[Mailman-Users] Cookies

John A. Martin jam at jamux.com
Mon Nov 29 23:36:39 CET 1999 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>>>>> "Barry" == Barry A Warsaw
>>>>> "Re: [Mailman-Users] Cookies"
>>>>>  Mon, 29 Nov 1999 14:49:27 -0500 (EST)

>>>>> "jfesler" ==   <jfesler at gigo.com> writes:

    jfesler> Your users can subscribe and unsubscribe using email.
    jfesler> They have no reason to use the web pages, if you guys
    jfesler> really believe that cookies are evil.  As to maintaining
    jfesler> the lists, that's a whole different story..

    Barry> Yeah, unfortunately the admin pages just don't work so well
    Barry> without cookies.

So is it just inconvenient or does it not work at all?  I found I
could navigate but hadn't tried changing anything on the admin pages.

    Barry> All user interactions should be fine
    Barry> though.  In the short term, you can probably still be
    Barry> honest about your privacy statement if all your list admins
    Barry> are internal to your organization, since your list members
    Barry> will never have to worry about it.

Most of the list administrators are outsiders.

Present management inherited about 120 listproc lists with an
aggregate of about 30K subscribers and the listproc owners file cuts
and uniques to about 80 of which less than half grep away on the
hosting domain.

Advertising a clear and definite statement as to what the cookies do
and why _might_ be tolerated as a stop gap awaiting a single-login
setup.  However, having normal subscribers see a cookie request when
visiting the list members pages would not be appreciated.  I believe
this happens when viewing private archives.

A diluted privacy statement something like (from www.isc.org)

	Cookie technology is not being used at our web sites to
	identify your viewing habits, references, or requests when
	they are interspersed with other requests from the same
	domain.

with a succinct explanation of what cookies are used for in connection
with the mailing lists might be worth considering.  Can you help with
possible language describing how mailman uses cookies and why?

Is it realistic to expect to have a single-login option any time soon,
for some definition of soon?

It may be very difficult to overcome the requirement to comply with a
simple "no cookie" policy.

	jam

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.0 (GNU/Linux)
Comment: By Mailcrypt 3.5.4 and Gnu Privacy Guard <http://www.gnupg.org/>

iD8DBQE4Qv/lUEvv1b/iXy8RAlo8AJ9saeTLr96JVgGDBY3e7+yt0X2q9wCgivMU
MK+gnHd6RSvdWB4YHLJ1yBQ=
=U6lu
-----END PGP SIGNATURE-----

More information about the Mailman-Users mailing list