Re: [Wikimedia-l] Update on IPv6

2012-06-18 Thread Federico Leva (Nemo)

Nathan, 13/06/2012 20:37:

In my view, no. I think we need to balance the risk argument for
anonymity (dissidents, whistleblowers, people editing topics they wouldn't
want to be publicly associated with, etc.) with the benefits of partial
anonymity. Among these benefits I'd cite the many news items regarding the
discovery of fishy editing patterns from Congressional offices, corporate
offices, government agencies, political candidates, etc.  We're an
organization with competing aims: we'd like to be as transparent as
possible, and by and large believe in the value of radical transparency,
but we also want to protect our users from undue harm.


I'm quite surprised that only Nathan seems to be voicing this concern.
For many years when people criticized the lack of responsibility in 
Wikipedia's authors we've repeated that every word and comma is 
attributed to a person, either by pen name or IP, and that there's no 
need of a real name policy. The most important feature of MediaWiki is a 
[user] tracking feature: the diffs, the history, the contributions 
page; everything is transparent.
This is not needed to please some big brother fans but rather for the 
wiki (the community) to work; replacing IPs with unusable 
non-identifying strings would be a bad thing and it's not obvious at all 
that improving privacy is the prevalent aim here. In fact, the main 
problem with how IPv6 addresses are exposed in MediaWiki is that the 
bytes of information random users have to digest and remember to 
identify users are just too much and in a user-unfriendly format (even 
for the standard sysop). On the other hand, IPv6 will improve 
identification in a very good way; ISP are already heavily using NAT, 
and quite often hundreds or thousands of users in my city have been 
blocked on it.wiki by blocking just a single IPv4 address, not to 
mention community drama around dubious CheckUser results.
That said, we've used domains before IPs and it's surely possible to 
invent something new, although I don't have enough imagination to find a 
solution.


Nemo

___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l


Re: [Wikimedia-l] Update on IPv6

2012-06-14 Thread Andrea Zanni

 On Jun 14, 2012 1:30 AM, Brandon Harris bhar...@wikimedia.org wrote:
 
 A couple of weeks ago, Brion Vibber and I started walking through
 a series of thoughts about eliminating publicly viewable IP addresses
 altogether, creating Proto Accounts.  That is, to completely anonymize
 anonymous users (by calling them Anonymous XX) and at the same time
 creating system whereby Anonymous users might be encouraged to become
 registered users (and retain the edits they did anonymously).
 
 This would work by back-loading the account creation process:
 
 1) User makes anonymous edit (as Anonymous 1234).  Edit
 is logged as Anonymous 1234).
 2) User is given call-to-action to convert to a registered
 account.
 3) User fills out account form (username, password, email)
 (let's call them AwesomeSauce89)
 4) Proto account gets renamed to AwesomeSauce89; the
 edits that were under Anonymous 1234 are now listed as being by
 AwesomeSauce89
 
 I also spoke with Tim Starling about this in Berlin and he agreed
 that it was a good idea.  However, this would be no small feat.  A big part
 of the problems involved in this type of anonymizing involve how we deal
 with range blocks.
 Would this be something people might like to see. .


 If I understand it well, YEAH.

Aubrey

___

 Wikimedia-l mailing list
 Wikimedia-l@lists.wikimedia.org
 Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l

___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l


Re: [Wikimedia-l] Update on IPv6

2012-06-13 Thread Strainu
2012/6/13 Kim Bruning k...@bruning.xs4all.nl:
 I noticed that my current IPv6 address appears to be assigned
 dynamically by XS4ALL. I can probably get static if I choose it. But the
 dynamic assignment option does alleviate some people's privacy
 concerns, right?

It depends on their OS. On Windows, OSX, iOS and Ubuntu (so over 95%
of all traffic considering an equal distribution of IPv6 addresses), I
would say yes, since they have enabled the privacy extension by
default. For the rest of the world, not really. Even if the first half
of the address is dynamic, the last part will be static and linked to
your Ethernet adapter.

Strainu

___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l


Re: [Wikimedia-l] Update on IPv6

2012-06-13 Thread Deryck Chan
On a separate note about IPv6: I just saw the first IPv6 anon entry
appearing on my watchlist. It's exciting!
Deryck

On 13 June 2012 13:43, Anthony wikim...@inbox.org wrote:

 On Tue, Jun 12, 2012 at 6:39 PM, Kim Bruning k...@bruning.xs4all.nl
 wrote:
  I noticed that my current IPv6 address appears to be assigned
  dynamically by XS4ALL. I can probably get static if I choose it. But the
  dynamic assignment option does alleviate some people's privacy
  concerns, right?

 One particular concern, which isn't really much different from IPv4.

 And in something like 90% of browser configurations, you're already
 giving out a semi-static unique string with every request anyway.
 (see https://panopticlick.eff.org/)

 The bigger concern for WMF is the possibility for increased privacy.

  ps. We all know that everyone needs to switch to IPv6 eventually.

 Unless IPv7 or IPv8 comes out first.

 ___
 Wikimedia-l mailing list
 Wikimedia-l@lists.wikimedia.org
 Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l

___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l


Re: [Wikimedia-l] Update on IPv6

2012-06-13 Thread FT2
IPv6 is designed to operate on a one IP = one device/connection (non-NAT)
basis, far more than IPv4.  Privacy policy coversd personally identifiable
information.  An IP becomes personally identifying when it broadly allows
a person to be identified.  If IPv4 can be personally identifying then
IPv6 is guaranteed to be more so, because of its design and intended usage.

It looks like the switch to making the UserID on public record more
anonymous for non-logged in users (hashing their IP for example) could
usefully be brought in, simultaneous with or parallel to IPv6.  As Erik
says, both are desirable verging on necessary at some point, and the one
mitigates against the issues of the other.

It serves a second purpose - a good system providing a more anonymous
UserID of public record would also mean that IPv4 and IPv6 users would
have similar names in the public record and block lists, meaning that the
same tools and interfaces would work equally with both.  This would
simplify matters for future as well.

Without second guessing a suitable method, I would like to see unlogged-in
users represented by a name of the form IP user XXX or Not logged
in Y or some such; there would be difficulties in that we want similar
IPs to look similar without providing easy ways to identify the genuine
underlying IP (eg by noticing other similar 's whose IPs are known).
It's also going to have implications for vandalism and abuse related
activities, where it is often helpful that action is easily identified as a
similar IP.  It would be nice not to lose that sense of similar IP while
not exposing the genuine IP.

