[Mailman-Developers] Re: GET vs POST (was Re: subscription confirmations)

[Barry A. Warsaw]

I was pulled away on other work for most of the day, but I think I've
caught up with the whole thread.

On the micro-issue of what Mailman's ttw confirmation should do, I am
much more swayed by Thomas's observation that we can actually add
useful value by providing a form that allows the user to confirm or
discard his request.  Given that I agree with everything Chuq et al
have said about the inherent insecurity of GET, that seemed to me a
more persuasive argument as it pertains narrowly to Mailman.

Unless someone wants to volunteer to do usability studies (for which I
don't have the time), I propose to change confirm.py to POST a form,
and to pull in the ability to cancel held postings and subscription
requests.  Good idea Thomas.

But I definitely appreciate the discussions Gerald initiated, and I'm
glad he did that.  Hopefully, Gerald can bring the very valid concerns
raised here before the W3C and the standards authors.  I think they're
vitally important to where the web is going.  The security and privacy
of the web has such a deservedly poor reputation, what with JavaScript
and Java vulnerabilities (and the increasing number of sites that are
simply unnavigatable without them), client-side trojans, web bugs,
hijacked ActiveX certificates etc. etc.  I really wish browser vendors
would err on the side of security and privacy than on convenience.
Sucker the user in enough times, or sucker enough of them in and the
web will not be able to recover.

-Barry