-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Michael Fleming wrote: > See also: http://www.jwz.org/doc/mailman.html :-) It does raise some > interesting points to consider before leaping head first into it. Point 1 is and has been outdated for a long time now (if it was even valid for the current mailman version at the time it was written, I'm not sure that it was). To unsubscribe from a mailman list you do exactly the steps JWZ outlines for "sane" list software. Point 2 is rather foolish too. The password is needed to log in to use the web front end to control your settings. Many mailman sites use SSL for this and the password is thus reasonably secure. It clearly provides much more than "zero" security. If JWZ is so paranoid, he ought to be using a list manager that authenticates all email commands using PGP or other string crypto. (Interestingly, a PGP patch was written a while back for mailman, not so much for email commands but for managing a private list that automatically encrypted to all recipients. It could have been extended slightly to decrypt and verify commands sent to if by subscribers or list moderators.) "Wrong and misinformed rants by otherwise highly intelligent and respected individuals are considered harmful." :) - -- Todd OpenPGP -> KeyID: 0xD654075A | URL: www.pobox.com/~tmz/pgp ====================================================================== When I was a boy I was told that anybody could become President; I'm beginning to believe. -- Clarence Darrow -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux) Comment: When crypto is outlawed bayl bhgynjf jvyy unir cevinpl. iG0EARECAC0FAkRx+p8mGGh0dHA6Ly93d3cucG9ib3guY29tL350bXovcGdwL3Rt ei5hc2MACgkQuv+09NZUB1rCOwCeMTQOGxjYPxMCGm+tCAxnjznpep4An1WRYrSc i0lhSLsqmmJsI/RkWLXX =xKgS -----END PGP SIGNATURE-----
