While lists.apache.org is better in so many ways than what it replaced,
a pain point for me has been authentication: in particular, following a
link to see nothing there. Sometimes it reminds me that logging in
would help, and with a number of mouse clicks I can do that, but it
doesn't always.
At the present time, ponymail supports two authentication methods:
Apache OATH (backed by LDAP) and Mozilla Persona.
In about seven weeks, Mozilla Persona will go away:
https://bugzilla.mozilla.org/page.cgi?id=persona_deprecated.html
My preference would be to replace OATH with standard HTTP basic
authentication. The issue being that this service shouldn't require
authentication for simple browsing of public lists.
Perhaps the split could be http: URLs don't require/support
authentication, and https: URLs do?
- Sam Ruby
