Hello, I finally created an account in pootle using http only (as I understood, there is no https yet) which was really annoying as of course the password went in plaintext over the (http) wire. After creation, I got an *unencrypted* e-mail *including my password*, so the plaintext password got sent over another "wire" again! I am really disappointed here - usually Debian takes pride to ensure proper security and even before working with i18n.debian.net I encounter two grave security problems which are well known and should easily be avoided. Or is i18n.debian.net just one of the many projects where security is bolted on later when something happend or a CVE number has been assigned? And just after I finally logged in, I got "greeted" by a completely empty white page :-(( Disappointed Helge -- Dr. Helge Kreutzmann debian@helgefjell.de Dipl.-Phys. http://www.helgefjell.de/debian.php 64bit GNU powered gpg signed mail preferred Help keep free software "libre": http://www.ffii.de/
Attachment:
signature.asc
Description: Digital signature