And I thought Ryan Lane was talking about the future, not the past. I
I think we should focus on the present, personally.
If a user goes to https://wikipedia.org, they're quietly redirected to
http://www.wikipedia.org. This is true of a large number of domains
(e.g., https://wikimedia.org and https://mediawiki.org).
This has been known about since at least October 2011 (cf.
https://bugzilla.wikimedia.org/31369) and everyone seems to agree that
it's a pretty evil bug (a user knowingly tries to access a site over HTTPS
and is unknowingly routed to HTTP). And yet it's August 2013 and the best
response we seem to have come up with is install a client-side browser
plugin and we're working on it.
It's difficult to believe that the Wikimedia Foundation is committed to
user privacy when bugs like this go unresolved after so many months. This
bug will celebrate its second birthday in less than two months.
Wikimedia-l mailing list