On 7/23/98 12:40 AM, Chuq Von Rospach <firstname.lastname@example.org> wrote...
>The idea that came up, which I really like, is to move the
>"authorization" token out of the e-mail space and into the web space.
>Instead of sending an auth string a user has to send back in a way the
>list server can process, you send the user a URL, which points in some
>customized way back to your web site. The web site can then verify the
>token and data, and use the admin password or whatever to sneak behind
>the standard list server mailback authorization.
I've seen this kind of thing for other purely web-based services. You
sign up, they send you a message, and you verify by going to a URL with a
cookie in it. I defnitely like it, though it's sometimes a pain when the
web server is down, or if I'm just Telnetting in and don't want to deal
with the web at that particular moment.
So long as such a system gives the user both choices, a response or a web
URL, I think this would go a long way towards helping some of the more
clueless folks out there, who can't figure out confirmation. I'd have to
talk to some of the people who actually run this kind of thing to see
what kind of success statistics they get, tho.
Adam Bailey | Chicago, Illinois
email@example.com | "Logic is the art of going wrong with
firstname.lastname@example.org | confidence." - George Bernard Shaw
Finger for PGP | http://www.tezcat.com/~adamb/