Sorry if this isn't the right forum, I'm not a subscriber, just someone who's
downloaded majordomo and is thinking about installing it on. Anyway, I'm
reading the description on how the lists can be administered via mail, which
is great, but validation is done via passwords sent in the clear, which doesn't
sound so great... how about an option that would do away with passwords, and
have majordomo check the listadmins pgp sig? Admin could send command in the
clear signed with his/her private key, majordomo checks against public key
and viola, forgery becomes much more difficult, no passwords required.
thanks for your time, sorry for barging in!
-yary
|
|
