Philippe 'BooK' Bruhat wrote: >> Post-Mortems are a community resource. If the community wants to >> litter them with garbage, that's the community's choice. > >Anybody can post, not just the community.
Good point, but this would be true with or without passwords. >> >I'd say PGAS needs a semi-elaborate way to confirm one identity, for >> >example with a login/password. >> >> I still have much to learn about web security, but it seems to me >> that if PGAS were to require passwords, it would need to use SSL. >> SSL is not an option in the near future. For now, the integrity >> of the community will have to suffice. > >We are not talking e-commerce security here. If your password get stolen >or sniffed or whatever, it's not a big problem. Sure it is. What's the point of having passwords if it's not a big deal if they get stolen? >But having password protected submissions would at least prevent errors >(woops, wrong click), and the usual mischief (which is bound to happen, >if these competitions continue to grow). I don't see how passwords would prevent wrong click errors. The "usual mischief" includes the sniffing and stealing of passwords. >And imagine a misconfigured player script in the Games::Golf distribution! I don't understand what this means.
