forrest-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefano Mazzocchi <stef...@apache.org>
Subject Re: [proposal] Doco
Date Tue, 28 Oct 2003 11:25:10 GMT

On Tuesday, Oct 28, 2003, at 09:32 Europe/Rome, Danny Angus wrote:

> Stefan wrote:
>
>> So, adding SSL relay wouldn't hurt, but wouldn't help much either 
>> since
>> we can't force moderators to have a mail server that accepts that kind
>> of relay (don't even know if mine does!)
>
> I think what should happen to ensure this level of integrity would be 
> that
> moderators should connect to an account on the James instance managing 
> the
> doco mail, in which case it means your client has to support ssl.

hmmm, this means that we have to create james accounts for all 
moderators, then force them to connect thru POP3 over SSL?

don't know, the more I think about this, the more it seems overkill to 
me: the current moderation system is done over the plain wire and 
nobody ever spoofed the IDs to inject spam into our mail lists.

I say we go with plain text and, if something happens, we fix it the 
incremental way. For now, let's just do the simplest thing that can 
possibly work.

> Otherwise
> you're at the mercy of the ability of intermediate hops to preserve 
> your
> security, and it becomes worthless again.

yep

> An other suggestion might be to require moderators to sign and encrypt
> their messages with PGP. I know thats it's possible for James to cope 
> with
> this, but AFAIK noone has shared any code with us.

I wouldn't go down this path. it is too intrusive for the moderators's 
setup.

--
Stefano.


Mime
View raw message