[Haskell-cafe] Re: Unified Haskell login
Maciej Piechotka
uzytkownik2 at gmail.com
Mon Sep 20 08:06:09 EDT 2010
On Sun, 2010-09-19 at 17:12 +0200, Michael Snoyman wrote:
>
> Let me respond to this directly since a number of people have brought
> this up:
>
> Due to spam reasons we can't trust the email given via an OpenID
> provider in general. For example, it would be trivial for me to create
> an OpenID provider for myself, set my email address as <insert someone
> else's address here> and essentially spam them.
>
> By going with a service like Facebook or Google, we know (or at least
> assume) that they do proper email validation, so we could immediately
> accept this value without needing to verify it ourselves.
>
> In other words: Yes, I know there are extensions to OpenID. And no, we
> can't use it to get a verified email address.
>
> Michael
There are people who for whatever reason don't use Facebook/Google/....
And sending verification e-mail costs practically nothing.
Regards
PS. If we have on-site registration it would have unverified e-mail as
well.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
Url : http://www.haskell.org/pipermail/haskell-cafe/attachments/20100920/d2e9b628/attachment.bin
More information about the Haskell-Cafe
mailing list