-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Mar 20, 2009, at 6:22 PM, Patrick Ben Koetter wrote:
Here's the link to a wiki I've put up to get started:
Hi Patrick,
Do you think the Mailman wiki would be a better place for this?
I will add more as I get to it. Comments, ideas, improvements are
welcome. The server part, for example, is completely empty at the moment...
One thing we discussed at last year's sprint, is the model that the
REST interface will have full admin access to Mailman's data model.
I.e. it will by design be fully authenticated. The reason for this is
that we'd like it to act as an API that other systems can use to
integrate mailing list services into their systems. For example, if
you had a web site running PHP that you wanted to use Mailman for your
mailing lists, it could use this REST API to control and query Mailman.
What this means though is that when you deploy Mailman's REST
interface, you must take care to protect it. You wouldn't want to
expose it to the internet for example. You'd want to make sure that
its interface is accessibly on via your data center, or via localhost
if you were running a turnkey standalone system.
Still, this provides great advantages, such as the ability for us to
ship a web interface as an add on, and for sites to easily swap out
the web interface, or create their own ways of accessing and
controlling Mailman without having to write Python code (which they
can do in MM2 and will be able to do in MM3, though few sites
apparently do this).
So while an account/login model is necessary (e.g. for the email
interface), it needn't be required for accessing the REST API.
Barry
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (Darwin)
iEYEARECAAYFAknHnJYACgkQ2YZpQepbvXG61QCaAyejP3BWk8XuTVoPWUfgxwy1 0f8An1uI13rnc97QoLJg/gQTBvmU/WW7 =lnPY -----END PGP SIGNATURE-----