Great job. :) Thanks for informing [PS. to members, you may read the WP:VPT <https://en.wikipedia.org/wiki/Wikipedia:Village_pump_%28technical%29#HTTPS_by_default> discussion too]
On 13 June 2015 at 03:05, Habib M'henni <habib.mhe...@gmail.com> wrote: > This is really fantastic. > > Thanks, > > Habib > > Le 12 juin 2015 21:22:26 CET, Juliet Barbara <jbarb...@wikimedia.org> a > écrit : > >The Wikimedia Foundation is pleased to announce that we have begun the > >transition of the Wikimedia projects and sites to the secure HTTPS > >protocol. You may have seen our blog post from this morning; it has > >also > >been posted to relevant Village Pumps (Technical). > > > >This post is available online here: > > > https://blog.wikimedia.org/2015/06/12/securing-wikimedia-sites-with-https/ > > > >Securing access to Wikimedia sites with HTTPS > > > >BY YANA WELINDER <https://blog.wikimedia.org/author/ywelinder/>, > >VICTORIA > >BARANETSKY <https://blog.wikimedia.org/author/victoria-baranetsky/> AND > >BRANDON > >BLACK <https://blog.wikimedia.org/author/brandon-black/> ON JUNE 12TH > > > > > >To be truly free, access to knowledge must be secure and uncensored. At > >the > >Wikimedia Foundation, we believe that you should be able to use > >Wikipedia > >and the Wikimedia sites without sacrificing privacy or safety. > > > >Today, we’re happy to announce that we are in the process of > >implementing > >HTTPS <https://en.wikipedia.org/wiki/HTTPS> to encrypt all Wikimedia > >traffic. We will also use HTTP Strict Transport Security > ><https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security> (HSTS) > >to > >protect against efforts to ‘break’ HTTPS and intercept traffic. With > >this > >change, the nearly half a billion people who rely on Wikipedia and its > >sister projects every month will be able to share in the world’s > >knowledge > >more securely. > > > >The HTTPS protocol creates an encrypted connection between your > >computer > >and Wikimedia sites to ensure the security and integrity of data you > >transmit. Encryption makes it more difficult for governments and other > >third parties to monitor your traffic. It also makes it harder for > >Internet > >Service Providers (ISPs) to censor access to specific Wikipedia > >articles > >and other information. > > > >HTTPS is not new to Wikimedia sites. Since 2011, we have been working > >on > >establishing the infrastructure and technical requirements, and > >understanding the policy and community implications of HTTPS for all > >Wikimedia traffic, with the ultimate goal of making it available to all > >users. In fact, for the past four years > >< > https://blog.wikimedia.org/2011/10/03/native-https-support-enabled-for-all-wikimedia-foundation-wikis/ > >, > >Wikimedia users could access our sites with HTTPS manually, through > >HTTPS > >Everywhere <https://www.eff.org/https-everywhere>, and when directed to > >our > >sites from major search engines. Additionally, all logged in users > >< > https://blog.wikimedia.org/2013/08/28/https-default-logged-in-users-wikimedia-sites/ > > > >have been accessing via HTTPS since 2013. > > > >Over the last few years, increasing concerns about government > >surveillance > >prompted members of the Wikimedia community to push > ><https://blog.wikimedia.org/2013/08/01/future-https-wikimedia-projects/> > >for more broad protection through HTTPS. We agreed, and made this > >transition a priority for our policy and engineering teams. > > > > > >We believe encryption makes the web stronger for everyone. In a world > >where > >mass surveillance has become a serious threat to intellectual freedom, > >secure connections are essential for protecting users around the world. > >Without encryption, governments can more easily surveil sensitive > >information, creating a chilling effect, and deterring participation, > >or in > >extreme cases they can isolate or discipline citizens. Accounts may > >also be > >hijacked, pages may be censored, other security flaws could expose > >sensitive user information and communications. Because of these > >circumstances, we believe that the time for HTTPS for all Wikimedia > >traffic > >is now. We encourage others to join us as we move forward with this > >commitment. > > > >The technical challenges of migrating to HTTPS > > > >HTTPS migration for one of the world’s most popular websites can be > >complicated. For us, this process began years