This reminds me of the VE rollout debacle On Friday, June 12, 2015, John <[email protected]> wrote:
> Comets, I can answer that. From the dev who switched HTTPS on during prime > usage times, complained about working 60+ hours this week, then left for > the day. > > I get the impression that the WMF doesn't give a shit about those users > who choose to opt-out of HTTPS for one reason or another. It's basically > your now screwed, it works for us so figure it out without us. > > On Friday, June 12, 2015, Comet styles <[email protected] > <javascript:_e(%7B%7D,'cvml','[email protected]');>> wrote: > >> Congrats, you just made internet shitty for all 3rd world countries >> and did you people even bother to find out how it will affect users in >> China or Iran where HTTPS is BANNED?. >> >> On 6/13/15, Tito Dutta <[email protected]> wrote: >> > Great job. :) >> > Thanks for informing >> > [PS. to members, you may read the WP:VPT >> > < >> https://en.wikipedia.org/wiki/Wikipedia:Village_pump_%28technical%29#HTTPS_by_default >> > >> > discussion too] >> > >> > On 13 June 2015 at 03:05, Habib M'henni <[email protected]> wrote: >> > >> >> This is really fantastic. >> >> >> >> Thanks, >> >> >> >> Habib >> >> >> >> Le 12 juin 2015 21:22:26 CET, Juliet Barbara <[email protected]> >> a >> >> écrit : >> >> >The Wikimedia Foundation is pleased to announce that we have begun the >> >> >transition of the Wikimedia projects and sites to the secure HTTPS >> >> >protocol. You may have seen our blog post from this morning; it has >> >> >also >> >> >been posted to relevant Village Pumps (Technical). >> >> > >> >> >This post is available online here: >> >> > >> >> >> https://blog.wikimedia.org/2015/06/12/securing-wikimedia-sites-with-https/ >> >> > >> >> >Securing access to Wikimedia sites with HTTPS >> >> > >> >> >BY YANA WELINDER <https://blog.wikimedia.org/author/ywelinder/>, >> >> >VICTORIA >> >> >BARANETSKY <https://blog.wikimedia.org/author/victoria-baranetsky/> >> AND >> >> >BRANDON >> >> >BLACK <https://blog.wikimedia.org/author/brandon-black/> ON JUNE 12TH >> >> > >> >> > >> >> >To be truly free, access to knowledge must be secure and uncensored. >> At >> >> >the >> >> >Wikimedia Foundation, we believe that you should be able to use >> >> >Wikipedia >> >> >and the Wikimedia sites without sacrificing privacy or safety. >> >> > >> >> >Today, we’re happy to announce that we are in the process of >> >> >implementing >> >> >HTTPS <https://en.wikipedia.org/wiki/HTTPS> to encrypt all Wikimedia >> >> >traffic. We will also use HTTP Strict Transport Security >> >> ><https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security> (HSTS) >> >> >to >> >> >protect against efforts to ‘break’ HTTPS and intercept traffic. With >> >> >this >> >> >change, the nearly half a billion people who rely on Wikipedia and its >> >> >sister projects every month will be able to share in the world’s >> >> >knowledge >> >> >more securely. >> >> > >> >> >The HTTPS protocol creates an encrypted connection between your >> >> >computer >> >> >and Wikimedia sites to ensure the security and integrity of data you >> >> >transmit. Encryption makes it more difficult for governments and other >> >> >third parties to monitor your traffic. It also makes it harder for >> >> >Internet >> >> >Service Providers (ISPs) to censor access to specific Wikipedia >> >> >articles >> >> >and other information. >> >> > >> >> >HTTPS is not new to Wikimedia sites. Since 2011, we have been working >> >> >on >> >> >establishing the infrastructure and technical requirements, and >> >> >understanding the policy and community implications of HTTPS for all >> >> >Wikimedia traffic, with the ultimate goal of making it available to >> all >> >> >users. In fact, for the past four years >> >> >< >> >> >> https://blog.wikimedia.org/2011/10/03/native-https-support-enabled-for-all-wikimedia-foundation-wikis/ >> >> >, >> >> >Wikimedia users could access our sites with HTTPS manually, through >> >> >HTTPS >> >> >Everywhere <https://www.eff.org/https-everywhere>, and when directed >> to >> >> >our >> >> >sites from major search engines. Additionally, all logged in users >> >> >< >> >> >> https://blog.wikimedia.org/2013/08/28/https-default-logged-in-users-wikimedia-sites/ >> >> > >> >> >have been accessing via HTTPS since 2013. >> >> > >> >> >Over the last few years, increasing concerns about government >> >> >surveillance >> >> >prompted members of the Wikimedia community to push >> >> >< >> https://blog.wikimedia.org/2013/08/01/future-https-wikimedia-projects/> >> >> >for more broad protection through HTTPS. We agreed, and made this >> >> >transition a priority for our policy and engineering teams. >> >> > >> >> > >> >> >We believe encryption makes the web stronger for everyone. In a world >> >> >where >> >> >mass surveillance has become a serious threat to intellectual freedom, >> >> >secure connections are essential for protecting users around the >> world. >> >> >Without encryption, governments can more easily surveil sensitive >> >> >information, creating a chilling effect, and deterring participation, >> >> >or in >> >> >extreme cases they can isolate or discipline citizens. Accounts may >> >> >also be >> >> >hijacked, pages may be censored, other security flaws could expose >> >> >sensitive user information and communications. Because of these >> >> >circumstances, we believe that the time for HTTPS for all Wikimedia >> >> >traffic >> >> >is now. We encourage others to join us as we move forward with this >> >> >commitment. >> >> > >> >> >The technical challenges of migrating to HTTPS >> >> > >> >> >HTTPS migration for one of