Return-Path: Delivered-To: apmail-cocoon-dev-archive@www.apache.org Received: (qmail 11141 invoked from network); 28 Oct 2003 11:25:09 -0000 Received: from daedalus.apache.org (HELO mail.apache.org) (208.185.179.12) by minotaur-2.apache.org with SMTP; 28 Oct 2003 11:25:09 -0000 Received: (qmail 12492 invoked by uid 500); 28 Oct 2003 11:24:34 -0000 Delivered-To: apmail-cocoon-dev-archive@cocoon.apache.org Received: (qmail 12412 invoked by uid 500); 28 Oct 2003 11:24:33 -0000 Mailing-List: contact dev-help@cocoon.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: list-post: Reply-To: dev@cocoon.apache.org Delivered-To: mailing list dev@cocoon.apache.org Received: (qmail 12370 invoked from network); 28 Oct 2003 11:24:33 -0000 Received: from unknown (HELO pulse.betaversion.org) (217.158.110.65) by daedalus.apache.org with SMTP; 28 Oct 2003 11:24:33 -0000 Received: (qmail 317 invoked from network); 28 Oct 2003 11:24:45 -0000 Received: from unknown (HELO apache.org) (stefano@80.105.91.155) by pulse.betaversion.org with SMTP; 28 Oct 2003 11:24:45 -0000 Date: Tue, 28 Oct 2003 12:25:10 +0100 Subject: Re: [proposal] Doco Content-Type: text/plain; charset=US-ASCII; format=flowed Mime-Version: 1.0 (Apple Message framework v552) Cc: , , To: "James Developers List" From: Stefano Mazzocchi In-Reply-To: Message-Id: <63EE8B10-0939-11D8-871A-000393D2CB02@apache.org> Content-Transfer-Encoding: 7bit X-Mailer: Apple Mail (2.552) X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N On Tuesday, Oct 28, 2003, at 09:32 Europe/Rome, Danny Angus wrote: > Stefan wrote: > >> So, adding SSL relay wouldn't hurt, but wouldn't help much either >> since >> we can't force moderators to have a mail server that accepts that kind >> of relay (don't even know if mine does!) > > I think what should happen to ensure this level of integrity would be > that > moderators should connect to an account on the James instance managing > the > doco mail, in which case it means your client has to support ssl. hmmm, this means that we have to create james accounts for all moderators, then force them to connect thru POP3 over SSL? don't know, the more I think about this, the more it seems overkill to me: the current moderation system is done over the plain wire and nobody ever spoofed the IDs to inject spam into our mail lists. I say we go with plain text and, if something happens, we fix it the incremental way. For now, let's just do the simplest thing that can possibly work. > Otherwise > you're at the mercy of the ability of intermediate hops to preserve > your > security, and it becomes worthless again. yep > An other suggestion might be to require moderators to sign and encrypt > their messages with PGP. I know thats it's possible for James to cope > with > this, but AFAIK noone has shared any code with us. I wouldn't go down this path. it is too intrusive for the moderators's setup. -- Stefano.