Re: mailing list memberships reminder -> passwords in the clear
Rich Kulawiec <rsk@gsp.org> Wed, 28 November 2012 16:53 UTC
Return-Path: <rsk@gsp.org>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1001321F88B9 for <ietf@ietfa.amsl.com>; Wed, 28 Nov 2012 08:53:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.854
X-Spam-Level:
X-Spam-Status: No, score=-5.854 tagged_above=-999 required=5 tests=[AWL=0.744, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pfkFEfthHYYf for <ietf@ietfa.amsl.com>; Wed, 28 Nov 2012 08:53:19 -0800 (PST)
Received: from taos.firemountain.net (taos.firemountain.net [207.114.3.54]) by ietfa.amsl.com (Postfix) with ESMTP id A7D5621F889F for <ietf@ietf.org>; Wed, 28 Nov 2012 08:53:18 -0800 (PST)
Received: from gsp.org (bltmd-207.114.17.40.dsl.charm.net [207.114.17.40]) by taos.firemountain.net (8.14.5/8.14.5) with ESMTP id qASGrExf016313 for <ietf@ietf.org>; Wed, 28 Nov 2012 11:53:15 -0500 (EST)
Date: Wed, 28 Nov 2012 11:53:09 -0500
From: Rich Kulawiec <rsk@gsp.org>
To: ietf@ietf.org
Subject: Re: mailing list memberships reminder -> passwords in the clear
Message-ID: <20121128165309.GA24779@gsp.org>
References: <20121102152445.92153.qmail@joyce.lan> <5094215B.6000502@cisco.com> <83AB905E-CE0A-4A80-B3CF-F9B32B58FCBD@cs.columbia.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <83AB905E-CE0A-4A80-B3CF-F9B32B58FCBD@cs.columbia.edu>
User-Agent: Mutt/1.5.20 (2009-06-14)
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Nov 2012 16:53:20 -0000
First, an enthusiastic +1 to Steve's comments re security being compatible with risk. Second, Mailman is -- at this point -- easily the best available option for mailing list management. That is not to say it's perfect, of course it's not -- but in terms of capability, support, development, community, standards compliance, etc., it's the best we've got. Third, if the data path from the IETF Mailman instance to your mail client is compromised, then there are far more serious problems to worry about than someone spuriously unsubscribing you or switching you to/from digest mode or similar. ---rsk
- Re: mailing list memberships reminder -> password… John R Levine
- mailing list memberships reminder -> passwords in… Paul Aitken
- Re: mailing list memberships reminder -> password… John Levine
- Re: mailing list memberships reminder -> password… Sabahattin Gucukoglu
- Re: mailing list memberships reminder -> password… Mike Brescia
- Re: mailing list memberships reminder -> password… John Levine
- Re: [IETF] Re: mailing list memberships reminder … Warren Kumari
- Re: mailing list memberships reminder -> password… Paul Aitken
- Re: mailing list memberships reminder -> password… Paul Aitken
- Re: mailing list memberships reminder -> password… Paul Aitken
- Re: mailing list memberships reminder -> password… Steven Bellovin
- Re: mailing list memberships reminder -> password… Sabahattin Gucukoglu
- Re: mailing list memberships reminder -> password… Rich Kulawiec