On 10/02/2013 12:03 AM, Greg wrote: > Running a mailing list is not hard work. There are only so many things > one can fuck up. This is probably one of the biggest mistakes that can > be made in running a mailing list, and on a list that's about software > security. It's just ridiculous.
While I agree in principle, I don't quite like the tone here. But I liked your password, though. ;-) And no: there certainly are bigger mistakes an admin of a mailing list can do. Think: members list, spam, etc.. > A mailing list shouldn't have any passwords to begin with. There is no > need for passwords, and it shouldn't be possible for anyone to > unsubscribe anyone else. > > User: Unsubscribe [EMAIL] -> Server > Server: Are you sure? -> [EMAIL] > User@[EMAIL]: YES! -> Server. > > No passwords, and no fake unsubscribes. For that to be as secure as you make it sound, you still need a password or token. Hopefully a one-time, randomly generated one, but it's still a password. And it still crosses the wires unencrypted and can thus be intercepted by a MITM. The gain of that approach really is that there's no danger of a user inadvertently revealing a valuable password. The limited life time of the OTP may also make it a tad harder for an attacker, but given the (absence of) value for an attacker, that's close to irrelevant. Regards Markus Wanner _______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography