Jaime Crespo

At the Wikimedia Foundation we aim for perfect privacy of our users. That means not only enforcing TLS (https) between our users and the datacenters but all intermediate steps, including database access.

When you are a top 5 website with hundreds of thousand of queries per second and billions of users but a very limited budget, that is not easy, specially for MySQL. This is a description of our experience, including operational and performance pain points, of rolling out encryption.