Page MenuHomePhabricator

Wikipedia should support DNSSEC and TLSA
Closed, DuplicatePublic

Description

Since Wikipedia has now gone HTTPS only, it is time for the project to also upgrade its DNS records for better security.

Wikipedia should update its DNS servers to support DNSSEC, and should also publish valid TLSA and DNSSEC records for all accessible sites and servers.

This will ensure that DNS cache poisoning attacks cannot be used to intercept the your users' information, and it will also ensure that a compromised Certificate Authority cannot issue certificates allowing for the impersonation of Wikipedia.

Beyond this, it would simply be good practice Wikipedia to support all standardized security techniques in order to support a freer and safer internet.

Event Timeline

Vertigre raised the priority of this task from to Needs Triage.
Vertigre updated the task description. (Show Details)
Vertigre added a project: DNS.
Vertigre added a subscriber: Vertigre.