cacert-sysadm AT lists.cacert.org
Subject: CAcert System Admins discussion list
List archive
blog curent status + possible wider range of accepted CAs. was: Re: blog / comments
Chronological Thread
- From: Daniel Black <daniel AT cacert.org>
- To: cacert-sysadm AT lists.cacert.org
- Cc: Ian G <iang AT cacert.org>
- Subject: blog curent status + possible wider range of accepted CAs. was: Re: blog / comments
- Date: Mon, 5 Oct 2009 13:55:11 +1100
- Authentication-results: lists.cacert.org; dkim=pass (1024-bit key) header.i= AT cacert.org; dkim-asp=none
- Organization: CAcert
On Monday 05 October 2009 06:20:56 Ian G wrote:
> If that is so, and they are CAcert certs, then do we really need to have
> any spam control on there?
no, probably not. Also currently comments with more that 4 links are held in
moderation too.
>
> theoretically we would need them only for other certs.
maybe. I'm tempted to keep it on until there is definitely a problem.
> But even client certs from well known & governed CAs should probably be
acceptable as a barrier without subjecting them to spam control.
I've contemplated deploying this too. I wouldn't mind a discussion of
allowing
a wider set of client certificate holders to participate at some level on our
certificate authenticated services.
> >> What would be the workload to moderate / control and who
> >> does it?
> >
> > A setting can enable comments without registration/login.
> >
> > don't know how much workload that would be. I'm imaging at least 5 spams
> > a day. This is what we were gettting when registration was still required
> > to comment. Now that I've got this to 0 handling this many is more than I
> > want to deal with. Volunteers welcome.
>
> I just looked at 290 in the queue, all spam,
All in the Akismet Spam section I'm guessing. It was pretty good when it was
running.
> all from the same IP#.
which is the Tunix firewall - it just shows they used http to get to the blog
> I deleted them...
ok
>
> Now that a cert is required, my guess is we won't see any more.
I would imagine so. The days since deployment didn't see any. I'll give it
one
more change to see if it catches any more false positives.
--
Daniel Black
Infrastructure Administrator
CAcert
Attachment:
signature.asc
Description: This is a digitally signed message part.
- blog / comments, Ian G, 10/04/2009
- Re: blog / comments, Daniel Black, 10/04/2009
- Re: blog / comments, Andreas Bürki, 10/04/2009
- Re: blog / comments, Daniel Black, 10/04/2009
- Re: blog / comments, Ian G, 10/04/2009
- blog curent status + possible wider range of accepted CAs. was: Re: blog / comments, Daniel Black, 10/05/2009
- Re: blog curent status + possible wider range of accepted CAs. was: Re: blog / comments, Andreas Bürki, 10/05/2009
- Re: blog curent status + possible wider range of accepted CAs. was: Re: blog / comments, Ian G, 10/25/2009
- Re: blog curent status + possible wider range of accepted CAs. was: Re: blog / comments, Andreas Bürki, 10/25/2009
- Re: blog curent status + possible wider range of accepted CAs. was: Re: blog / comments, Mario Lipinski, 10/29/2009
- RE: blog curent status + possible wider range of accepted CAs. was: Re: blog / comments, ulrich, 10/29/2009
- Re: blog curent status + possible wider range of accepted CAs. was: Re: blog / comments, Andreas Bürki, 10/25/2009
- blog curent status + possible wider range of accepted CAs. was: Re: blog / comments, Daniel Black, 10/05/2009
- Re: blog / comments, Ian G, 10/04/2009
- Re: blog / comments, Daniel Black, 10/04/2009
Archive powered by MHonArc 2.6.16.