On Fri, Oct 17, 2014 at 3:38 PM, Michael Guss <[email protected]> wrote: > Hello all, > > Here is the proposed SM for the Removing SSL 3.0 Support blog post. Thanks > for reviewing! > > Blog post: > https://blog.wikimedia.org/2014/10/17/protecting-users-against-poodle-by-removing-ssl-3-0-support/
As an exception for this blog post, we should use the HTTP URL instead of HTTPS for linking to the post: http://blog.wikimedia.org/2014/10/17/protecting-users-against-poodle-by-removing-ssl-3-0-support/ (since we're targeting especially people who use browsers with incomplete HTTPS support, even in case Wordpress.com hasn't disabled SSL 3.0 yet - I didn't check) > > Social media calendar: > https://meta.wikimedia.org/wiki/Social_media/Calendar#October_17 > > * t: To protect our users, WMF has stopped support for SSL 3.0, which will > impact users of Internet Explorer 6 & older > https://blog.wikimedia.org/2014/10/17/protecting-users-against-poodle-by-removing-ssl-3-0-support/ If I'm informed correctly, IE versions prior to IE6 didn't support encryption at all, so "& older" isn't entirely correct ;) > > * t: WMF has ceased support of SSL 3.0 to protect our users. IE6 users will > be impacted: > https://blog.wikimedia.org/2014/10/17/protecting-users-against-poodle-by-removing-ssl-3-0-support/ > LGTM > * t: Scared of the POODLE? WMF is protecting its users with removed support > for SSL 3.0. Learn more: > https://blog.wikimedia.org/2014/10/17/protecting-users-against-poodle-by-removing-ssl-3-0-support/ This one sounds good, except that it does not mention IE6. Suggest instead: Scared of the #POODLE? WMF removes SSL 3.0 support to protect our users. If you still use the IE6 browser, read this: > > * f/g: To protect our users, WMF has stopped support for SSL 3.0, which > will impact users of Internet Explorer 6 & older > https://blog.wikimedia.org/2014/10/17/protecting-users-against-poodle-by-removing-ssl-3-0-support/ > > * f/g: In the interest of protecting our users, The Wikimedia Foundation has > ceased support for SSL 3.0, an outdated HTTPS implementation that leaves > users vulnerable to the Padding Oracle On Downgraded Legacy Encryption or > POODLE. Users of Internet Explorer 6 or other old browsers will be impacted. > https://blog.wikimedia.org/2014/10/17/protecting-users-against-poodle-by-removing-ssl-3-0-support/ > > * f/g: Wikimedia has taken measures to protect its users from the POODLE > security vulnerability by ceasing SSL 3.0 Users of Internet Explorer 6 and > other old browsers will be impacted. > https://blog.wikimedia.org/2014/10/17/protecting-users-against-poodle-by-removing-ssl-3-0-support/ With some tweaks: Wikimedia has taken measures to protect its users from the POODLE security vulnerability by ceasing support for SSL 3.0. Users of Internet Explorer 6 and other very old browsers will be affected. -- Tilman Bayer Senior Operations Analyst (Movement Communications) Wikimedia Foundation IRC (Freenode): HaeB _______________________________________________ Social-media mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/social-media
