Allow requesting a private mailing list for a public team

This feature implies that the team is public, but that the list is private. Is that correct?

that doesn't make any sense to me. it's easy enough to create a private team for this purpose. i think it still makes sense for the mailing (and by extension its archives) to inherit the visibility/privacy of the team to which it's attached.

It's not possible to create a private team. This is not a feature generally available.

So yes, the use-case here is a public team with restricted membership that wants to have a private mailing list archive. I think we should honor that use-case.

I've reported bug 321121. Maybe this can be a better solution.

LP admins can turn a restricted membership team into a private team. I'm not sure why we don't allow team owners to do it. We can still have strong social pressure to keep teams public, so I'm not worried about a rash of private team creation.

This ties into several themes we've been exploring lately including team/project affiliation and team roles. I can imagine allowing a project to have one private team affiliated with it, or for its security contact team to be made private, but limit the choice of private team otherwise.

I'm still -1 on allowing public teams with private mailing lists. If the team is public then the privacy of the mailing list is easily subverted. You just join your bot to the team and forward all messages to the mail-archive.

You are confusing things here.

A public team is just a team whose membership list and names are public. A public team can still have a restricted membership and it makes sense for a security team to use restricted membership.

It doesn't make sense to use a private team as a security contact. Much better to have it public: who is on the team and what is the charter should be public.

But these teams should have a private archive.

And just to be clear, there is no way you could join a bot to such a restricted public team. (That you cannot with a private team).