ago and involved teams > >from > >across the Wikimedia Foundation. Our engineering team has been driving > >this > >transition, working hard to improve our sites’ HTTPS performance, > >prepare > >our infrastructure to handle the transition, and ultimately manage the > >implementation. > > > >Our first steps involved improving our infrastructure and code base so > >we > >could support HTTPS. We also significantly expanded and updated our > >server > >hardware. Since we don’t employ third party content delivery systems, > >we > >had to manage this process for our entire infrastructure stack > >in-house. > > > >HTTPS may also have performance implications for users, particularly > >our > >many users accessing Wikimedia sites from countries or networks with > >poor > >technical infrastructure. We’ve been carefully calibrating our HTTPS > >configuration to minimize negative impacts related to latency, page > >load > >times, and user experience. This was an iterative process that relied > >on > >industry standards, a large amount of testing, and our own experience > >running the Wikimedia sites. > > > >Throughout this process, we have carefully considered how HTTPS affects > >all > >of our users. People around the world access Wikimedia sites from a > >diversity of devices, with varying levels of connectivity and freedom > >of > >information. Although we have optimized the experience as much as > >possible > >with this challenge in mind, this change could affect access for some > >Wikimedia traffic in certain parts of the world. > > > >In the last year leading up to this roll-out, we’ve ramped up our > >testing > >and optimization efforts to make sure our sites and infrastructure can > >support this migration. Our focus is now on completing the > >implementation > >of HTTPS and HSTS for all Wikimedia sites. We look forward to sharing a > >more detailed account of this unique engineering accomplishment once > >we’re > >through the full transition. > > > >Today, we are happy to start the final steps of this transition, and we > >expect completion within a couple of weeks. > > > >Yana Welinder > ><https://wikimediafoundation.org/wiki/User:YWelinder_(WMF)>, > >Senior Legal Counsel, Wikimedia Foundation > > > >Victoria Baranetsky > ><https://wikimediafoundation.org/wiki/User:VBaranetsky_(WMF)>, Legal > >Counsel, Wikimedia Foundation > > > >Brandon Black <https://en.wikipedia.org/wiki/User:BBlack_(WMF)>, > >Operations > >Engineer, Wikimedia Foundation > > > > > >-- > >*Juliet Barbara* > >Senior Communications Manager I Wikimedia Foundation > >149 New Montgomery Street I San Francisco, CA 94105 > >jbarb...@wikimedia.org I +1 (512) 750-5677 > > > > > >------------------------------------------------------------------------ > > > >_______________________________________________ > >Please note: all replies sent to this mailing list will be immediately > >directed to Wikimedia-l, the public mailing list of the Wikimedia > >community. For more information about Wikimedia-l: > >https://lists.wikimedia.org/mailman/listinfo/wikimedia-l > >_______________________________________________ > >WikimediaAnnounce-l mailing list > >wikimediaannounc...@lists.wikimedia.org > >https://lists.wikimedia.org/mailman/listinfo/wikimediaannounce-l > > > > > >------------------------------------------------------------------------ > > > >_______________________________________________ > >Wikimedia-l mailing list, guidelines at: > >https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines > >Wikimedia-l@lists.wikimedia.org > >Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, > ><mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe> > > ..................................................... > Habib M'henni > Ingénieur civil et technologue à l'Iset de Nabeul > Membre fondateur de CLibre et Wikimedia TN User Group > http://about.me/habibmhenni > http://blog.habibmhenni.tn > Téléphone : +216 52232190 > [K9.Andro ] > _______________________________________________ > Wikimedia-l mailing list, guidelines at: > https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines > Wikimedia-l@lists.wikimedia.org > Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, > <mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe> > _______________________________________________ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, <mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe>