<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    <p>...it's true that without HTTPS someone could man-in-the-middle
      you and get you to join a secret, ILLEGAL haskell mailing list,
      for NEFARIOUS purposes.  Some say demons wander those hills,
      seeking to lure the unwary to the unhallowed lands of
      javascript...<br>
    </p>
    <br>
    <div class="moz-cite-prefix">On 02/27/2018 08:23 AM, Thomas Jakway
      wrote:<br>
    </div>
    <blockquote type="cite"
      cite="mid:7b17a89d-8fb9-634e-ab9b-7839f4d893d9@nyu.edu">
      <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
      <p>GNU mailman passwords are explicitly <font size="+3"><u><b>NOT</b></u></font>
        secure!</p>
      <p><font size="+3"><u><b>DO NOT REUSE MAILING LIST PASSWORDS!</b></u></font><br>
      </p>
      <br>
      They ARE stored in plaintext and will be mailed back to you
      periodically on some setups to confirm that you want to remain
      subscribed.<br>
      <br>
      <br>
      <div class="moz-cite-prefix">On 02/25/2018 12:44 AM, 姓名 wrote:<br>
      </div>
      <blockquote type="cite"
cite="mid:CA+isZAJUe+09sHw74wfUQ3esYvzk_4T3VToBcsENqYAWh81tww@mail.gmail.com">
        <div dir="ltr">Hi there,
          <div><br>
          </div>
          <div>I become aware of the problem that <a
              href="https://mail.haskell.org/mailman/listinfo/haskell"
              moz-do-not-send="true">https://mail.haskell.org/mailman/listinfo/haskell</a>
            send a password to <span style="color:rgb(34,34,34);font-family:"dejavu sans mono",monospace;font-size:11px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:left;text-indent:0px;text-transform:none;white-space:pre-wrap;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline"><span style="color:rgb(34,34,34);font-family:"dejavu sans mono",monospace;font-size:11px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:left;text-indent:0px;text-transform:none;white-space:pre-wrap;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline"><a href="http://mail.haskell.org/cgi-bin/mailman/subscribe/haskell" moz-do-not-send="true">http://mail.haskell.org/cgi-bin/mailman/subscribe/haskell</a></span>. Probably it means this page will send a password </span>without
            encryption. Could you use https instead of http, or remove
            this duplicate page? I had used <a
              href="https://mail.haskell.org/cgi-bin/mailman/listinfo/haskell"
              moz-do-not-send="true">https://mail.haskell.org/cgi-bin/mailman/listinfo/haskell</a>
            instead.</div>
        </div>
        <br>
        <fieldset class="mimeAttachmentHeader"></fieldset>
        <br>
        <pre wrap="">_______________________________________________
Haskell mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Haskell@haskell.org" moz-do-not-send="true">Haskell@haskell.org</a>
<a class="moz-txt-link-freetext" href="http://mail.haskell.org/cgi-bin/mailman/listinfo/haskell" moz-do-not-send="true">http://mail.haskell.org/cgi-bin/mailman/listinfo/haskell</a>
</pre>
      </blockquote>
      <br>
    </blockquote>
    <br>
  </body>
</html>