[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: spammers closing bugs in BTS

On 17/08/16 18:34, Stéphane Blondon wrote:
> Hello,
> Le 17/08/2016 à 18:14, Daniel Pocock a écrit :
>> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737921
>> Maybe time to start requiring PGP signatures on control emails to
>> the BTS?
> Requiring signature will increase the level to send bugs to the BTS
> for external people. And spammers could add a signature.
> An attempt to improve the first proposal: - If a bug report has a
> valid signature from the Debian web of trust, we could consider it
> as valid. - If no signature, a activation link into the replyied
> e-mail validates the report.

I was only talking about control emails (e.g. the -done address and
control@).  The requirements for opening bugs or submitting comments
(without pseudo-headers) could remain as they are.

Maybe it could insist that emails from addresses known to be DDs have
to be signed.  This would prevent people impersonating DDs.

Reply to: