On 23 August 2013 17:10, Marc A. Pelletier <m...@uberbox.org> wrote: > On 08/23/2013 04:35 PM, Risker wrote: > > I'd like to see what can be developed, however, to support > > Checkusers/Oversighters/Stewards who have difficulty using HTTPS > > Pretty much by definition the accounts holding those bits are the one we > /least/ want to have their password snooped, and the ones most likely to > be targeted by malicious eavesdroppers. If we could only support some > accounts to use HTTPS, those are the ones we would need to force. > > Yes, it does mean that there could not be checkusers in mainland China, > for instance as long as they are unable to log in through HTTPS. That > would be a /good/ thing. > > As I said, Marc, there's already an offline discussion happening looking for ways to effectively manage this without outright banning editors from those geographical regions from serving Wikimedia communities. A decision to prevent users from certain countries or with certain technical challenges from holding these permissions is as much a policy issue as it is a security issue (it's also a cross-wiki one), so that aspect needs to be considered from a broad community perspective.
If a technical solution can be found that facilitates affected users being able to securely use the tools, then the policy discussion would focus on whether we require those editors to use the technical solution, instead of recommending outright bans to granting advanced permissions to those affected by HTTPS issues. Solutions are already being considered and examined for this; granted, the discussion is occurring off-wiki so you wouldn't have been aware. Risker/Anne _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l