 
|
| Sender: |
|
| Subject: |
|
| From: |
|
| Date: |
Sun, 23 Jul 1995 21:33:38 EDT |
| In-Reply-To: |
|
| Organization: |
L-Soft international, Inc. |
| Reply-To: |
|
But it doesn't make sense for one person to be able to send the OK for
a message that was originally meant for someone else to OK. That defeats
the purpose, Roger. Remember that the OK "magic cookie" mechanism isn't
just used to approve postings that get bounced to the editor on
Send= Editor,Hold. It's used for a lot of other things as well that
you would NOT want just anyone sending an OK for. To change that
would be a major mistake. The OK mechanism is specifically aimed at
making sure that person A who sent the command is <really> person A,
and not person B who is spoofing commands. That's why it's actually
more secure than a password.
I'll document it--it's a good point--but it sure seems pretty obvious
to me. In a discussion of the OK mechanism (which I do need to write)
it would be quite clear that person B can't OK person A's editorial
submissions.
Nathan
|
|
|
