On 23 August 2013 21:28, Marc A. Pelletier <[email protected]> wrote: > On 08/23/2013 03:23 PM, Martijn Hoekstra wrote:
>> Requiring https for advanced privileges seems odd. Would that require a >> second set of credentials over a https only page? > You're missing the point. People who have (for instance) checkuser or > oversight should be simply disallowed from logging in through HTTP at all. +1 There can't really be a geoIP exemption for this. - d. _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
