John,
I can't speak for the IETF, but I do note that the same password notices have been going out on the first of every month for years. You just noticed iit now?
No, I've been getting the passwords for years. However I just finished a crypto class and really wondered what the history is here.
And once again, if you think it should do something else, send code. We're volunteers here. Assertions that it is very important for someone else to do work that you're not prepared to do are rarely effective.
It seems that this was fixed in 2007: http://blog.tigertech.net/posts/mailman-monthly-password-reminders-not-recommended http://wiki.list.org/display/DEV/2007/01/13/Passwords+done+right Thanks, P.