[Mailman-Developers] Re: Future of pipermail?

J C Lawrence claw@kanga.nu
Wed, 22 Nov 2000 12:11:40 -0800 

On Tue, 21 Nov 2000 23:59:47 -0800 
Chuq Von Rospach <chuqui@plaidworks.com> wrote:

> At 2:26 AM -0500 11/22/00, Bill Bumgarner wrote:

>> Anything that is *using* Mailman as
>> just-another-moving-part-among-many faces the memebership
>> management problem and it is nasty,nasty,nasty.

> If we end up doing the authentication widget, I want it to ship
> with a set of modules and/or interfaces. That would include one
> that does personal home pages, surveys, an interface to mailman,
> an interface to a web forum, an LDAP interface of some sort for
> external directory lookup and authentication purposes, and a few
> other toys.

I have slight allergic reactions here.  Yes, I agree that a generic
modular authentication model would be extremely useful (and I'd kill
for a sufficiently flexible one), and it would be good if Mailman
were able to plug into such a thing were it to be available on the
local system, I don't see this as a Mailman specific problem, or one
that should really be considered part of or rolled into the Mailman
design process outside of "we should be able to integrate with one
of those if its available, otherwise we punt to our LCD
implementation".

> With it and a few key tools, you can easily do 90% of Yahoo, minus
> the big muther sets of data, but when it's done, you're very close
> to a yahoo portal with clubs, IRC, egroups and some other tools
> all rolled into a single cohesive beast -- and it'll scale, and it
> will be extensible through a standard interface.

Which, while a nice problem, is not the problem I belive Mailman is
trying to solve.  Mailman should of course play nicely with such
solutions (yes, plural), but I see considerable loss to be realised
if we tie it to a specific implementation or model (eg Zope), and
abstracting at just the API level (as versus at the process level)
is going to tend to lead you in that direction.

> (and what I find scary is I don't see *anything* that is
> technically a huge stretch. it's all engineering, not magic...

Too true (written as one who has just re-engineered his own auth
models).  There's no rocket science here, just the normal stack of
security model and privacy concerns.

-- 
J C Lawrence                                       claw@kanga.nu
---------(*)                        : http://www.kanga.nu/~claw/
--=| A man is as sane as he is dangerous to his environment |=--