On 2018-06-14 1:47 PM, Warren Young wrote:
I’m not aware of any mailing list that doesn’t require a password, if only via
some outer SSO provider. Such a thing would be a spammer’s paradise, if it
existed.
In Groups.io <https://groups.io/> creating and using a password is
optional, because some users expect logging into a web site to work that
way. The other method is having the site email you a login link whenever
you need a new session.
The closest to your usability ideal that I’ve seen is automatic password resets
via email, which is itself a vulnerability, since it means anyone who can
access your email account is able to take over any such service associated with
that email account.
That is a valid criticism of Groups.io's technique. On the other hand,
it is a mailing list service - in some regards an extension of your
email service. Just don't post your most guarded secrets to the list.
Would you rather see drh spending time fighting spam or writing useful software?
I think that's the best reason for outsourcing the mailing list problem,
and the reason I spoke up here in the first place. That and the deep
development effort required and ongoing maintenance to keep up with the
changing deliverability landscape as mailbox providers evolve their
anti-abuse defenses.
As I said in my first, I don't think that choice precludes work on
building something integrated with fossil that may be interesting and
useful for drh and for us. Someone else here suggested already that what
works best as a component of fossil in support of a development team
might not be the same solution as what works best for an open community
of users and developers asking and answering questions.
Yes, I'm a mailing-list advocate, and hence a dinosaur. Which, on /this/
list in particular, is about the most hilarious insult I've seen in
quite some time.
Shal
_______________________________________________
fossil-users mailing list
[email protected]
http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
