we have SSL at all wikis now. We try to make everything more secure, 2FA etc. But there is still one thing to do:
There are people talking in IRC, IRC allows SSL as well. Of course, we should not require SSL in IRC in every channel, for example if you use freenode webchat, you can't use SSL, so it would be bad for new users, or users asking for help etc.
But at least for channels, where people mention private data, we should require SSL, in my opinion.
What would need to be done then? At private channels, where private data gets mentioned, like #wikimedia-checkusers or #wikimedia-privacy, the channelmode +S should get set. This would mean, that every user, who is not connected via SSL would not be able to join the channel then. Instead they would recive a message about it, that they need SSL.
Currently, this feature is not enabled:
[21:54:26] * Channel #wikimedia-checkusers Modes: +cimntzf [21:54:31] * Channel #wikimedia-privacy Modes: +FLcginsf