> > >The same hack as rt.cpan.org uses - attempt a login on > pause.cpan.org > > >using the ID and password provided. If PAUSE accepts it, > then you know > > >it's the real thing. > > > > That would mean my server if cracked could be used to collect PAUSE > > passwords. I am not sure I'd like to have that responsibility. > > No, because you don't keep passwords. You do the auth back to > PAUSE as you > need it, and then merely record in your site's state that you did it.
I thought a special forum for discussing modules should be used not by authors themselves who have CPAN ID, but with any module users who want to discuss module properties. So, in my opinion, no CPAN authentification should happen. Best regards, Vadim (VKON)
