-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Barry Warsaw wrote:
So the question is, what do we do about the Approved header?
[...]
Comments? I think my preference would be for #1 with future support for #2 and just accepting the fact that message signatures are for power users. Maybe that set is pretty close to the set of people currently using Approved anyway.
I suspect it is close for people approving posts via email, but based on questions on the mailman-users list, there are some number of 'non-power users' using the Approved: header/body line for spoof-proof posting to announcement lists. I don't really know what the best mechanism is, but I think there needs to be some way for a user to post to an announcement list in a spoof-proof way without requiring a subsequent visit to the web interface to approve the post. I'm not sure that all the people who need to do this are comfortable with signing posts.
Mark Sapiro msapiro@value.net The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan