Skip to Content.
Sympa Menu

cacert-sysadm - blog curent status + possible wider range of accepted CAs. was: Re: blog / comments

cacert-sysadm AT lists.cacert.org

Subject: CAcert System Admins discussion list

List archive

blog curent status + possible wider range of accepted CAs. was: Re: blog / comments


Chronological Thread 
  • From: Daniel Black <daniel AT cacert.org>
  • To: cacert-sysadm AT lists.cacert.org
  • Cc: Ian G <iang AT cacert.org>
  • Subject: blog curent status + possible wider range of accepted CAs. was: Re: blog / comments
  • Date: Mon, 5 Oct 2009 13:55:11 +1100
  • Authentication-results: lists.cacert.org; dkim=pass (1024-bit key) header.i= AT cacert.org; dkim-asp=none
  • Organization: CAcert

On Monday 05 October 2009 06:20:56 Ian G wrote:

> If that is so, and they are CAcert certs, then do we really need to have
> any spam control on there?

no, probably not. Also currently comments with more that 4 links are held in 
moderation too.
> 
> theoretically we would need them only for other certs. 
maybe. I'm tempted to keep it on until there is definitely a problem.

> But even client certs from well known & governed CAs should probably be 
acceptable as a  barrier without subjecting them to spam control.

I've contemplated deploying this too. I wouldn't mind a discussion of 
allowing 
a wider set of client certificate holders to participate at some level on our 
certificate authenticated services.

> >> What would be the workload to moderate / control and who
> >> does it?
> >
> > A setting can enable comments without registration/login.
> >
> > don't know how much workload that would be. I'm imaging at least 5 spams
> > a day. This is what we were gettting when registration was still required
> > to comment. Now that I've got this to 0 handling this many is more than I
> > want to deal with. Volunteers welcome.
> 
> I just looked at 290 in the queue, all spam,

All in the Akismet Spam section I'm guessing. It was pretty good when it was 
running.

> all from the same IP#.

which is the Tunix firewall - it just shows they used http to get to the blog
> I deleted them...
ok
> 
> Now that a cert is required, my guess is we won't see any more.
I would imagine so. The days since deployment didn't see any. I'll give it 
one 
more change to see if it catches any more false positives.


-- 
Daniel Black
Infrastructure Administrator
CAcert

Attachment: signature.asc
Description: This is a digitally signed message part.




Archive powered by MHonArc 2.6.16.

Top of Page