Choice of method is a technical matter, I'd suggest if we move on both,
then hopefully IPv6 will mark a step where anonymity improves and is
available to logged in and not logged in users.   But either way, IPv6 does
have privacy implications for non-logged in users. IPv4 did too, but
historically we let it alone and it was less severe. With IPv6 it may not
be, and action would be much more important.

FT2




On Wed, Jun 13, 2012 at 4:34 PM, Deryck Chan deryckc...@wikimedia.hkwrote:

 On a separate note about IPv6: I just saw the first IPv6 anon entry
 appearing on my watchlist. It's exciting!
 Deryck

 On 13 June 2012 13:43, Anthony wikim...@inbox.org wrote:

  On Tue, Jun 12, 2012 at 6:39 PM, Kim Bruning k...@bruning.xs4all.nl
  wrote:
   I noticed that my current IPv6 address appears to be assigned
   dynamically by XS4ALL. I can probably get static if I choose it. But
 the
   dynamic assignment option does alleviate some people's privacy
   concerns, right?
 
  One particular concern, which isn't really much different from IPv4.
 
  And in something like 90% of browser configurations, you're already
  giving out a semi-static unique string with every request anyway.
  (see https://panopticlick.eff.org/)
 
  The bigger concern for WMF is the possibility for increased privacy.
 
   ps. We all know that everyone needs to switch to IPv6 eventually.
 
  Unless IPv7 or IPv8 comes out first.
 
  ___
  Wikimedia-l mailing list
  Wikimedia-l@lists.wikimedia.org
  Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
 
 ___
 Wikimedia-l mailing list
 Wikimedia-l@lists.wikimedia.org
 Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l

___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l


Re: [Wikimedia-l] Update on IPv6

2012-06-13 Thread Nathan
On Wed, Jun 13, 2012 at 1:36 PM, FT2 ft2.w...@gmail.com wrote:

 IPv6 is designed to operate on a one IP = one device/connection (non-NAT)
 basis, far more than IPv4.  Privacy policy coversd personally identifiable
 information.  An IP becomes personally identifying when it broadly allows
 a person to be identified.  If IPv4 can be personally identifying then
 IPv6 is guaranteed to be more so, because of its design and intended usage.

 It looks like the switch to making the UserID on public record more
 anonymous for non-logged in users (hashing their IP for example) could
 usefully be brought in, simultaneous with or parallel to IPv6.  As Erik
 says, both are desirable verging on necessary at some point, and the one
 mitigates against the issues of the other.

 It serves a second purpose - a good system providing a more anonymous
 UserID of public record would also mean that IPv4 and IPv6 users would
 have similar names in the public record and block lists, meaning that the
 same tools and interfaces would work equally with both.  This would
 simplify matters for future as well.

 Without second guessing a suitable method, I would like to see unlogged-in
 users represented by a name of the form IP user XXX or Not logged
 in Y or some such; there would be difficulties in that we want similar
 IPs to look similar without providing easy ways to identify the genuine
 underlying IP (eg by noticing other similar 's whose IPs are known).
 It's also going to have implications for vandalism and abuse related
 activities, where it is often helpful that action is easily identified as a
 similar IP.  It would be nice not to lose that sense of similar IP while
 not exposing the genuine IP.

 Choice of method is a technical matter, I'd suggest if we move on both,
 then hopefully IPv6 will mark a step where anonymity improves and is
 available to logged in and not logged in users.   But either way, IPv6 does
 have privacy implications for non-logged in users. IPv4 did too, but
 historically we let it alone and it was less severe. With IPv6 it may not
 be, and action would be much more important.

 FT2


Why is improving anonymity a goal? Our privacy policy governs the
disclosure of non-public information, but the IP addresses of editors
without an account have always been effectively public. Are IP editors
clamoring for more privacy? Is masking IPv6 addresses more important than
the uses to which IP addresses are currently put? Is masking a better way
to solve the problem of potentially more identifiable information in IPv6
than, say, a more prominent disclosure and disclaimer? Would masking the IP
addresses only for logged-out users be a worthwhile change, given the ease
of registering an account? Would they remain masked in the histories of
project dumps? There are a lot of questions to answer here before it's
reasonable to start suggesting changes be made, and these are only some.
___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l


Re: [Wikimedia-l] Update on IPv6

2012-06-13 Thread Risker
On 13 June 2012 14:09, Nathan nawr...@gmail.com wrote:

 snipping FT2's comment



 Why is improving anonymity a goal? Our privacy policy governs the
 disclosure of non-public information, but the IP addresses of editors
 without an account have always been effectively public. Are IP editors
 clamoring for more privacy? Is masking IPv6 addresses more important than
 the uses to which IP addresses are currently put? Is masking a better way
 to solve the problem of potentially more identifiable information in IPv6
 than, say, a more prominent disclosure and disclaimer? Would masking the IP
 addresses only for logged-out users be a worthwhile change, given the ease
 of registering an account? Would they remain masked in the histories of
 project dumps? There are a lot of questions to answer here before it's
 reasonable to start suggesting changes be made, and these are only some.



I believe that FT2 is saying that we should seriously consider masking the
*publicly viewable* IPv6 addresses.  The only reason that we publish the IP
addresses of any logged-out user is for attribution purposes, although some
use it for other reasons (both positive and nefarious).  Quite honestly, it
doesn't matter what information is put in place in the publicly viewable
logs, provided it's consistent.

Risker
___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l


Re: [Wikimedia-l] Update on IPv6

2012-06-13 Thread Nathan
On Wed, Jun 13, 2012 at 2:21 PM, Risker risker...@gmail.com wrote:

 On 13 June 2012 14:09, Nathan nawr...@gmail.com wrote:

 I believe that FT2 is saying that we should seriously consider masking the
 *publicly viewable* IPv6 addresses.  The only reason that we publish the IP
 addresses of any logged-out user is for attribution purposes, although some
 use it for other reasons (both positive and nefarious).  Quite honestly, it
 doesn't matter what information is put in place in the publicly viewable
 logs, provided it's consistent.

 Risker


Sure, that's the assertion, but it leaves unanswered a lot of why
questions. Why should we make publicly viewable attributions less
identifiable than they have been for a decade? Is that step valuable at
all, given the reality that anyone likely to use the IP address for
nefarious reasons would simply register an account?

