True. This is a model I thought of a while back, when some credit cards started generating one-time-use credit card numbers for use when shopping online. I think this has a much higher chance of working for people, although it doesn't at all solve the problem of RP's needing to send the user through email verification. -- Andrew Arnott "I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - Voltaire
On Mon, Apr 6, 2009 at 8:42 PM, Allen Tom <a...@yahoo-inc.com> wrote: > > Andrew Arnott wrote: > > > > Thanks. Incidentally, the grief I have with Facebook is that I have > > to visit Facebook in order to pick up my "mail" which may just be a > > poke or prod. *grumble* But yes, I'd like to see us provide a > > general solution. And my personal queuing SP of choice would likely > > be one that sends copies of my messages in the email it sends me, as > > well as organizes them within its own web site for my review later. > > > > What if the OP generated a unique disposable email address for each RP > that the user wants to allow email, and the OP just forwards it on to > the user's real mailbox (or cell phone or IM, depending on the user's > preference). If and when the user no longer wants to receive messages > from the RP, the user can just deactivate the disposable email address. > > This might be easier to deploy than defining a standard messaging API > and putting OAuth in front of it. > > Allen > > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to oauth@googlegroups.com To unsubscribe from this group, send email to oauth+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---