IETF Logo Mail Archive

Re: mailing list memberships reminder -> passwords in the clear

Rich Kulawiec <rsk@gsp.org> Wed, 28 November 2012 16:53 UTC

Return-Path: <rsk@gsp.org>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1001321F88B9 for <ietf@ietfa.amsl.com>; Wed, 28 Nov 2012 08:53:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.854
X-Spam-Level:
X-Spam-Status: No, score=-5.854 tagged_above=-999 required=5 tests=[AWL=0.744, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pfkFEfthHYYf for <ietf@ietfa.amsl.com>; Wed, 28 Nov 2012 08:53:19 -0800 (PST)
Received: from taos.firemountain.net (taos.firemountain.net [207.114.3.54]) by ietfa.amsl.com (Postfix) with ESMTP id A7D5621F889F for <ietf@ietf.org>; Wed, 28 Nov 2012 08:53:18 -0800 (PST)
Received: from gsp.org (bltmd-207.114.17.40.dsl.charm.net [207.114.17.40]) by taos.firemountain.net (8.14.5/8.14.5) with ESMTP id qASGrExf016313 for <ietf@ietf.org>; Wed, 28 Nov 2012 11:53:15 -0500 (EST)
Date: Wed, 28 Nov 2012 11:53:09 -0500
From: Rich Kulawiec <rsk@gsp.org>
To: ietf@ietf.org
Subject: Re: mailing list memberships reminder -> passwords in the clear
Message-ID: <20121128165309.GA24779@gsp.org>
References: <20121102152445.92153.qmail@joyce.lan> <5094215B.6000502@cisco.com> <83AB905E-CE0A-4A80-B3CF-F9B32B58FCBD@cs.columbia.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <83AB905E-CE0A-4A80-B3CF-F9B32B58FCBD@cs.columbia.edu>
User-Agent: Mutt/1.5.20 (2009-06-14)
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Nov 2012 16:53:20 -0000

First, an enthusiastic +1 to Steve's comments re security being
compatible with risk.

Second, Mailman is -- at this point -- easily the best available option
for mailing list management.  That is not to say it's perfect, of course
it's not -- but in terms of capability, support, development, community,
standards compliance, etc., it's the best we've got.

Third, if the data path from the IETF Mailman instance to your mail
client is compromised, then there are far more serious problems to
worry about than someone spuriously unsubscribing you or switching
you to/from digest mode or similar.

---rsk

v2.23.0 | Report a Bug | By Email