I think a stable, predictable privacy regime that doesn't discourage users
is a perfectly good goal which Wikimedia has largely achieved. I'm not sure
there is a lot of value in FT2's suggestion from a privacy perspective (it
would make far more sense to make the mask applicable to everyone but CUs
or admins), let alone whether a significantly more anonymous method for
contributing is either necessary or desirable.

~Nathan
___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l


Re: [Wikimedia-l] Update on IPv6

2012-06-13 Thread Brandon Harris

On Jun 13, 2012, at 11:21 AM, Risker wrote:

 I believe that FT2 is saying that we should seriously consider masking the
 *publicly viewable* IPv6 addresses.  The only reason that we publish the IP
 addresses of any logged-out user is for attribution purposes, although some
 use it for other reasons (both positive and nefarious).  Quite honestly, it
 doesn't matter what information is put in place in the publicly viewable
 logs, provided it's consistent.


A couple of weeks ago, Brion Vibber and I started walking through a 
series of thoughts about eliminating publicly viewable IP addresses altogether, 
creating Proto Accounts.  That is, to completely anonymize anonymous users 
(by calling them Anonymous XX) and at the same time creating system 
whereby Anonymous users might be encouraged to become registered users (and 
retain the edits they did anonymously).

This would work by back-loading the account creation process:

1) User makes anonymous edit (as Anonymous 1234).  Edit is 
logged as Anonymous 1234).
2) User is given call-to-action to convert to a registered 
account.
3) User fills out account form (username, password, email) 
(let's call them AwesomeSauce89)
4) Proto account gets renamed to AwesomeSauce89; the edits 
that were under Anonymous 1234 are now listed as being by AwesomeSauce89

I also spoke with Tim Starling about this in Berlin and he agreed that 
it was a good idea.  However, this would be no small feat.  A big part of the 
problems involved in this type of anonymizing involve how we deal with range 
blocks.

Would this be something people might like to see happen?


---
Brandon Harris, Senior Designer, Wikimedia Foundation

Support Free Knowledge: http://wikimediafoundation.org/wiki/Donate


___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l


Re: [Wikimedia-l] Update on IPv6

2012-06-13 Thread FT2
Wikipedia has held since the start, a philosophy that some aspects of
neutral accessible editing are enhanced by pseudonymity.  One only need
look at early policies and current policies to see they started with strong
strict views on this, and retain strong strict views.  Reasons where it
matters are codified in policies themselves - freedom to edit without fear
of social backlash, freedom to edit unpopular views and topics or those
which would be professionally harmful, freedom to edit from places and
regimes where uninhibited authorship would be dangerous, freedom to be
judged by the edits one makes and not the person one is.

Obviously there are negatives too - ease of abuse, reduced ease of
detecting bad behavior, and so on.  None the less over time the view has
stuck, pseudonymity is a cornerstone of the environment we offer users and
that users may rely upon.  In that context, improving pseudonymity is a
valid goal. That an area established 10 years ago has not yet been fully
revised or brought into the 2010-2020 era is not salient. The same could be
said of many Mediawiki functions. Pseudonymity is de facto in the
culture, and part of our multi-branched attempt to facilitate neutral open
editing. It is an area of interest and an area where improvemenet and
advancement are worthwhile to seek. It is odd to rationalize that a user
with an account has safeguards which users without accounts should not
deserve.

Most of the rest of your questiopns are technical - how would this or that
be done?  Those technical questions need technical consideration, but the
basic question is a non technicval one, as is my comment.  This is a
desirable area to dovetail.  How that works and to what extent cost v
benefit means we do some things but accept limitations on others, are
questions that technical people will need to consider.

FT2

On Wed, Jun 13, 2012 at 7:09 PM, Nathan nawr...@gmail.com wrote:

 On Wed, Jun 13, 2012 at 1:36 PM, FT2 ft2.w...@gmail.com wrote:

 (snip)




 Why is improving anonymity a goal? Our privacy policy governs the
 disclosure of non-public information, but the IP addresses of editors
 without an account have always been effectively public. Are IP editors
 clamoring for more privacy? Is masking IPv6 addresses more important than
 the uses to which IP addresses are currently put? Is masking a better way
 to solve the problem of potentially more identifiable information in IPv6
 than, say, a more prominent disclosure and disclaimer? Would masking the IP
 addresses only for logged-out users be a worthwhile change, given the ease
 of registering an account? Would they remain masked in the histories of
 project dumps? There are a lot of questions to answer here before it's
 reasonable to start suggesting changes be made, and these are only some.


___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l


Re: [Wikimedia-l] Update on IPv6

2012-06-13 Thread Nathan
On Wed, Jun 13, 2012 at 2:29 PM, Brandon Harris bhar...@wikimedia.orgwrote:


 On Jun 13, 2012, at 11:21 AM, Risker wrote:

  I believe that FT2 is saying that we should seriously consider masking
 the
  *publicly viewable* IPv6 addresses.  The only reason that we publish the
 IP
  addresses of any logged-out user is for attribution purposes, although
 some
  use it for other reasons (both positive and nefarious).  Quite honestly,
 it
  doesn't matter what information is put in place in the publicly viewable
  logs, provided it's consistent.


 A couple of weeks ago, Brion Vibber and I started walking through
 a series of thoughts about eliminating publicly viewable IP addresses
 altogether, creating Proto Accounts.  That is, to completely anonymize
 anonymous users (by calling them Anonymous XX) and at the same time
 creating system whereby Anonymous users might be encouraged to become
 registered users (and retain the edits they did anonymously).

This would work by back-loading the account creation process:

1) User makes anonymous edit (as Anonymous 1234).  Edit
 is logged as Anonymous 1234).
2) User is given call-to-action to convert to a registered
 account.
3) User fills out account form (username, password, email)
 (let's call them AwesomeSauce89)
4) Proto account gets renamed to AwesomeSauce89; the
 edits that were under Anonymous 1234 are now listed as being by
 AwesomeSauce89

I also spoke with Tim Starling about this in Berlin and he agreed
 that it was a good idea.  However, this would be no small feat.  A big part
 of the problems involved in this type of anonymizing involve how we deal
 with range blocks.

Would this be something people might like to see happen?



In my view, no. I think we need to balance the risk argument for
anonymity (dissidents, whistleblowers, people editing topics they wouldn't
want to be publicly associated with, etc.) with the benefits of partial
anonymity. Among these benefits I'd cite the many news items regarding the
discovery of fishy editing patterns from Congressional offices, corporate
offices, government agencies, political candidates, etc.  We're an
organization with competing aims: we'd like to be as transparent as
possible, and by and large believe in the value of radical transparency,
but we also want to protect our users from undue harm. I think we can
maintain that balance by having a very stable and predictable approach to
privacy, and by being abundantly clear with our disclosures and user
education with respect to privacy. The above approach wipes out any
transparency in favor of complete privacy, without (to my mind)
establishing the particular benefits of that outcome.

