[Mailman-Users] [Mailman-Developers] openID enabled mailman

Stephen J. Turnbull stephen at xemacs.org
Sat Jun 13 13:37:51 CEST 2009 

Malveeka Tewari writes:

 > Our focus is on providing Single Sign On but we do not want to delegate
 > authentication to a third party. Hence we want to implement OpenID provider
 > for our Mailman service.

I don't think this is a good idea.  Mailman is designed to deliver
single messages to multiple parties, which it does very well, and to
manage member lists, which it does tolerably well for many purposes.
It is not designed to keep secrets.  You may not now particularly
care, but it could be very annoying later if you decide you want more
security and need to switch your system.

Better to put your provider in a separate place from Mailman, and have
Mailman rely on and trust only your provider.  You could do them on
the same host if necessary but in the long run you might want to have
the provider on a dedicated host, depending on how serious you become
about security.

 > and OpenID relying partyOD for our wiki etc.
 > 
 > Now for the OpenID provider we may choose to have new passwords or use the
 > mailman passwords. For ease of users, we want to use the mailman passwords
 > for the OpenID provider.

Again, Mailman is not very secure.  In the default configuration,
passwords are mailed out in cleartext over non-secure channels (and
even so-called secure mail is pretty tricky -- it's much easier to
secure a web application).  The passwords are also stored in the
clear.  This means that if you want to set up OpenID for existing
users by transferring their passwords, it should be possible (I don't
know how offhand, though).

I don't recommend that, either.  Normally, people don't care that much
as there's not much damage that can be done via a mailing list, except
spamming, and most lists have additional defenses against that.  But
you plan to rely on these passwords to secure multiple services,
making the value of cracking one that much higher.  I would ask my own
users to set new passwords in this situation.

Of course, all these issues depend on a lot of factors.  You may have
better security than the default for the Internet in place, or much
more careful users, etc.

More information about the Mailman-Users mailing list