[OpenID] About Facebook, MySpace and OpenID

SitG Admin sysadmin at shadowsinthegarden.com
Fri Apr 3 17:17:44 UTC 2009

>Further, if the OP can pass a "verified" email address so that RPs 
>don't have to go through the 2 step registration dance of waiting 
>for users to "verify" their email address, that improves 
>registration success rate.  There's a big drop off from email 
>registration due to verification emails going to spam folders or 
>users just forgetting to go through the last step to verify an 

I don't always have access to my E-mail when I have access to the 
web. I usually wait until I've arranged to have access to both, then 
create a temporary E-mail address: the idea here being that I'm not 
going to need to receive E-mail from them in the future. Now, if I do 
change my mind, I can probably also log in and change that 
information to a more permanent address, but, in the meantime, is 
there really any difference (to the RP) between my giving them an 
address that only works for the next ten minutes and my ignoring all 
the E-mail that they send me? It may end up in a spamfilter, but RP's 
could try sending from a different address; this method is actually 
*more* effective at catching (and blocking) unwanted messages.

Since, then, the only purpose of an E-mail address is to accept 
registration through a different protocol than the web, would it be 
allright for my OP to provide me with a unique E-mail address that 
existed only to accept registrations, and act as webmail to show me 
the link a few minutes later so I could click on it and verify my 
registration? If the RP needed to reach me later through that E-mail 
address, the OP could notify me the next time I logged in that there 
was mail waiting for me - but the OP could also hold onto that mail 
instead of forwarding it immediately, preventing my inbox from being 
cluttered with spam if any *did* get sent.


More information about the general mailing list