~Nathan
___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l


Re: [Wikimedia-l] Update on IPv6

2012-06-13 Thread Nathan
On Wed, Jun 13, 2012 at 3:18 PM, Risker risker...@gmail.com wrote:


 The original Wikipedia platform (lo those long years ago) published only
 partial IP addresses.  Today, significantly less transparency seems to
 mean create an acccount to many people. However, that is antithetical to
 the anyone can edit principle on which our projects are based.  Anyone
 can edit, as long as they don't mind that everyone in the world will know
 where they're from, what ISP they use, and possibly even the physical
 location from which they are editing and what equipment they're using to do
 so,  unless they create an account is what it has become.


I'm not sure I understand how create an account is antithetical to
anyone can edit. Are you saying there is some bar to creating an account
that prevents some people from editing? People can choose to use an account
name or choose to edit from an IP address. You're suggesting making account
names mandatory and dynamic, I'm not seeing how that is a necessary
outgrowth of anyone can edit.



 We want the edits. We don't need to know the rest, and never have. If we
 needed to know that information, we would have decided not to permit
 account-based editing in the first place.  There's no template at the
 bottom of the talk pages of editors with accounts that allows
 identification and geolocation of their IP.  If it's useful for logged-out
 editors, it is just as useful for logged-in ones, according to the
 transparency logic.


Sure - the same principle that makes IP information useful for transparency
purposes works as well on IP editors as it does on account holders. But
account holders have chosen to restrict access to that information, and IP
editors have not. A better solution to mandating automatically assigned
account names is to provide reasonable education and disclosure (say, a
pop-up on first edit or something else fairly prominent) to people editing
without an account. That way we let users judge privacy for themselves, and
preserve the usefulness of IP data when a user chooses to disclose it.

Risker wrote:

I am struggling to think of any other website of any nature that I have
ever visited that publicly identifies editors/posters by their IP address,
except for a few other wikis.  I've seen unregistered user before, and
similar nomenclature. Can anyone think of another site (regardless of
purpose) that links the editor/poster publicly to their full IP address?

IP address, no. Facebook profile (which is, as for most people, under my
real name)? Sure. Even so, a comparison between Wikimedia and Google or the
NY Times or Facebook or Gawker etc. fails because it does not recognize the
many philosophical and practical differences between those sites and a
Wikimedia project.
___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l


Re: [Wikimedia-l] Update on IPv6

2012-06-13 Thread Nathan
On Wed, Jun 13, 2012 at 3:49 PM, Risker risker...@gmail.com wrote:


 Nathan, I'm still trying to come up with *any* site that permits
 unregistered users to post but also publishes their full IP address.  Can
 you think of any at all?  Let's not limit it to the big guys, let's really
 think this through and explore what is going on outside of our own
 bailiwick.  Just because we've done things for a long time doesn't mean we
 shouldn't improve ourselves.


Well, there are many sites (my local newspaper for instance) that permit
users with no site-specific registration to comment, but only using a
Facebook profile. Assuming the commenter is following Facebook's account
policies, that is at least as revealing as an IP address.

And we can just as easily look at it from the other direction - are there
really other sites out there like Wikipedia, with our mix of mission and
global impact for a user-generated product? I think Wikipedia is unique in
many ways, and I believe that renders the comparison you're attempting to
make not useful. And finally, you take for granted a principle that I have
challenged - mandating complete anonymity for all users (other than those
who edit using a real name) is not, in my view, the same as improv[ing]
ourselves.

I'd like to get other opinions on this, so I'm going to hold off on posting
again in this thread... at least for as long as I can stand it :-P

~Nathan
___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l


Re: [Wikimedia-l] Update on IPv6

2012-06-12 Thread Kim Bruning
On Fri, Jun 01, 2012 at 11:12:58PM +0200, Erik Moeller wrote:
 Hi all,
 
 We're planning to do limited production testing of IPv6 during the
 Berlin Hackathon 2012 (June 2-3). Provided that the number of issues
 we encounter are manageable, we may fully enable IPv6 on IPv6 day, and
 keep it enabled.


What with XS4ALL (my ISP) now also offering IPv6 out-of-the-box, there's 
at least one extra IPv6 anon on en.wp. ;-)


I noticed that my current IPv6 address appears to be assigned
dynamically by XS4ALL. I can probably get static if I choose it. But the
dynamic assignment option does alleviate some people's privacy
concerns, right?

sincerely,
Kim Bruning


ps. We all know that everyone needs to switch to IPv6 eventually.
Don't be surprised when people in your neighborhood decide to do
so, with or without additional warning.

___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l


Re: [Wikimedia-l] Update on IPv6

2012-06-04 Thread Erik Moeller
Hi folks,

Mark Bergsma just shared the following recap with me, for those who
are interested in the details of what happened at the hackathon and
next steps. tl;dr: If all goes well we'll be ready to launch full
production deployment on Wednesday, starting around 10AM UTC
(MediaWiki engineers will be working closely with the ops team
Wednesday to monitor bugs/issues).

Keep an eye on the server admin log and the puppet repo if you want to
know what's going on in full detail:

http://wikitech.wikimedia.org/view/Server_admin_log
https://gerrit.wikimedia.org/r/#/q/status:merged+project:operations/puppet,n,z

Erik

- - -

The last few days we've worked on getting the software ready (mainly
PyBal/LVS) as well as Puppet support for provisioning of IPv6
addresses to servers and configuration changes for IPv6 connectivity.
That's now 90% done. What remains is mostly to actually roll this out
for all services in all data centers, which we will be doing tomorrow.
Besides that, we have a few would be nice to haves left to do, such
as having our own 6to4 and miredo relays.

I just got the first LVS service running with IPv6, and am now
browsing upload.wikimedia.org over IPv6 (local /etc/hosts entry of
course, not in DNS yet). ipv6 support for LVS in Ubuntu Precise was
the last major uncertain factor on the infrastructure side; besides a
few quick tests in labs we had not really tested this yet in our
production setup. Fortunately, it appears to be working fine. Tomorrow
the remaining (inactive) LVS balancers will be reinstalled with
Precise and made IPv6-ready to support all other services, while the
currently active IPv4 balancers will keep their current setup for some
time to come - so we won't hit any surprises on IPv4 at least.

