[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] subscription-request procedure?
From:       Vincent Danen <vdanen () linsec ! ca>
Date:       2008-02-20 19:32:57
Message-ID: 1203536066.7580.TMDA () linsec ! ca
[Download RAW message or body]


* [2008-02-19 16:36:45 -0500] Josh Bressers wrote:

>> > Since folks like Jim are exactly the type of people we want on the list,
>> > we need to make the process fairly simple (and fast, if possible) to
>> > prevent turning people off.
>> 
>> In fact, I think even something as simple as compulsory introduction
>> will turn some people away - e.g., those Open Source authors who are new
>> to security and would like to listen to our conversations before they
>> might dare to introduce themselves.
>> 
>> Maybe we don't really require it?  Maybe we don't really need to make
>> this list subscription-moderated?  This implies that we'll have to
>> enable message moderation (with its associated delays) even for list
>> members at some point, though.
>> 
>> To avoid the delays, we might enhance (patch) ezmlm-idx to honor its
>> "allow" list even for fully-message-moderated lists.  This is probably
>> not too hard to do, although I have not looked into it.  Normally, the
>> "allow" list appears to only be honored for lists that are
>> message-moderated for non-members.
>> 
>
>Yes, these are very good points.  I think the best solution at the moment
>would be to let anyone who is subscribed to post, and let anyone subscribe.
>If we have problems, we can tighten things up a bit later.
>
>This is one of the tricking things when starting something up such as this.
>It's easy to solve problems that don't exist, which then end up turning
>people away.
>
>FWIW, mailman has the ability to enable individual user moderation.
>Something similar would certainly be a useful feature here.

Sounds good to me.  Maybe having the thing unfettered for a time and see
how it works would be best.  If problems do come up, we can always fall
back to the subscriber-moderation and/or message moderation (although,
to be honest, I'm more in favour of subscriber-moderation than message
moderation unless spam starts to become a real problem).

-- 
Vincent Danen @ http://linsec.ca/

[Attachment #3 (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]