Subject:
|
Re: I'm back...
|
Newsgroups:
|
lugnet.admin.general
|
Date:
|
Wed, 30 May 2001 14:15:56 GMT
|
Viewed:
|
224 times
|
| |
|
|
In lugnet.admin.general, Dan Boger wrote:
> A post is accepted, in some form - web, smtp or nntp. This post can then
> be processed, before actually being moved to the backend, where it's
> available for reading. It is during this processing, that a pgp/gpg
> signature can be verified, for the members who have activated this
> feature.
One problem with any kind of opt-in security or member-only security, is
that it does not protect the *community*. While spoofing someone's id
does damage to that one person, it also damages the entire community.
And if anyone can be spoofed, then the community remains at risk.
For this particular problem, a low-security password facility that
everyone is required to use would be better than a high-security system
that's optional or limited.
By 'low-security', I mean that the posting system (email, web and nntp)
would require a userid and password, but the set of acceptable passwords
would be much larger than the current member passwords.
Steve
|
|
Message has 1 Reply:
 | | Re: I'm back...
|
| (...) good point - guess web posting is easy to put a password on... nntp should be doable, though I've never played with it... as for email, guess the authorization email back to the sender method would work... Dan (23 years ago, 30-May-01, to lugnet.admin.general)
|
Message is in Reply To:
| | Re: I'm back...
|
| (...) With only guessing at the way lugnet works internally, I can't say for sure. But here's one way things might work: A post is accepted, in some form - web, smtp or nntp. This post can then be processed, before actually being moved to the (...) (23 years ago, 29-May-01, to lugnet.admin.general)
|
23 Messages in This Thread:
 
 
- Entire Thread on One Page:
- Nested:
All | Brief | Compact | Dots
Linear:
All | Brief | Compact
This Message and its Replies on One Page:
- Nested:
All | Brief | Compact | Dots
Linear:
All | Brief | Compact
|
|
|
|