But, we haven't done any production tests with MediaWiki yet. We can
do some dark testing and actual edits tomorrow. Assuming we see no
surprises there, we can enable it for the all wikis and the general
public on Wednesday.

To conclude, we're on track on the infrastructure side. It is tight,
though. Assuming the MediaWiki side has no unwelcome surprises for us,
I expect to be able to make it.

--
Erik Möller
VP of Engineering and Product Development, Wikimedia Foundation

Support Free Knowledge: https://wikimediafoundation.org/wiki/Donate

___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l


Re: [Wikimedia-l] Update on IPv6

2012-06-03 Thread George Herbert




On Jun 2, 2012, at 6:13, Anthony wikim...@inbox.org wrote:

 On Sat, Jun 2, 2012 at 8:49 AM, Thomas Dalton thomas.dal...@gmail.com wrote:
 On 2 June 2012 13:44, Anthony wikim...@inbox.org wrote:
 On Fri, Jun 1, 2012 at 7:27 PM, John Du Hart compwhi...@gmail.com wrote:
 What personal information do you think is contained in an IPv6 address?
 
 Don't they sometimes contain MAC address information?
 
 I don't know, but I wouldn't consider my MAC address to be personal
 information... you might be able to work out what brand of computer
 I'm using, but I can live with that.
 
 I'm not sure what you're defining personal information as, then.
 
 Is your vehicle's VIN personal information?

It becomes a global unique publicly visible identifier if you always use the 
same connect method (wireless, ethernet) and don't enable privacy extensions.

In WMF relevant senses, unaware abusers with multiple ISPs become easier to 
find.  And privacy is different, because many end users are IDed that way.  But 
the implications of that are unclear.  Someone being outed to an employer or 
government by MAC?  ...


George William Herbert
Sent from my iPhone
___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l


Re: [Wikimedia-l] Update on IPv6

2012-06-03 Thread George Herbert




On Jun 2, 2012, at 1:05, Tim Starling tstarl...@wikimedia.org wrote:

 On 02/06/12 05:04, Hersfold wrote:
 I'm very concerned that this is what's going to happen with the IPv6
 change - something major is going to fail, and the wiki will become
 inaccessible, or some major security feature (blocking or protection,
 for example) will be rendered inoperable, leaving the wikis vulnerable
 to attack from all fronts. The latter situation seems to be more
 likely based on past issues, and unfortunately more problematic; once
 these issues get noted, it'll take only minutes for /b/, GNAA, and a
 long list of other vandals to figure it out and launch a full-scale
 attack that'll take weeks to clean up.
 
 We could just allow blocking of arbitrarily large IPv6 ranges. Then if
 there is some emergency, you can just block everyone who is using IPv6
 from editing. The collateral damage would be smaller than the IPv4 /16
 blocks which admins apply routinely.
 
 -- Tim Starling

Routinely is a little strong.  Admins should be taking due care regarding 
collateral damage for /16s...

But, it is done.


George William Herbert
Sent from my iPhone
___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l


Re: [Wikimedia-l] Update on IPv6

2012-06-02 Thread MZMcBride
John Du Hart wrote:
 On Fri, Jun 1, 2012 at 7:08 PM, Risker risker...@gmail.com wrote:
 Erik, what time is this scheduled to go live?  And on which projects?
 Please be specific here.
 
 I am gravely concerned about the privacy issues that are attached to IPv6
 IP addresses, as they are in many cases almost personally identifying
 information, something that is not permitted to be released under our
 privacy policy.  Have arrangements been made to hash these IP addresses to
 prevent them from being publicly available?
 
 What personal information do you think is contained in an IPv6 address?

I wondered what Risker was referring to as well, so I looked up IPv6 +
privacy: https://en.wikipedia.org/wiki/IPv6#Privacy.

After reading that section, it's still unclear to me whether IPv6 is
significantly more privacy invasive than IPv4.

MZMcBride



___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l


Re: [Wikimedia-l] Update on IPv6

2012-06-02 Thread Tim Starling
On 02/06/12 05:04, Hersfold wrote:
 I'm very concerned that this is what's going to happen with the IPv6
 change - something major is going to fail, and the wiki will become
 inaccessible, or some major security feature (blocking or protection,
 for example) will be rendered inoperable, leaving the wikis vulnerable
 to attack from all fronts. The latter situation seems to be more
 likely based on past issues, and unfortunately more problematic; once
 these issues get noted, it'll take only minutes for /b/, GNAA, and a
 long list of other vandals to figure it out and launch a full-scale
 attack that'll take weeks to clean up.

We could just allow blocking of arbitrarily large IPv6 ranges. Then if
there is some emergency, you can just block everyone who is using IPv6
from editing. The collateral damage would be smaller than the IPv4 /16
blocks which admins apply routinely.

-- Tim Starling


___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l


Re: [Wikimedia-l] Update on IPv6

2012-06-02 Thread Erik Moeller
Hi Risker et al,

a few important points:
* IPv6 adoption is still below 1% globally [1].
* It's likely that we'll encounter network-level issues well before we
hit application-level issues during limited production testing.
* In the event that we manage to resolve all issues, it's likely that
we'll only see very limited use/abuse of IPv6 addresses and that we'll
have plenty of time to adjust procedures and documentation.
* We can abort this fairly easily, or as Tim suggests, employ global
blocks of IPv6 addresses to manage abuse.

As noted, the plan is to engage in limited production testing this
weekend, with possible full deployment by IPv6 Day (Wednesday). I
should also note that the degree to which all the complex network and
software interactions of a deployment like this can be tested without
actually changing or affecting production operations is limited. We're
going to be debugging issues in real-time.

I appreciate that this is very short notice for lots of people and
apologize for that; thanks to Tilman for helping with the global
notice dissemination. There's pretty good likelihood that aside from
maybe some brief service interruptions, the user impact is going to be
close to nil, either due to an abort early on, or due to very limited
IPv6 usage.

Moving towards full IPv6 support is part of our responsibility as a
good Internet citizen, and this has been in the works for a long time.
It's never been an option not to do this as IPv4 addresses are being
exhausted.

Regarding privacy, both IPv4 and IPv6 addresses can be dangerously
revealing in terms of personal identity (e.g. some ISPs even tie
street address information to your IPv4 address). It's always been
fundamentally problematic that MediaWiki reveals this information
nakedly, and it's what enabled past large-scale investigations like
WikiScanner, for good and for ill. In the mid to long term, I believe
we need to investigate moving away from full disclosure of IP
addresses when editing without logging in, but this is independent of
IPv4/IPv6.

