https://bugzilla.wikimedia.org/show_bug.cgi?id=39676
Krinkle <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #6 from Krinkle <[email protected]> 2012-08-27 20:55:45 UTC --- (In reply to comment #4) > (In reply to comment #3) > > I know evey page of each wiki project support https. So why not enforce > > using > > https in Wiki? It's much safer and more convenient (especially for some > > environment with sensorship). > No, this has to be a user choice. Please consider > http://www-uxsup.csx.cam.ac.uk/~jw35/courses/using_https/html/x183.htm Yes it has to be a choice, but that document is probably not relevant. Lets see the 4 points: * 1) Browsers: Though, they'll have to figure it out because the web is moving on. Many services (including GMail, Twitter and Facebook) are already on HTTPS by default. And some don't even (want to) provide a way to disable that. All they serve over HTTP is a redirect. * 2) Certificates: Not relevant, we already have them and we'd keep them regardless, for people that would opt-in. And allowing the option to use HTTPS is much more important than having the option to not use HTTPS. Though we will probably allow both, no reason not to allow HTTP * 3) Firewalls: Again, though. The web is moving on. Many services (think: Bank websites, PayPal etc.) are already HTTPS only. Natural selection will take place and people will use services that aren't in the last century. This is inevitable. * 4) Server encryption overhead: This used to be a problem, but I think the big boys have proven years ago that HTTPS can be efficient as well. If anything, it is a server side issue we'll have to take care of. But I think this is no longer a problem. At some point we will make HTTPS a default on wmf-wikis, so users that didn't choose for HTTPS will get it. However keeping a user preference to opt out after it has become the default is easy to implement. Sure, if some people (whatever the reason) don't want HTTPS, no point in forcing it :) -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
