Privacy: Wikimedia Implementing HTTPS by Default For All Traffic, Will Also Use HSTS

Ed. Note from Gary Price:

Kudos Wikimedia!
Hopefully, the many library web sites, online catalogs, and vendor databases not currently using HTTPS/HSTS will begin doing what Wikimedia and others are doing very soon. Making library-related traffic as secure as we can is long overdue!
From the Wikimedia Blog:

Today, we’re happy to announce that we are in the process of implementing HTTPS by default to encrypt all Wikimedia traffic. We will also use HTTP Strict Transport Security (HSTS) to protect against efforts to ‘break’ HTTPS and intercept traffic. With this change, the nearly half a billion people who rely on Wikipedia and its sister projects every month will be able to share in the world’s knowledge more securely.
The HTTPS protocol creates an encrypted connection between your computer and Wikimedia sites to ensure the security and integrity of data you transmit. Encryption makes it more difficult for governments and other third parties to monitor your traffic. It also makes it harder for Internet Service Providers (ISPs) to censor access to specific Wikipedia articles and other information.
HTTPS is not new to Wikimedia sites. Since 2011, we have been working on establishing the infrastructure and technical requirements, and understanding the policy and community implications of HTTPS by default, with the ultimate goal of making it available to all users. In fact, for the past four years, Wikimedia users could access our sites with HTTPS manually, through HTTPS Everywhere, and when directed to our sites from major search engines. Additionally, all logged in users have been accessing via HTTPS by default since 2013.

Read the Complete Blog Post
Includes a Section titled, “The technical challenges of migrating to HTTPS by default.”

Filed under: Data Files, Libraries, News, Patrons and Users