All best,
Erik

[1] https://www.google.com/intl/en/ipv6/statistics/

-- 
Erik Möller
VP of Engineering and Product Development, Wikimedia Foundation

Support Free Knowledge: https://wikimediafoundation.org/wiki/Donate

___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l


Re: [Wikimedia-l] Update on IPv6

2012-06-02 Thread Anthony
On Sat, Jun 2, 2012 at 8:49 AM, Thomas Dalton thomas.dal...@gmail.com wrote:
 On 2 June 2012 13:44, Anthony wikim...@inbox.org wrote:
 On Fri, Jun 1, 2012 at 7:27 PM, John Du Hart compwhi...@gmail.com wrote:
 What personal information do you think is contained in an IPv6 address?

 Don't they sometimes contain MAC address information?

 I don't know, but I wouldn't consider my MAC address to be personal
 information... you might be able to work out what brand of computer
 I'm using, but I can live with that.

I'm not sure what you're defining personal information as, then.

Is your vehicle's VIN personal information?

___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l


Re: [Wikimedia-l] Update on IPv6

2012-06-02 Thread Leslie Carr
On Sat, Jun 2, 2012 at 6:13 AM, Anthony wikim...@inbox.org wrote:
 On Sat, Jun 2, 2012 at 8:49 AM, Thomas Dalton thomas.dal...@gmail.com wrote:
 On 2 June 2012 13:44, Anthony wikim...@inbox.org wrote:
 On Fri, Jun 1, 2012 at 7:27 PM, John Du Hart compwhi...@gmail.com wrote:
 What personal information do you think is contained in an IPv6 address?

 Don't they sometimes contain MAC address information?

 I don't know, but I wouldn't consider my MAC address to be personal
 information... you might be able to work out what brand of computer
 I'm using, but I can live with that.

I think that having a problem with the implementation of IPv6 is about
10 years too late now ;) The IPv4 space is being exhausted, and we're
going to soon run into the opposite problem that IPv4 addresses will
be not identifiable enough as ISP's use NAT.

If someone cares about their mac address information, they can use
privacy extensions - http://en.wikipedia.org/wiki/Ipv6#Privacy .
Considering that in the vast, vast majority of the consumer (versus
production) world, you have to purposefully enable IPv6 (usually with
some sort of tunneling), and that these are turned on in most
operating systems by default, mac addressing is starting to only
become applicable in production environments.

Leslie

-- 
Leslie Carr
Wikimedia Foundation
AS 14907, 43821
http://as14907.peeringdb.com/

___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l


Re: [Wikimedia-l] Update on IPv6

2012-06-02 Thread Birgitte_sb




On Jun 2, 2012, at 5:06 AM, Erik Moeller e...@wikimedia.org wrote:

 
 
 
 Moving towards full IPv6 support is part of our responsibility as a
 good Internet citizen, and this has been in the works for a long time.
 It's never been an option not to do this as IPv4 addresses are being
 exhausted.
 
 

This is the relavent point.  For what it is worth I, who am less inclined to 
follow technical discussions than other kinds, remember that there was enough 
talk about approaching IPv6 day last year to feel it was settled that WMF was 
unprepared to participate at that time would make it happen in 2012.  It was 
either here or on wikitech-l.

I am not sure how someone who has strong opinions on the subject would be left 
unable to follow this when I followed with no such interest.  Moe importantly, 
I don't understand what exactly the objectors see as a better option.  No one 
will fix the scripts until they are broken, it is just the nature of the beast. 
 It seems the whole point of IPv6 day is that no one is very confident about 
level of breakage of things with IPv6 and no one will be able to gain this 
confidence until a significant number of sites turn it on and there is not 
another choice on the matter. Objecting to turning on IPv6 because things will 
break does not seem to be very informed. This is the point. If anyone doesn't 
trust that WMF will only make a day of it if the breakage is unmanageable, then 
they've bigger issues than IPv6.  And even still, the sun will rise and we will 
have a few less IPv4 addresses everyday; there are much better battles to pick.

Birgitte SB
___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l


Re: [Wikimedia-l] Update on IPv6

2012-06-02 Thread Kat Walsh
On Fri, Jun 1, 2012 at 5:12 PM, Erik Moeller e...@wikimedia.org wrote:
 Hi all,

 June 6, 2012 is IPv6 Day ( http://www.worldipv6day.org/ ). The goal of
 this global event is to move more ISPs, equipment manufacturers and
 web services to permanent adoption of IPv6.

 We're planning to do limited production testing of IPv6 during the
 Berlin Hackathon 2012 (June 2-3). Provided that the number of issues
 we encounter are manageable, we may fully enable IPv6 on IPv6 day, and
 keep it enabled.

Thanks Erik and all who are working on this! It's important work and
I'm glad to see us joining the community of sites and organizations
who are prepared for this necessity.

(Acknowledging the potential issues others have mentioned, I'm also
glad to see it while there are still few users who will be using IPv6,
so the problems that arise will be much smaller than they would be in
the future.)

Cheers,
Kat

-- 
Your donations keep Wikipedia free: https://wikimediafoundation.org/wiki/Donate
Web: http://www.mindspillage.org Email: k...@wikimedia.org, 
k...@mindspillage.org
(G)AIM, Freenode, gchat, identi.ca, twitter, various social sites: mindspillage

___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l


Re: [Wikimedia-l] Update on IPv6

2012-06-01 Thread Erik Moeller
On Fri, Jun 1, 2012 at 11:20 PM, Huib Laurens sterke...@gmail.com wrote:

 In our case here we give away /48 IPV6 to users by default. So I'm
 wondering, when a IP vandalize Wikipedia or any other project and a block
 will be placed, how is this done?

 Will the block just hit the IP or will it block a complete range to start
 with?

My understanding is that it currently doesn't apply a range by
default, so it would just hit the specific IP unless you apply a CIDR
suffix like /48 or /64. This is discussed in more detail here:

https://bugzilla.wikimedia.org/show_bug.cgi?id=24294
-- 
Erik Möller
VP of Engineering and Product Development, Wikimedia Foundation

Support Free Knowledge: https://wikimediafoundation.org/wiki/Donate

___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l


Re: [Wikimedia-l] Update on IPv6

2012-06-01 Thread Risker
On 1 June 2012 17:12, Erik Moeller e...@wikimedia.org wrote:

 Hi all,

 June 6, 2012 is IPv6 Day ( http://www.worldipv6day.org/ ). The goal of
 this global event is to move more ISPs, equipment manufacturers and
 web services to permanent adoption of IPv6.

