On Wed, Nov 16, 2016 at 12:13 PM, emilio lorenzo <[email protected]> wrote: > vote 1+ for first part of the proposal
That part is already available. > vote 1- for second part.... Not very sure about harvesting or exposing > versions and modules across system interface. Too many advantages for > networks hooligans and hackers.. Well, first, those parts are already there and publicly exposed (xmlui, jspui, oai, rest, rdf), so the right thing to do is to make them resilient against attacks, not to pretend they're not exposed. Second, there must be an option for the administrator not to expose this information (not all repositories are production and public installations). And finally, this is supposed to actually help security. You'll be able to register your instance (just once) along with your email address and then get a custom-tailored notification that your particular installation is affected by a security bug because you're using version X.Y with module Z. Regards, ~~helix84 Compulsory reading: DSpace Mailing List Etiquette https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette -- You received this message because you are subscribed to the Google Groups "DSpace Technical Support" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/dspace-tech. For more options, visit https://groups.google.com/d/optout.
