On 10/26/2010 08:59 AM, MZMcBride wrote: > As Aryeh notes, even those who act in an editing role (rather than in simply > a reader role) don't generally have valuable accounts. The "pros" you're > talking about are free to use secure.wikimedia.org (which is already set up > and has been for quite some time). If there were a secure site alternative, > I think you'd have a point. As it stands, I don't see what's very quaint > about this situation.
For a maximum security and minimal overhead, let the login always be over https. If a logged-in user is an admin or higher, use https for everything. Expand to all editors if easily possible. _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
