On Wed, 14 Jun 2006 12:15:16 +1200 Penny Leach <penelope.leach@gmail.com> wrote: > On 6/14/06, Wesley J. Landaker <wjl@icecavern.net> wrote: > > > > One other possibility would be to whitelist e-mails with valid > > PGP-signatures from keys on the Debian keyring (and possibly > > another "whitelist" keyring that is only used for this purpose). > > Actually, this would be nice for all the Debian lists. =) > > > What about checking for signatures that aren't on the debian keyring, but > have had the key signed by a DD... actually that could be done by your > second option of having another whitelist keyring. > > IANADD, but have signatures from DDs on my key. Given it's a criteria for > NM, it seems reasonable to have here... That's another kind of moderated subscription, one which can be automated, but imposes very high entry barriers for some people just for subscribing a list. Some kind of list master key for signing people's keys which cannot get a DD signature but are legitimate subscribers would be required. Validating these subscribers is a manual process again. (/me just reminding that I waited for a way to get a DD signature on my key nearly a year of the two I lived in the NM queue ...) -- Ricardo Mones ~ The three principal virtues of a programmer are Laziness, Impatience, and Hubris. man perl
Attachment:
signature.asc
Description: PGP signature