Brian McKee wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 23-Feb-07, at 3:55 PM, A.J.Mechelynck wrote:
Waiting for email (with a pseudorandom confirmation code) proves that
the registration wasn't requested "in your name" by someone else. It
requires no human intervention server-side and only a few minutes'
wait client-side while greatly improving security. It also proves that
your "email-address-of-record" with the wiki is really yours. I'm for it.
I recently watched a video demoing software that automates the entire
registration by email process to various brands of online forums -
including grabbing a random account from a free email provider, filling
out the forum registration and captcha, receiving the confirmation email
and responding to it, then posting it's 'message' to the forum.... Wish
I had the link handy. I suspect the days of register by email as spam
defence are numbered.
It does prove your email address of record though - I hadn't considered
that.
Brian
Yes: so if the account is set to get email in some circumstances, the email
will go to the owner of the account: confirmed registration prevents joe-jobs.
Best regards,
Tony.
--
"I profoundly believe it takes a lot of practice to become a moral
slob."
-- William F. Buckley
