[Mailman-Users] Moderated list: admin vs moderator

jgo john at nisus.com
Thu Feb 21 10:05:32 CET 2002 

> At Wed, 2002-02-20 12:32:06 -0800 John W Baxter wrote:
>> At 2002-02-20 13:16 -0500, Paul-Catalin Oros wrote:
>> Implicitly approved people.  I just tested this and it works fine.

> Implicitly approved people (addresses) can be forged.  Easily.

> Over on the developer list, I recently suggested using digitally
> signed messages as the implicit approval mechanism.  Now, we're
> pretty much talking people rather than addresses (throw out the
> key if one gets compromised).

> The responses were all about various ways to implicitly approve
> addresses.  No response that I recall seeing discussed digital
> signatures

I'd like to have something like what digital signatures promise
to be.  OTOH, I'd much rather have something more like what
Digicash promised to be, i.e. credentials AND anonymity.

The trouble is that now, the certification scams put the worst
scum in the world at the top of the "trust" tree, and the
encryption is much much too weak.  People rely on it too much
as it is compared to its real reliability.

I used to work with a guy who had developed a couple proprietary
operating systems.  They used an 8 character username & 8 char
pass-word, primarily because that's about as much random cruft
that people can remember, especially if they have a dozen of
them.  Once you get over 9, you've violated "the magic number
7 plus or minus 2".  Anyway, he knew this, so he used to use
very easily guessed pass-words, figuring that it didn't matter,
no practical thing he could do would really be secure, anyway,
so the heck with it.

If you solve that one, you'll be set for life.

"Experiments by psychologists such as those of [George] Miller
 [1956 March "The Magical #7, + or - 2" _The Psychological Review_
 vol 63 #12 pg 86], suggest that the maximum number of chunks of
 information that an individual can simultaneously comprehend is
 on the order of 7, plus or minus 2." --- Grady Booch 1991
 _Object-Oriented Design with Applications_ pg 14

John G. Otto, Eagle Scout, Knight, Cybernetic Praxeologist
Existence, Consciousness, Identity, Life, Liberty, Property, Privacy, Justice
<http://gosc.nisus.com/~giovanni>                      <http://www.nisus.com>

More information about the Mailman-Users mailing list