Re: [Bitcoin-development] Is SourceForge still trustworthy enough to host this list?
On Wed, Jun 10, 2015 at 09:36:23PM +0300, s7r wrote: The mail list is public, so it's not like the data on it is somehow sensitive. Sourcefoge is fine, it has a nice web UI where you can browse the message and sort/order them as you want, etc. Why would you want to move to a paid solution? And why would you want users to have to pay per message? This is the worst idea ever from my point of view. We want to encourage people to join the community, run full nodes, ask questions, come with solutions, ideas for improvements and so on. Everyone should read and write and contribute as much as possible with ideas in debates. You never know who can have bright ideas in some contexts. Bottom line is so far sourceforge handles the mail lists just fine. I don't see a single advantage another mail list provider / system could offer, except some headache and extra work for migration. The software distribution via sourcefoge was cancelled for obvious reasons which I fully understand and agree to, but it has nothing to do with the mail lists. We have way more important things to brainstorm about. I completely agree here. I'm not against migration if a much better option comes along, but e.g. paying for another provider sounds like nonsense when sourceforge does this for free (with some minor annoyances - other providers will have their own). Paying per message is far-fetched, something that could work in economic theory with perfectly spherical people in their perfectly efficient market. In practice the likely result would be a mailing list only used for advertisement and promotion, and technical discussion and release announcements would disappear. BTW for people that *don't* like sourceforge's web archive UI there are some other options via gmane: http://dir.gmane.org/gmane.comp.bitcoin.devel Wladimir -- ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] Is SourceForge still trustworthy enough to host this list?
On Wed, Jun 10, 2015 at 10:25:12AM +0200, xor wrote: http://www.howtogeek.com/218764/warning-don%E2%80%99t-download-software-from-sourceforge-if-you-can-help-it/ All our downloads (even old ones) have recently been deleted from sourceforge, for this reason. They haven't been mentioned in Bitcon Core release announcements for a long time. No opinion on the mailing list. Though I think it's less urgent. The issue of moving the mailinglist has come up before a few times and people can't agree where to move to. Wladimir -- ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] Is SourceForge still trustworthy enough to host this list?
Andy Schroder On 06/10/2015 03:20 PM, Peter Todd wrote: On Wed, Jun 10, 2015 at 03:12:02PM -0400, Andy Schroder wrote: Andy Schroder On 06/10/2015 03:03 PM, Peter Todd wrote: 4. Seems like digital signatures are always broken on messages because the list server slightly modifies them (?), so my e-mail client doesn't verify them all. What type of digital signatures specifically? What email client? I think they are usually PGP/MIME signatures that are not working right. If you'll notice from my e-mail headers: User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0 X-Enigmail-Version: 1.6 It might be that Thunderbird doesn't properly handle messages with both signed and unsigned content. I use mutt myself, which handles it just fine. (the sigs on your emails verify just fine for instance) It's possible that the enigmail extension is not working right, but I was under the impression that it is just feeding data to gpg and then receiving the response back. It's possible that your e-mail you just checked was not sent through mailman since I also replied directly to you explicitly (in which case the message has not been modified) and you probably have the setting in the mailing list set to not send duplicate messages if you are an explicit TO. I just deleted all explicit TOs for this message, so everyone should be receiving it through the mailing list and not directly. Is the signature still valid for you now? I think enigmail can handle messages with some signed and unsigned content, and maybe PGP/MIME inherently does not support this and a mailing list re-writing parts of messages is an expected action? If this message re-writing is an expected action and I'm correct that PGP/MIME does not support partially signed content, then maybe it is just a recommendation for this mailing list to not use PGP/MIME for messages sent to the list? Can anyone else confirm? signature.asc Description: OpenPGP digital signature -- ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] Is SourceForge still trustworthy enough to host this list?
