forrest-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefano Mazzocchi <stef...@apache.org>
Subject Re: [proposal] Doco
Date Sat, 25 Oct 2003 22:30:14 GMT

On Saturday, Oct 25, 2003, at 00:39 Europe/Rome, Noel J. Bergman wrote:

> Stefano,
>
> +1
>
> Looks like a good plan that takes the ForrestBot idea, builds on it,
> integrates other things, seems secure and scalable, provides the 
> opportunity
> for "anyone" to help write documentation, but provides multiple points
> oversight.

Yep, that's the idea. I'm glad that you like it too.

> The proposed workflow institutionalizes RTC,

RTC?

> but the project can
> always revert a change if others disagree with the decision to approve 
> the
> change.

Exactly.

> I do think that we want to try to enure that we have sufficient 
> security in
> the system to prevent someone from making an unwanted change and then
> spoofing an approval.

absolutely

> Perhaps we could require SMTP AUTH over SSL for the
> moderators?

Hmmm, I don't really see how this would help. The information to secure 
is the continuation ID which is passed along with the email. If you are 
not part of the moderation list, you don't get that email.

don't know, maybe I'm missing something, but what do you think a 
possible attack could be?

--
Stefano.


Mime
View raw message