From owner-freebsd-security  Wed Dec  5 11:44:55 2001
Delivered-To: freebsd-security@freebsd.org
Received: from netau1.alcanet.com.au (ntp.alcanet.com.au [203.62.196.27])
	by hub.freebsd.org (Postfix) with ESMTP id 080C837B417
	for <freebsd-security@FreeBSD.ORG>; Wed,  5 Dec 2001 11:44:51 -0800 (PST)
Received: from mfg1.cim.alcatel.com.au (mfg1.cim.alcatel.com.au [139.188.23.1])
	by netau1.alcanet.com.au (8.9.3 (PHNE_22672)/8.9.3) with ESMTP id GAA01306;
	Thu, 6 Dec 2001 06:44:47 +1100 (EDT)
Received: from gsmx07.alcatel.com.au by cim.alcatel.com.au
 (PMDF V5.2-32 #37641) with ESMTP id <01KBJEGYX3TCVFKWPQ@cim.alcatel.com.au>;
 Thu, 6 Dec 2001 06:44:27 +1100
Received: (from jeremyp@localhost)	by gsmx07.alcatel.com.au (8.11.6/8.11.6)
 id fB5Jiif90572; Thu, 06 Dec 2001 06:44:44 +1100
Content-return: prohibited
Date: Thu, 06 Dec 2001 06:44:44 +1100
From: Peter Jeremy <peter.jeremy@alcatel.com.au>
Subject: Re: Mail list is posting gone virus!!!!
In-reply-to: <20011205165339.462183B1A2@gemini.nersc.gov>; from dart@nersc.gov
 on Wed, Dec 05, 2001 at 08:53:39AM -0800
To: Eli Dart <dart@nersc.gov>
Cc: Brett Glass <brett@lariat.org>, freebsd-security@FreeBSD.ORG
Mail-Followup-To: Eli Dart <dart@nersc.gov>,
	Brett Glass <brett@lariat.org>, freebsd-security@FreeBSD.ORG
Message-id: <20011206064443.B90238@gsmx07.alcatel.com.au>
MIME-version: 1.0
Content-type: text/plain; charset=us-ascii
Content-disposition: inline
User-Agent: Mutt/1.2.5i
References: <brett@lariat.org> <20011205165339.462183B1A2@gemini.nersc.gov>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

On 2001-Dec-05 08:53:39 -0800, Eli Dart <dart@nersc.gov> wrote:
>Brett makes a very good point.  This is a _security_ mailing list, 
>for discussion of security issues.  IMHO, there is no need for 
>anything but plaintext traffic on this list.  If people are going to
>send patches, they can include them as part of the text of the 
>message.  This means that PGP signatures get lost, but exceptions can 
>be made if that's deemed important.

Personally, I think that - as a security list - the ability to
include PGP signatures is critical.  Official security announcements
are signed - this is a good thing.  It may also be relevant to
occasionally submit small amounts of code when discussing security
issues.  Overall, I'd like to allow the use of MIME, but restrict
it to text/plain, application/pgp-signature (and similar) and
maybe text/quoted-printable (with a restriction to ensure that the
latter is really text).  (Yes, you can write an ASCII virus, but
it takes more skill than most virus writers have).

Peter

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message