the world’s most popular websites can be >> >> >complicated. For us, this process began years ago and involved teams >> >> >from >> >> >across the Wikimedia Foundation. Our engineering team has been driving >> >> >this >> >> >transition, working hard to improve our sites’ HTTPS performance, >> >> >prepare >> >> >our infrastructure to handle the transition, and ultimately manage the >> >> >implementation. >> >> > >> >> >Our first steps involved improving our infrastructure and code base so >> >> >we >> >> >could support HTTPS. We also significantly expanded and updated our >> >> >server >> >> >hardware. Since we don’t employ third party content delivery systems, >> >> >we >> >> >had to manage this process for our entire infrastructure stack >> >> >in-house. >> >> > >> >> >HTTPS may also have performance implications for users, particularly >> >> >our >> >> >many users accessing Wikimedia sites from countries or networks with >> >> >poor >> >> >technical infrastructure. We’ve been carefully calibrating our HTTPS >> >> >configuration to minimize negative impacts related to latency, page >> >> >load >> >> >times, and user experience. This was an iterative process that relied >> >> >on >> >> >industry standards, a large amount of testing, and our own experience >> >> >running the Wikimedia sites. >> >> > >> >> >Throughout this process, we have carefully considered how HTTPS >> affects >> >> >all >> >> >of our users. People around the world access Wikimedia sites from a >> >> >diversity of devices, with varying levels of connectivity and freedom >> >> >of >> >> >information. Although we have optimized the experience as much as >> >> >possible >> >> >with this challenge in mind, this change could affect access for some >> >> >Wikimedia traffic in certain parts of the world. >> >> > >> >> >In the last year leading up to this roll-out, we’ve ramped up our >> >> >testing >> >> >and optimization efforts to make sure our sites and infrastructure can >> >> >support this migration. Our focus is now on completing the >> >> >implementation >> >> >of HTTPS and HSTS for all Wikimedia sites. We look forward to sharing >> a >> >> >more detailed account of this unique engineering accomplishment once >> >> >we’re >> >> >through the full transition. >> >> > >> >> >Today, we are happy to start the final steps of this transition, and >> we >> >> >expect completion within a couple of weeks. >> >> > >> >> >Yana Welinder >> >> ><https://wikimediafoundation.org/wiki/User:YWelinder_(WMF)>, >> >> >Senior Legal Counsel, Wikimedia Foundation >> >> > >> >> >Victoria Baranetsky >> >> ><https://wikimediafoundation.org/wiki/User:VBaranetsky_(WMF)>, Legal >> >> >Counsel, Wikimedia Foundation >> >> > >> >> >Brandon Black <https://en.wikipedia.org/wiki/User:BBlack_(WMF)>, >> >> >Operations >> >> >Engineer, Wikimedia Foundation >> >> > >> >> > >> >> >-- >> >> >*Juliet Barbara* >> >> >Senior Communications Manager I Wikimedia Foundation >> >> >149 New Montgomery Street I San Francisco, CA 94105 >> >> >[email protected] I +1 (512) 750-5677 >> >> > >> >> > >> >> >> >------------------------------------------------------------------------ >> >> > >> >> >_______________________________________________ >> >> >Please note: all replies sent to this mailing list will be immediately >> >> >directed to Wikimedia-l, the public mailing list of the Wikimedia >> >> >community. For more information about Wikimedia-l: >> >> >https://lists.wikimedia.org/mailman/listinfo/wikimedia-l >> >> >_______________________________________________ >> >> >WikimediaAnnounce-l mailing list >> >> >[email protected] >> >> >https://lists.wikimedia.org/mailman/listinfo/wikimediaannounce-l >> >> > >> >> > >> >> >> >------------------------------------------------------------------------ >> >> > >> >> >_______________________________________________ >> >> >Wikimedia-l mailing list, guidelines at: >> >> >https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines >> >> >[email protected] >> >> >Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l >> , >> >> ><mailto:[email protected]?subject=unsubscribe> >> >> >> >> ..................................................... >> >> Habib M'henni >> >> Ingénieur civil et technologue à l'Iset de Nabeul >> >> Membre fondateur de CLibre et Wikimedia TN User Group >> >> http://about.me/habibmhenni >> >> http://blog.habibmhenni.tn >> >> Téléphone : +216 52232190 >> >> [K9.Andro ] >> >> _______________________________________________ >> >> Wikimedia-l mailing list, guidelines at: >> >> https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines >> >> [email protected] >> >> Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, >> >> <mailto:[email protected]?subject=unsubscribe> >> >> >> > _______________________________________________ >> > Wikimedia-l mailing list, guidelines at: >> > https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines >> > [email protected] >> > Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, >> > <mailto:[email protected]?subject=unsubscribe> >> >> >> -- >> Cometstyles >> >> _______________________________________________ >> Wikimedia-l mailing list, guidelines at: >> https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines >> [email protected] >> <https://meta.wikimedia.org/wiki/Mailing_lists/[email protected]> >> Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, >> <mailto:[email protected]?subject=unsubscribe> > > _______________________________________________ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines [email protected] Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, <mailto:[email protected]?subject=unsubscribe>
