Subject:
|
Re: Language Choices and LUGNET
|
Newsgroups:
|
lugnet.admin.suggestions
|
Date:
|
Tue, 1 Feb 2005 08:22:41 GMT
|
Viewed:
|
6157 times
|
| |
|
|
In lugnet.admin.suggestions, David Eaton wrote:
> Well, the issue would really be authenticating the user as a member, and
> making sure the message didn't get posted if they composed it incorrectly.
> Since only members are allowed to vote (and when viewing from SMTP/NNTP you
> can't see highlight/spotlights anyway), members who are using SMTP/NNTP would
> have to submit their user number and password along with the post, which gets
> dangerous. If they screwed up something and replied incorrectly, their member
> password could get displayed for the world to see. Not that it's the most
> secure transmission venue to begin with.
Agreed. No way would you want someone to send a password in plain text.
> The best way would probably be to get posting setups associated with member
> id's. So a member could log in to the website, try to associate their posting
> setup, which sends their email address a verification. They verify that that
> mail address is theirs, and then that email address can send highlight
> spotlights the same way as posts (requiring authentication).
That's what I was thinking - same as current posting authentication.
> But honestly I
> think it still runs a good risk of having someone accidentally sending things
> through that say "+HIGHLOGHT+" or whatnot that Lugnet interprets as posts,
> because the user submitted them incorrectly, resulting in some messiness.
> Possible certainly, but kinda messy.
Hmmn. Good point; this could be (mostly) addressed during the authentication
stage:
For posts:
I wrote it and I want to post it now.
[ ] +5Ip7haVYYGjRuCydpBnYm8nd+
I wrote it and I want to post it now. (Plus add a highlight to the parent!)
[ ] +5Ip7haVYYGjRuCydpBnYm8nd+
It was just meant it to be a highlight. Delete the post but add a highlight
to the parent.
[ ] +5Ip7haVYYGjRuCydpBnYm8nd+
I wrote it, but I changed my mind. Please delete it.
[ ] -5Ip7haVYYGjRuCydpBnYm8nd-
I did not write this message! Please delete it!
[ ] !5Ip7haVYYGjRuCydpBnYm8nd!
I'd like more time to think about what I wrote. I'll decide later.
[ ] ?5Ip7haVYYGjRuCydpBnYm8nd?
A few +highlihgt+ would still get through, but hopefully not too many.
Another option (SMTP only) would be to include a pre-generated highlight line in
every post like so:
I liked that post. Please add a highlight.
[ ] ?5Ip7haVYYGjRuCydpBnYm8nd?
The hash would identify both the recipient and the original post.
|
|
Message has 1 Reply:
 | | Re: Language Choices and LUGNET
|
| (...) Except that this step isn't happening right now. The server doesn't actually know that this post is from member 179 - it just knows that this email addressed has been allowed to post with these headers. Yes, updating the posting setup form to (...) (20 years ago, 1-Feb-05, to lugnet.admin.suggestions)
|
Message is in Reply To:
| | Re: Language Choices and LUGNET
|
| (...) Well, the issue would really be authenticating the user as a member, and making sure the message didn't get posted if they composed it incorrectly. Since only members are allowed to vote (and when viewing from SMTP/NNTP you can't see (...) (20 years ago, 1-Feb-05, to lugnet.admin.suggestions, FTX)
|
38 Messages in This Thread:
 
- Entire Thread on One Page:
- Nested:
All | Brief | Compact | Dots
Linear:
All | Brief | Compact
This Message and its Replies on One Page:
- Nested:
All | Brief | Compact | Dots
Linear:
All | Brief | Compact
|
|
|
|
