https://bugzilla.wikimedia.org/show_bug.cgi?id=47832
Bawolff (Brian Wolff) <bawolff...@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |bawolff...@gmail.com --- Comment #9 from Bawolff (Brian Wolff) <bawolff...@gmail.com> --- I know this is politically charged, but what's the security goal for forcing anons to use SSL. Stop government from eavesdropping on the communication that they could just as easily get from reading Special:Recentchanges? Stop government from figuring out which articles somebody is reading? Well that's a goal I support, will SSL actually stop that? Assuming government can monitor the encrypted traffic going down the wire, they should be able to see how much traffic has been transferred. I imagine this somewhat uniquely identifies an article, especially when you consider images. OTOH, I suppose it makes figuring out which article they are reading more difficult, and you can't just snoop for keywords. OTOH SSL everywhere all the time certainly couldn't hurt. But that's a long process. Step 1 sounds like a reasonable starting point. [Not a security expert. Let me know if I said anything stupid and wrong :)] -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l