On Thu, 20 Oct 2016 13:03:23 -0600 Kevin Fenzi kevin@scrye.com wrote:
Unlike mailman 2, mailman 3 (which we now use for all Fedora lists), has no local accounts or passwords. (aside from a few added when we were using persona) You instead manage your lists by logging in using some existing account and then attaching whatever email addresses you use to that account.
Currently, you can login via any of the providers listed here: https://lists.fedoraproject.org/accounts/login/ yahoo, generic openid, google, fedora, twitter, github, gitlab, facebook, stack exchange.
I've been thinking about this. It seems like security is being traded off for convenience. If a breach of security occurs (like the yahoo breach), it means that multiple accounts are now compromised. I can see where it becomes easier to administer since the responsibility for administration is now someone else's responsibility.
Am I missing something?