[nSLUG] Wikipedia changes/limits protocols?

D G Teed donald.teed at gmail.com
Mon Jul 13 12:11:11 ADT 2015


On Mon, Jul 13, 2015 at 3:16 AM, Mike Spencer <mspencer at tallships.ca> wrote:
>
> This is kinda OT; it's about a network difficulty with HTTPS.
>
> Wikipedia recently went to HTTPS-only. That was a bother.
>
> Now I can't access it at all except with "wget --no-check-certificate".
>
> My "new" browser is an old version of Firefox.  FF reports:
>
>     The connection was reset
>     The connection to the server was reset while the page was loading.
>
> and Wireshark shows repeated instances of this transaction:
>
>     TCP    32998  >  https  [SYN]
>     TCP    https  >  32998  [SYN, ACK]
>     TCP    32998  >  https  [ACK]
>     SSLv2  Client Hello
>     TCP    https  >  32998  [ACK]
>     TCP    https  >  32998  [RST, ACK]
>
> each with a new local port number.
>
> Does this mean that Wikipedia is just flatly refusing, at the protocol
> level, requests to do HTTPS via SSL?  That they're demanding TLS or some
> other security protocol that I don't know about?  Anybody know exactly
> what's going on here?
>
> Yeah, I know there's talk about SSL having flaws and being deprecated.
> But why (if the answer to the above question is "yes") is WP getting
> all hard-case about encryption?  I don't care if the NSA or CSEC or
> GCHQ or anybody else can see what I read on WP.  If I did, traffic
> analysis would get me anyhow.  I don't get my newspaper by private
> courier in a Plain Brown Wrapper.

I would guess your wget is out of date.  Mine on Debian 7 or 8 works fine
with:

wget https://en.wikipedia.org/wiki/Main_Page

There have been many things deprecated in the last year or so around SSL.
It doesn't really matter what it is, unless you really want to know a lot
more about encryption, ciphers and that lot.  I think you'll find updates
will remedy the picture, assuming you have an OS with package management
which will bring in the library and dependency updates.


More information about the nSLUG mailing list