Re: escaping from email? (was: Introducing Zooomr)

Instead of getting the e-mail address, you might want to implement  
LID Authenticated Messaging: does the same thing, except that it  
sends e-mail to your identity URL instead of your spammable e-mail  
address. Because the sender is authenticated, you can easily  
implement a whitelist / blacklist receiving-end policy ...

ANd there isn't a reason why it shouldn't work with OpenID as the  
authentication mechanism as long as you do it on top of YADIS.


On Feb 16, 2006, at 10:45, Kevin Turner wrote:

> On Sun, 2006-02-12 at 00:29 -0600, Jay Knight wrote:
> > One great thing about distributed authentication is that I can  
> > identify
> > myself on a site without providing my email address.
>
> This is not necessarily a given.  I mean, yes, it's true that you  
> don't
> need an email address to *identify* yourself the way a lot of e- 
> commerce
> sites currently do it ("please enter your email address to log  
> in"), but
> there are still plenty of reasons why a site might want to require you
> to associate your email address with your account, including
>
> * giving you a path to recover your log-in credentials in case you  
> lose
> them.  (Your ID server went out of business or you forgot which ID you
> used but remember your email.)
>
> * making it more expensive to write spambots.  (A bot that logs in  
> *and*
> responds to an e-mail confirmation is more expensive to build and
> maintain than a bot that just logs in to a web form.)
>
> * providing functionality that's part of the service, as Zooomr does.
>
> * having a channel through which to notify you about important changes
> in terms of service, changes to your account, etc.
>
> * sending you spam or selling your contact information to marketers.
>
> Not all of those are good reasons, but some of them are.  I don't  
> think
> we should expect to see services stop using our email addresses  
> anytime
> soon.

Johannes Ernst
NetMesh Inc.

 http://netmesh.info/jernst