On Mon, Apr 25, 2011 at 12:33 PM, Ryan Lane <[email protected]> wrote:
> > * https://bugzilla.wikimedia.org/show_bug.cgi?id=20643 -- Serve > SSL/HTTPS > > sites out of same domain names as HTTP access: https://en.wikipedia.org/ > > > > This'll need more work as it has to deal with the offsite proxies, > multiple > > domains, etc. But it's been on the slate for a long time and we did some > > live experiments in 2007 that looked positive; if done it'll make the SSL > > views of the site friendlier to use, and smart session/cookie management > > could keep people form having to manually bounce themselves between SSL > and > > non-SSL links. > > > > This is the only reliable way of doing HTTPS, and will be the method I > use to attack this problem. Basic SSL termination should work fairly > well with this, but we will likely need to do some network trickery to > make this work as we want. We don't want to run the SSL termination on > the same hardware as our non-SSL proxies, as we'd have to optimize for > two different workloads, so we are currently looking at doing this as > a separate cluster. > +1 > I don't have a timeframe for completion, but I hope to work on this at > some point soon. > Thanks for the update! -- brion _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
