On 4 April 2012 10:28, Petr Bena <benap...@gmail.com> wrote: > Indeed :-) > > But if I didn't think it's weird, I wouldn't start this. I am always > trying to find a solution from programmer point of view for a problems > which community sometimes try to solve "by hand". > > >From a security perspective (my speciality) there really isn't a lot of a difference between the two proposals in terms of the problems they face.
Except that the current process requires a certain "human" involvement, and scrutiny. Which is usually the best security mechanism. A determined attacker is going to be able to break through either process; but in the current setup their subsequent actions are likely to be noticed. Tom _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l