Page MenuHomePhabricator
People konklone

konklone (Eric Mill)
User

Projects

User does not belong to any projects.

Calendar

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Monday

  • Clear sailing ahead.

User Details

User Since
Jan 15 2015, 4:20 AM (493 w, 1 d)
Availability
Available
LDAP User
Unknown
MediaWiki User
Konklone [ Global Accounts ]

Recent Activity
View All

Apr 6 2016

konklone added a comment to T105794: Insecure POST traffic.

@BBlack If you want someone to remind you about it, I am happy to volunteer. ;)

Apr 6 2016, 7:51 PM · User-notice-archive, MW-1.27-release (WMF-deploy-2016-02-02_(1.27.0-wmf.12)), MW-1.27-release-notes, SRE, Patch-For-Review, Traffic, HTTPS

Sep 9 2015

konklone awarded T104681: HTTPS Plans (tracking / high-level info) a Yellow Medal token.
Sep 9 2015, 4:07 PM · Tracking-Neverending, SRE, Traffic, HTTPS

Jun 20 2015

konklone added a comment to T92002: implement Public Key Pinning (HPKP) for Wikimedia domains.

Are you considering doing a phase where you do the Public-Key-Pins-Report-Only header first, to see what the likely issues would be?

Jun 20 2015, 5:42 PM · SRE, Traffic, HTTPS

Jun 2 2015

konklone added a comment to T86654: Switch to ECDSA hybrid certificates.

Another alternative would be to try to finish the work of the original patch author and get it accepted upstream, with all of the stapling stuff sorted out.

Jun 2 2015, 2:32 PM · SRE, Patch-For-Review, Traffic, HTTPS-by-default, HTTPS

Apr 3 2015

konklone added a comment to T75953: RFC: MediaWiki HTTPS policy.

The current RFC states that Wikipedia Zero partners often disallow HTTPS. I'm wondering how we can address that.

Apr 3 2015, 10:48 PM · TechCom-RFC (TechCom-RFC-Closed), MediaWiki-Configuration, Security-Team

Mar 14 2015

konklone added a comment to T92002: implement Public Key Pinning (HPKP) for Wikimedia domains.

If it's helpful, we got a pretty good perspective from the authors of the HPKP spec on how to think about pinning, on this GitHub thread:

Mar 14 2015, 11:25 PM · SRE, Traffic, HTTPS

Jan 15 2015

konklone added a comment to T86654: Switch to ECDSA hybrid certificates.

Have you looked at SSLMate for a CA (reseller)? https://sslmate.com/

Jan 15 2015, 4:40 AM · SRE, Patch-For-Review, Traffic, HTTPS-by-default, HTTPS
konklone added a comment to T35890: Support SPDY.

This seems like a smart thing to prioritize for the HTTPS-by-default tag, since it has such drastic front-end speed improvements for multiplexing resources. I've never managed an infrastructure like Wikipedia's, but the SPDY module for nginx has shipped for a while and is very easy to turn on.

Jan 15 2015, 4:38 AM · User-notice-archive, Traffic, SRE, Notice, Performance Issue, HTTPS
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits