| | Re: I'm back...
|
| (...) yikes... what I'd like to see is a setup that we can use pgp signed messages, to athunticate posts... but that would require a fair bit of coding, and it doesn't seem that Todd has much time now... :/ Dan (23 years ago, 25-May-01, to lugnet.admin.general)
| | | | Re: I'm back...
|
| (...) Authenticating posting means putting security against all the mechanisms used to post, nntp, mail, and web, no? It might take less time and effort to provide a way to web cancel posts if you authenticate that you are who you say you are. This (...) (23 years ago, 25-May-01, to lugnet.admin.general)
| | | | (canceled)
|
| | | | | Re: I'm back...
|
| "Larry Pieniazek" <lpieniazek@mercator.com> wrote in message news:GDwut6.CuA@lugnet.com... (...) Also, paid members should be able to enter their confirmation code for their news post setup into something that will associate that posting email (...) (23 years ago, 25-May-01, to lugnet.admin.general)
| | | | Re: I'm back...
|
| (...) Why not do this: Shut off posting by mail completely. Let people read, but not post. Require authentication via nntp same as web (this should be simple - in fact it should be a toggle to turn it on, then an option to pull the username & (...) (23 years ago, 27-May-01, to lugnet.admin.general)
| | | | RE: I'm back...
|
| (...) Hey! What about those of us who use email to read and post? Makes it easier to keep a record of all your posts. It does look like it might be difficult to authenticate email posts, though. --Bram Bram Lambrecht bram@cwru.edu (URL) (23 years ago, 27-May-01, to lugnet.admin.general)
| | | | Re: I'm back...
|
| (...) Well, I'd say you could switch. And I'd rank the inconvenience to the (probably small number of) people who do post via email as much less significant than the increased security and authenticity the LUGNET community as a whole would gain. (...) (23 years ago, 27-May-01, to lugnet.admin.general)
| | | | Re: I'm back...
|
| (...) Is the usual method easy to fake out, then? By "the usual method" I mean the system we used back when I was an undergraduate, where every post to an all-campus distribution list would cause an automated response to the originating e-mail, (...) (23 years ago, 27-May-01, to lugnet.admin.general)
| | | | Re: I'm back...
|
| (...) Sounds like something that may very well be a standard option in list management/distrobution software, but may not be applicable, without additional coding, to the method Todd uses to take posts from email and zap them into the news server. (...) (23 years ago, 27-May-01, to lugnet.admin.general)
| | | | Re: I'm back...
|
| (...) Are there any verification things that are part of the official NNTP protocol? If not, then anyone who uses a standard old newsreader could end up being out of luck. I use 'gnus' inside Gnu emacs, for example. I also have absolutely no idea (...) (23 years ago, 28-May-01, to lugnet.admin.general)
| | | | (canceled)
|
| | | | | Re: I'm back...
|
| (...) Every news reader I've used on a PC (Outlook Express, Netscape Communicator, and WinVN) has had the ability to authenticate. Frank (23 years ago, 28-May-01, to lugnet.admin.general)
| | | | Re: I'm back...
|
| (...) Gnus handles NNTP servers that need password authentication just fine. At least for fairly new versions of Gnus. If you have GNU Emacs 20.x, you should be fine. You can also specify the username and password required in an rc file, so that you (...) (23 years ago, 28-May-01, to lugnet.admin.general)
| | | | Re: I'm back...
|
| (...) With only guessing at the way lugnet works internally, I can't say for sure. But here's one way things might work: A post is accepted, in some form - web, smtp or nntp. This post can then be processed, before actually being moved to the (...) (23 years ago, 29-May-01, to lugnet.admin.general)
| | | | Re: I'm back...
|
| (...) Of course, once authenticated as anybody, you can post as anyone else with ease, neh? (23 years ago, 29-May-01, to lugnet.admin.general)
| | | | Re: I'm back...
|
| (...) One problem with any kind of opt-in security or member-only security, is that it does not protect the *community*. While spoofing someone's id does damage to that one person, it also damages the entire community. And if anyone can be spoofed, (...) (23 years ago, 30-May-01, to lugnet.admin.general)
| | | | Re: I'm back...
|
| (...) good point - guess web posting is easy to put a password on... nntp should be doable, though I've never played with it... as for email, guess the authorization email back to the sender method would work... Dan (23 years ago, 30-May-01, to lugnet.admin.general)
| |