 We're planning to do limited production testing of IPv6 during the
 Berlin Hackathon 2012 (June 2-3). Provided that the number of issues
 we encounter are manageable, we may fully enable IPv6 on IPv6 day, and
 keep it enabled.

 MediaWiki has been used with IPv6 by third party wikis for some time.
 Wikimedia uses a set of additional features (GlobalBlocking,
 CheckUser, etc.) which weren't fully IPv6-ready until recently. In
 addition, we're working to ensure that all of Wikimedia's various
 services (mailing lists, blogs, etc.) are IPv6-ready.

 == What's the user impact going to be? ==

 At least in the June 2-3, 2012 time window, you may see a small number
 of edits from IPv6 addresses, which are in the form
 2001:0db8:85a3:::8a2e:0370:7334. See [[w:IPv6 address]].

 These addresses should behave as any other IP adress would: You can
 leave messages on their talk pages; you can track their contributions;
 you can block them. CIDR notation is supported for rangeblocks.

 An important note about blocking: A single user may have access to a
 much larger number of addresses than in the IPv4 model. This means
 that range blocks (e.g. address with /64) have to be applied in more
 cases to prevent abuse by more sophisticated users.

 In the mid term, user scripts and tools that use simple regular
 expressions to match IPv4 addresses will need to be adapted for IPv6
 support to behave correctly. We suspect that IPv6 usage is going to be
 very low initially, meaning that abuse should be manageable, and we
 will assist in the monitoring of the situation.

 User:Jasper Deng is maintaining a comprehensive analysis of the long
 term implications of the IPv6 migration here:
 https://en.wikipedia.org/wiki/User:Jasper_Deng/IPv6

 We've set up a test wiki where you can see IPv6 IP addresses. This
 works by assigning you a fake IPv6 address the moment you visit the
 wiki, and allows you to see the behavior of various tools with the new
 address format:
 http://ipv6test.wmflabs.org/wiki/index.php/Main_Page

 The best way to report issues is to register them in Bugzilla and to
 ensure that they are marked as blockers for the IPv6 tracking bug:
 https://bugzilla.wikimedia.org/show_bug.cgi?id=35540

 We'll post updates to wikitech-l and elsewhere as appropriate.

 All best,
 Erik



Erik, as I am sure has been conveyed to you, some very serious concerns
have been identified with respect to this from the checkuser corps (and I
mean  the global level, not just one or two projects).  In particular, the
lack of notification, the inability to suddenly redevelop hundreds of tools
and scripts that are not IPv6-friendly, and the fact that there is
significant uncertainty as to exactly how various standard tools such as
CheckUser and Block actually will work, all mitigate against a full,
WMF-wide implementation, even for the short term.

I would very strongly urge two things:

1) Get the global notice up and running now.  Mailing lists reach less than
0.05% of regular users.

2) Consider implementation on only a small segment of projects, preferably
ones that have a small but active Checkuser/Admin team who is interested in
participating in this experiment.

Frankly, I do not believe that many of the aspects of this proposed
implementation have been considered; in particular, there are pretty
significant privacy issues that have not been discussed or addressed.  When
one is giving a Bugzilla link to illustrate that something has been
discussed, it demonstrates pretty soundly that probably no more than 40
users (out of tens of thousands) have any knowledge whatsoever about the
proposal.

Let's try to find some middle ground here, okay?

Risker/Anne
___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l


Re: [Wikimedia-l] Update on IPv6

2012-06-01 Thread David Gerard
On 2 June 2012 00:08, Risker risker...@gmail.com wrote:

Fully enabling IPv6 has been coming a *long* time - over a year, with
months of planning and work before even that - as Erik's first message
in this thread notes, and it was hardly a secret. Your objections may
be entirely too late - it is vanishingly unlikely that two years'
effort will suddenly be thrown away. Were you literally unaware until
now that this was in the works?


- d.

___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l


Re: [Wikimedia-l] Update on IPv6

2012-06-01 Thread Risker
Indeed, a long time. Discussed on Mediawiki and bugzilla; it's not even
discussed on Wikitech-L.  Neither of which 99.9% of users, including
many volunteer developers, have time to follow.  This is not just a
technical change, it's a cultural one.

I've long stood up for the Engineering Department when it is making changes
that have only minor effects on the public face of the project; I know that
sometimes users can be hyperactive about minor points.  But this isn't a
minor point.  I'd compare it to Vector - something that there was longterm,
active communication about throughout its development cycle, with lots of
outreach to volunteer developers and to the community, and opportunities to
test things out.

I can't stand up for them this time, though. It's not even discussed well
on Mediawiki, and is mostly in passing on the Roadmap.[1]  And the few
community-based questions that have come up, specifically on Erik's meta
userpage, have not been given the courtesy of a reply.

Risker




[1] http://www.mediawiki.org/wiki/Roadmap

On 1 June 2012 19:35, David Gerard dger...@gmail.com wrote:

 On 2 June 2012 00:08, Risker risker...@gmail.com wrote:

 Fully enabling IPv6 has been coming a *long* time - over a year, with
 months of planning and work before even that - as Erik's first message
 in this thread notes, and it was hardly a secret. Your objections may
 be entirely too late - it is vanishingly unlikely that two years'
 effort will suddenly be thrown away. Were you literally unaware until
 now that this was in the works?


 - d.

 ___
 Wikimedia-l mailing list
 Wikimedia-l@lists.wikimedia.org
 Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l

___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l


Re: [Wikimedia-l] Update on IPv6

2012-06-01 Thread Risker
I've got about 18 months worth of Wikitech-L in my archives, and there are
two threads that talk about IPv6; one from March, that didn't provide a lot
of information, and this one. There may be others, but they're not popping
up on my search.

Forgive me for failing to read this week's signpost from cover to cover
yet; it refers to the previous coverage from June 2011, and quotes Erik
Moeller from some unknown and unspecified source.  I don't know where he
told the community that. Do you?

Risker

On 1 June 2012 20:10, John phoenixoverr...@gmail.com wrote:

 Wow Risker, you obviously don't read any mailing lists/ blogs or sign
 posts. I just did a quick search of my email records for wiki tech and ipv6
 the first result that I see is from July 2007. Almost 5 years ago, I also
 remember a big push last year about this same time for ipv6.

