[Mailman-Developers] Re: subscription confirmations

Gerald Oskoboiny gerald@impressive.net
Wed, 18 Jul 2001 17:24:14 -0400

On Tue, Jul 17, 2001 at 05:27:52PM -0700, Chuq Von Rospach wrote:
> On 7/16/01 11:35 PM, "Gerald Oskoboiny" <gerald@impressive.net> wrote:
> > I think the HTTP spec is fairly clear about most of this:
> Gerald - I hope this is taken in a team-building way, since it's what I
> intend it to be.=20

Sure. I am trying to be clear but apparently not succeeding :(

> > If it happens once in a while with an obscure site here and there,
> > that's much less of a problem than if some popular software like
> > Mailman is doing the wrong thing
> I'm sorry, but I consider this ducking the issue again. You're complete=
> ignoring the white hat/black hat issue,and hiding behind "obscure" and =
> a significant issue" and other rationalizations, while still trying to =
> that Mailman is none of those, and therefore ought to consider this a c=
> issue.=20
> But since I've tried three times now to get you to deal with this
> double-standard and gotten nowhere, I'll drop it. No sense beating a de=
> horse. You clearly don=B9t' want to deal with the issue, so I'll stop p=
> But I'm disappointed, to be honest about it.

Hmm... I don't know how I managed to give the impression that I'm
ducking this issue. It's clear that we are miscommunicating somehow.

I consider all violations of this part of the HTTP spec to be a
problem, but I don't think the problem is yet widespread enough
that we need to declare the HTTP spec irrelevant and just use
GET and POST with no regard for their intended semantics.

I would like to try to get all the broken implementations that I
know about fixed, but because my time is limited I tend to focus
on the ones that I consider most important, currently Mailman.

Because I know there are broken implementations out there, I
would not recommend that most people try prefetching any URLs
they see in their incoming email, but I wouldn't mind trying it
myself because I'm a web nerd and I want to find out about broken
implementations anyway. (and arrange for them to be fixed)

Does any of that help clarify my position?

Many of your other comments seem to be about the quality and clarity
of the HTTP spec, which I don't think needs to be discussed here,
but I encourage you to take it up elsewhere if you like. (e.g.
www-talk, http://www.w3.org/Mail/Lists#www-talk )

Gerald Oskoboiny <gerald@impressive.net>