify that the 1.5% figure there is http+https combined (I think) so the actual figures for https will be lower. In practical terms I think no https would mean not being able to edit as a registered user, anon edit still works over http. +1 to clearly communicate this, perhaps on the "https entry points" e.g. login button at least while http is still the default.
_______________________________________________ Analytics mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/analytics
