Le Jeu 21 Juillet 2005 15:22, Yaroslav Halchenko a écrit : > > attached (valid) GPG/PGP signatures (from a valid developer?)" > > -- valid GPG signature present on public servers, not necessarily > from a valid DD seems to be a valid scheme. I haven't seen any spam > GPG signed yet that sucks, I want to be able to close bugs, even if I'm using a M$ computer with no gpg plugin on it (on from an unsecure machine where I don't want to unlock my gpg key). > -- another idea would be to use the same authentication as used by > most of the mailing list servers -- verification of intent: > confirmation email sent to the originating email address and reply to > it keeping subject with a key code intact would verify that it was a > valid request. Otherwise original request expires in a day or two if > it doesn't get confirmed. > Then anyone who wants automate this process writes a 2 liner procmail > rule ;-) that's way better. -- ·O· Pierre Habouzit ··O madcoder@debian.org OOO http://www.madism.org
Attachment:
pgpWegfRt9mTF.pgp
Description: PGP signature