On Wed, Jul 8, 2009 at 7:13 AM, William Allen Simpson<[email protected]> wrote: > However, (assuming you are a developer) that makes 2 developers indicating > this is not a priority. Please remove the link to the secure server on the > login page, so that common editors are not confused by it, thinking that > this is a supported service....
Steve Bennett is not a developer (as far as I can tell). And while I am a developer, I'm not a sysadmin and have nothing to do with configuring or maintaining the secure server. As a general rule, I've found that with open-source stuff you usually can't tell apart the decision-makers from random opinionated hangers-on without actually doing research or asking . . . it's kind of annoying, but fun! :) For what it's worth, I also don't think SSL is worthless. I don't personally see any reason to go out of my way to use it, and think it's a little odd for someone else to do that given the marginal benefit it would provide by any metric. But I'd definitely agree that if it could be enabled for all Wikipedia users by *default* that would be great. A small benefit times millions of users can be a very big benefit. An ideal Internet would encrypt *and* sign all communications with no opt-out. (One of the things I'm looking forward to if Google Wave takes off!) On Wed, Jul 8, 2009 at 10:45 AM, Gregory Maxwell<[email protected]> wrote: > Provided your changes didn't break the site, I'd take a > bet that you could have a malware installer running for days before it > was discovered. What, on enwiki? I'd bet ten minutes before it's noticed someone using NoScript configured to prompt about cross-site loads or something. (Maybe not if it just includes an image for DoS purposes, but then the target would notice soon enough, you'd think . . .) _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
