Re: spammers closing bugs in BTS
On 17/08/16 18:34, Stéphane Blondon wrote:
> Le 17/08/2016 à 18:14, Daniel Pocock a écrit :
>> Maybe time to start requiring PGP signatures on control emails to
>> the BTS?
> Requiring signature will increase the level to send bugs to the BTS
> for external people. And spammers could add a signature.
> An attempt to improve the first proposal: - If a bug report has a
> valid signature from the Debian web of trust, we could consider it
> as valid. - If no signature, a activation link into the replyied
> e-mail validates the report.
I was only talking about control emails (e.g. the -done address and
control@). The requirements for opening bugs or submitting comments
(without pseudo-headers) could remain as they are.
Maybe it could insist that emails from addresses known to be DDs have
to be signed. This would prevent people impersonating DDs.