ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Bad mailing list practice?

2004-09-01 15:21:03
from [David Frascone] [Permanent Link] 
Mailman passwords are always sent in the clear, and are considered to
be insecure.  I believe there was verbage about that when I got my
password.

Just my $.02 worth,


-Dave

On Wednesday, 01 Sep 2004, Cyrus Daboo wrote:

A public mailbox (accessible by anyone with an IMAP client) just received a 
mailman reminder about a subscription to this list. That message contained 
a clear-text password (actually several in this case). Whilst mailman does 
have an option for subscribers to turn off the password reminder I think it 
is bad practice to have that default to 'on' for new subscribers given that 
mailing lists are often piped into public archives.

-- 
Cyrus Daboo

_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf



-- 
David Frascone

    Professionals built the Titanic, amateurs built the ark.

_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Bad mailing list practice?, Cyrus Daboo
Next by Date:  Re: I-D ACTION:draft-josefsson-dns-url-09.txt, Simon Josefsson
Previous by Thread:  Bad mailing list practice?, Cyrus Daboo
Next by Thread:  Re: I-D ACTION:draft-josefsson-dns-url-09.txt, Simon Josefsson
Indexes:  [Date] [Thread] [Top] [All Lists]