 On Friday, June 1, 2012, Risker wrote:

  Indeed, a long time. Discussed on Mediawiki and bugzilla; it's not even
  discussed on Wikitech-L.  Neither of which 99.9% of users, including
  many volunteer developers, have time to follow.  This is not just a
  technical change, it's a cultural one.
 
  I've long stood up for the Engineering Department when it is making
 changes
  that have only minor effects on the public face of the project; I know
 that
  sometimes users can be hyperactive about minor points.  But this isn't a
  minor point.  I'd compare it to Vector - something that there was
 longterm,
  active communication about throughout its development cycle, with lots of
  outreach to volunteer developers and to the community, and opportunities
 to
  test things out.
 
  I can't stand up for them this time, though. It's not even discussed well
  on Mediawiki, and is mostly in passing on the Roadmap.[1]  And the few
  community-based questions that have come up, specifically on Erik's meta
  userpage, have not been given the courtesy of a reply.
 
  Risker
 
 
 
 
  [1] http://www.mediawiki.org/wiki/Roadmap
 
  On 1 June 2012 19:35, David Gerard dger...@gmail.com javascript:;
  wrote:
 
   On 2 June 2012 00:08, Risker risker...@gmail.com javascript:;
 wrote:
  
   Fully enabling IPv6 has been coming a *long* time - over a year, with
   months of planning and work before even that - as Erik's first message
   in this thread notes, and it was hardly a secret. Your objections may
   be entirely too late - it is vanishingly unlikely that two years'
   effort will suddenly be thrown away. Were you literally unaware until
   now that this was in the works?
  
  
   - d.
  
   ___
   Wikimedia-l mailing list
   Wikimedia-l@lists.wikimedia.org javascript:;
   Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
  
  ___
  Wikimedia-l mailing list
  Wikimedia-l@lists.wikimedia.org javascript:;
  Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
 
 ___
 Wikimedia-l mailing list
 Wikimedia-l@lists.wikimedia.org
 Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l

___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l


Re: [Wikimedia-l] Update on IPv6

2012-06-01 Thread Hersfold
Sorry if I'm veering off on a tangent or repeating things here, I only 
just got added to this list a short while ago but was asked to convey my 
concerns here.


While this has been discussed for some time, it seems as though the 
announcement that this is getting turned on was only made just recently; 
the coverage on January 16th John refers to doesn't seem to mention when 
this was going to be deployed, and I don't recall any mention on-wiki of 
IPv6 since then. For such a potentially major change, five day's notice 
is simply not enough for the entire community to digest. As it is, I 
still don't see any mention of this change on en.wiki's Technical or 
Miscellaneous Village Pump, nor either Administrator's Noticeboard, the 
common announcement locations for such changes.


My second, and more pressing concern, is how well this will work. 
Speaking quite frankly, the development team has a bit of a bad habit of 
deploying something on Labs or the test wiki or whatever, deciding it 
works, and then deploying it straight to Wikipedia and the other public 
WMF sites. Unfortunately when they do so, hell breaks loose because all 
sorts of problems crop up - bugs that didn't crop up because the test 
wiki receives far less traffic than Wikipedia, issues with the interface 
that weren't addressed now cause problems because the users of Wikipedia 
don't use the test wiki, and it takes weeks for the issues to get fixed 
and/or for the community to adjust to the changes. Considering the 
traffic Wikipedia receives (it's the 5th most popular website in the 
world, after all), it seems remarkably inappropriate to treat it as a 
beta testing ground.


I'm very concerned that this is what's going to happen with the IPv6 
change - something major is going to fail, and the wiki will become 
inaccessible, or some major security feature (blocking or protection, 
for example) will be rendered inoperable, leaving the wikis vulnerable 
to attack from all fronts. The latter situation seems to be more likely 
based on past issues, and unfortunately more problematic; once these 
issues get noted, it'll take only minutes for /b/, GNAA, and a long list 
of other vandals to figure it out and launch a full-scale attack that'll 
take weeks to clean up.


Can we receive some sort of assurance from the development team that the 
IPv6 system has been fully stress-tested, at a level comparable to what 
Wikipedia and the other wikis may face, and that all extensions used by 
the wikis were part of this test? If such an assurance cannot be made 
before June 6th, can the deployment of this update be delayed until that 
testing can be completed? For such a major website, I feel that 
consistent operation is more important than adhering to the latest 
standards.



User:Hersfold
hersfoldw...@gmail.com


On 6/1/2012 9:17 PM, George Herbert wrote:

I've been a little busy this spring, but I am interested in the IPv6
transition (at work, too) and missed this here as well.

I don't object as Anne is here, but I'm not doing the work she's doing
on project either.


-george

On Fri, Jun 1, 2012 at 5:35 PM, Johnphoenixoverr...@gmail.com  wrote:

Multiple sign posts January 17 this year. There was also a May 2011
foundation announcement along with countless other notes

On Friday, June 1, 2012, Risker wrote:


I've got about 18 months worth of Wikitech-L in my archives, and there are
two threads that talk about IPv6; one from March, that didn't provide a lot
of information, and this one. There may be others, but they're not popping
up on my search.

Forgive me for failing to read this week's signpost from cover to cover
yet; it refers to the previous coverage from June 2011, and quotes Erik
Moeller from some unknown and unspecified source.  I don't know where he
told the community that. Do you?

Risker

On 1 June 2012 20:10, Johnphoenixoverr...@gmail.comjavascript:;
wrote:


Wow Risker, you obviously don't read any mailing lists/ blogs or sign
posts. I just did a quick search of my email records for wiki tech and

ipv6

the first result that I see is from July 2007. Almost 5 years ago, I also
remember a big push last year about this same time for ipv6.

On Friday, June 1, 2012, Risker wrote:


Indeed, a long time. Discussed on Mediawiki and bugzilla; it's not even
discussed on Wikitech-L.  Neither of which 99.9% of users,

including

many volunteer developers, have time to follow.  This is not just a
technical change, it's a cultural one.

I've long stood up for the Engineering Department when it is making

changes

that have only minor effects on the public face of the project; I know

that

sometimes users can be hyperactive about minor points.  But this isn't

a

minor point.  I'd compare it to Vector - something that there was

longterm,

active communication about throughout its development cycle, with lots

of

outreach to volunteer developers and to the community, and

opportunities

to

test things out.

I can't stand up for them