On 4/9/06, Gijs Kruitbosch <[EMAIL PROTECTED]> wrote: > On 4/9/06, Sean <[EMAIL PROTECTED]> wrote: > > Optionally you could also restrict posting to the users registered > > del.icio.us email address ? > > And how exactly do you reckon you could prevent people spamming del.icio.us > with faked email addresses? Just take a look at the daily amount of spam you > delete and/or your spamfilter stops, pretending you have a paypal account > which needs looking after. I would guess you'd need to send a password > somehow in order to really authenticate. Sending a password in cleartext via > email is unsafe as hell (though I guess this is not your bank account, it's > still not really a good way of doing things), and using encryption for it > makes it hard to use for consumers. To be honest, even though I think the > idea is quite nice in essence, I think it would be hard to do securely and > without allowing for more spam - or did I miss something here?
You wouldn't have to use the password, just a key, which could be either generated or (preferably) user defined. Maybe require that the key != the password for security, but otherwise it'd still be easy for the user. Then the only people you'd have to worry about sniffing for the key are spammers, and they probably wouldn't go to the trouble. That said, I don't really think that email posting would be very useful. But, it's probably possible to do it securely, or relatively so. Tracy Poff _______________________________________________ discuss mailing list [email protected] http://lists.del.icio.us/cgi-bin/mailman/listinfo/discuss
