On Tue, 2005-07-26 at 00:33 +0400, Nikita V. Youshchenko wrote: > >> As in once you confirmed one subscription the next one doesn't ask > >> anymore? Sort of greylisting? > >> > >> Sounds good. > > > > It should always ask for confirmation unless someone has specifically > > made the decision that they don't want to have to opt-in. > > Maybe it should honour subscription requests without confirmation if request > is GPG-signed by the key with uid equal to address being subscribed. >
I'm afraid this doesn't give us much. It's trivial to add uids to a GPG key, and headers aren't actually signed anyway, so you could replay signed messages to the server. Cheers, Pasc -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
