Terri Oda wrote: > >I was thinking that it'd be best replaced with timed >email-authorization things, the way you can currently unsubscribe >without a password. I don't know how long the timeout on those things >are, but having it send you an email with a link to the archives or >your options seems feasible. Having the links only be valid for a >given time (say, an hour?) would reduce the threat of dictionary >attacks *and* mean that more users can figure out how to do things on >their own. ;)
I don't see how any kind of "on demand" e-mail authorization for private archives could work well. People want to be able to visit the archives at times/from places where they may not have access to e-mail sent to their subscribed address. Also people want to be able to post links to messages in private archives and the readers of such posts should be able to follow those links with a minimum of extra burden. -- Mark Sapiro <[EMAIL PROTECTED]> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan _______________________________________________ Mailman-Developers mailing list Mailman-Developers@python.org http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