On Wed, Jun 10, 2015 at 11:59 AM, Andy Schroder i...@andyschroder.com wrote: Hello, A couple of motivations for a mailing list switch: 1. Sometimes the mailing list delays delivery for 10 minutes to several days. 2. There are usually lots of ads at the footer of the messages. Really confuses new readers (for me at least), and seems like it really pollutes such a historical dialog that may be referenced long into the future. How would it be if the 10 Commandments, Magna Carta, Bill of Rights, The Sermon on the Mount, or The Gettysburg Address had ads intertwined within them? 3. Don't think HTML messages are allowed. 4. Seems like digital signatures are always broken on messages because the list server slightly modifies them (?), so my e-mail client doesn't verify them all. Not only -- mail header rewrites cause all my emails to go into people's spam folders, if they were not directly listed in the To/CC headers... 1. Andy Schroder On 06/10/2015 02:36 PM, s7r wrote: The mail list is public, so it's not like the data on it is somehow sensitive. Sourcefoge is fine, it has a nice web UI where you can browse the message and sort/order them as you want, etc. Why would you want to move to a paid solution? And why would you want users to have to pay per message? This is the worst idea ever from my point of view. We want to encourage people to join the community, run full nodes, ask questions, come with solutions, ideas for improvements and so on. Everyone should read and write and contribute as much as possible with ideas in debates. You never know who can have bright ideas in some contexts. Bottom line is so far sourceforge handles the mail lists just fine. I don't see a single advantage another mail list provider / system could offer, except some headache and extra work for migration. The software distribution via sourcefoge was cancelled for obvious reasons which I fully understand and agree to, but it has nothing to do with the mail lists. We have way more important things to brainstorm about. On 6/10/2015 7:46 PM, Andy Schroder wrote: Regarding changing the e-mail list provider. Is anyone interested in sponsoring it? There are non-free options, but it may be difficult to always ensure the fee is being paid to the provider. I think finding an agreeable free solution may have been the issue before? I've also thought of trying to make a pay per message or byte solution (and this cost could be dynamic based upon the number of current mailing list subscribers). This could solve the who pays problem (the sender pays), as well as motivate people to be more concise and clear with their messages, and at the same time limit spam. Any thoughts? Andy Schroder On 06/10/2015 05:35 AM, Wladimir J. van der Laan wrote: On Wed, Jun 10, 2015 at 10:25:12AM +0200, xor wrote: http://www.howtogeek.com/218764/warning-don%E2%80%99t-download-software-from-sourceforge-if-you-can-help-it/ All our downloads (even old ones) have recently been deleted from sourceforge, for this reason. They haven't been mentioned in Bitcon Core release announcements for a long time. No opinion on the mailing list. Though I think it's less urgent. The issue of moving the mailinglist has come up before a few times and people can't agree where to move to. Wladimir -- -- ___ Bitcoin-development mailing listBitcoin-development@lists.sourceforge.nethttps://lists.sourceforge.net/lists/listinfo/bitcoin-development -- ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development -- Jeff Garzik Bitcoin core developer and open source evangelist BitPay, Inc. https://bitpay.com/ -- ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] Is SourceForge still trustworthy enough to host this list?
Hello, Thanks for testing this clarifying things about PGP/MIME and I apologize for wasting your time with it. It looks like a SPAM filtering service I use is re-writing some parts of some plain text messages with some special/alternate encoding characters (not sure what it really is). Anyway, if I manually export/import a message from gmane (bypassing my e-mail SPAM filter), thunderbird/enigmail is not having problems verifying signatures. I guess I never realized this before because all other signed messages I normally receive are encrypted and the SPAM filter does not mess with non plain text data. Andy Schroder On 06/10/2015 03:43 PM, Peter Todd wrote: On Wed, Jun 10, 2015 at 03:36:42PM -0400, Andy Schroder wrote: It's possible that the enigmail extension is not working right, but I was under the impression that it is just feeding data to gpg and then receiving the response back. It's possible that your e-mail you just checked was not sent through mailman since I also replied directly to you explicitly (in which case the message has not been modified) and you probably have the setting in the mailing list set to not send duplicate messages if you are an explicit TO. I just deleted all explicit TOs for this message, so everyone should be receiving it through the mailing list and not directly. Is the signature still valid for you now? I think enigmail can handle It has perfectly valid signatures, as do your earlier messages to the list. messages with some signed and unsigned content, and maybe PGP/MIME inherently does not support this and a mailing list re-writing parts of messages is an expected action? If this message re-writing is an expected action and I'm correct that PGP/MIME does not support partially signed content, then maybe it is just a recommendation for this mailing list to not use PGP/MIME for messages sent to the list? PGP/MIME definitely does support partially signed content. signature.asc Description: OpenPGP digital signature -- ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] Is SourceForge still trustworthy enough to host this list?
The mail list is public, so it's not like the data on it is somehow sensitive. Sourcefoge is fine, it has a nice web UI where you can browse the message and sort/order them as you want, etc. Why would you want to move to a paid solution? And why would you want users to have to pay per message? This is the worst idea ever from my point of view. We want to encourage people to join the community, run full nodes, ask questions, come with solutions, ideas for improvements and so on. Everyone should read and write and contribute as much as possible with ideas in debates. You never know who can have bright ideas in some contexts. Bottom line is so far sourceforge handles the mail lists just fine. I don't see a single advantage another mail list provider / system could offer, except some headache and extra work for migration. The software distribution via sourcefoge was cancelled for obvious reasons which I fully understand and agree to, but it has nothing to do with the mail lists. We have way more important things to brainstorm about. On 6/10/2015 7:46 PM, Andy Schroder wrote: Regarding changing the e-mail list provider. Is anyone interested in sponsoring it? There are non-free options, but it may be difficult to always ensure the fee is being paid to the provider. I think finding an agreeable free solution may have been the issue before? I've also thought of trying to make a pay per message or byte solution (and this cost could be dynamic based upon the number of current mailing list subscribers). This could solve the who pays problem (the sender pays), as well as motivate people to be more concise and clear with their messages, and at the same time limit spam. Any thoughts? Andy Schroder On 06/10/2015 05:35 AM, Wladimir J. van der Laan wrote: On Wed, Jun 10, 2015 at 10:25:12AM +0200, xor wrote: http://www.howtogeek.com/218764/warning-don%E2%80%99t-download-software-from-sourceforge-if-you-can-help-it/ All our downloads (even old ones) have recently been deleted from sourceforge, for this reason. They haven't been mentioned in Bitcon Core release announcements for a long time. No opinion on the mailing list. Though I think it's less urgent. The issue of moving the mailinglist has come up before a few times and people can't agree where to move to. Wladimir -- -- ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development -- ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
