https://bugzilla.wikimedia.org/show_bug.cgi?id=47832
--- Comment #26 from James Alexander <[email protected]> --- (In reply to comment #24) > An idea for dealing with China and other cases where HTTPS is blocked - could > there be an 'http://insecure.wikipedia.org'? The inverse of the situation we > had with 'https://secure.wikipedia.org'. At least the domain name advertises > the problem to the user. > > This is far less slick than a geolocated redirect, but in situations where > HTTPS is blocked, I don't see any way to preserve usability and security at > the > same time. > > As far as I know, if HTTPS is blocked, we can't redirect them to HTTP, > because > they won't even reach our server. We could only 'upgrade', by redirecting > from > HTTP to HTTPS. But by then it's too late; the article they've requested was > captured by intermediaries. > > Maybe with 'insecure.wikipedia.org', savvy users in places like China would > learn the trick, or use browser extensions to fix links. Presumably it would > be > the 'HTTP Everywhere' extension. I somewhat like this concept for the advertising part too. We want to make sure that those who are unable to use https (ESPECIALLY if that's because of government interference like china) are able to use the site but we also should (in my mind) make sure that they KNOW they are unable to use it like normal and that their use is less secure because those users are often the catalyst for change. If we had more time I'd say we should strive for a geolocated test in Hong Kong during Wikimania though I imagine even the suggestion of that makes ops shudder :). -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
