On Thursday, February 2, 2017, James Salsman <[email protected]> wrote: > Bryan Davis wrote: >> >> The HTTPS tag (<https://phabricator.wikimedia.org/project/profile/162/>) >> and the Traffic component >> (<https://phabricator.wikimedia.org/project/profile/1201/>) would both >>seem reasonable. > > Thanks Brian, will do. I'm working on a fail-over method which won't > allow the kind of MITM attacks which WhatsApp is vulnerable to under > default settings. In the mean time, the White House web site > apparently has a certificate which was working last week but now > indicates it was revoked last May: > > https://crt.sh/?q=60a5d3648459f4eb88700db0d08cda7f6139359c > > Would it be a good idea to have HTTP ready to go in case HTTPS becomes unstable? >
No. We are comitted to https due to hsts. It is not something that can just be turned off without downtime. Also im pretty sure we already have redundant certificates ready to go in case of a revokation incident since its (accidentally) happened in the past. (See https://phabricator.wikimedia.org/T148131 and https://wikitech.wikimedia.org/wiki/Incident_documentation/20161013-GlobalSign for the original context). Last of all, the whatsapp key changing issue is not relavent to us. Whatsapp is using a different trust model than web pki does. -- bawolff _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
