...it's true that without HTTPS someone could man-in-the-middle you and get you to join a secret, ILLEGAL haskell mailing list, for NEFARIOUS purposes.  Some say demons wander those hills, seeking to lure the unwary to the unhallowed lands of javascript...

On 02/27/2018 08:23 AM, Thomas Jakway wrote:

GNU mailman passwords are explicitly _*NOT*_ secure!

_*DO NOT REUSE MAILING LIST PASSWORDS!*_


They ARE stored in plaintext and will be mailed back to you periodically on some setups to confirm that you want to remain subscribed.


On 02/25/2018 12:44 AM, 姓名 wrote:
Hi there,

I become aware of the problem that https://mail.haskell.org/mailman/listinfo/haskell send a password to http://mail.haskell.org/cgi-bin/mailman/subscribe/haskell. Probably it means this page will send a password without encryption. Could you use https instead of http, or remove this duplicate page? I had used https://mail.haskell.org/cgi-bin/mailman/listinfo/haskell instead.


_______________________________________________
Haskell mailing list
Haskell@haskell.org
http://mail.haskell.org/cgi-bin/mailman/listinfo/haskell


_______________________________________________
Haskell mailing list
Haskell@haskell.org
http://mail.haskell.org/cgi-bin/mailman/listinfo/haskell

Reply via email to