Le vendredi 25 juin 2010 à 21:54 +1000, Robert Collins a écrit : > I like the idea of sending emails when important account settings are > changed: it helps with: > - cross site attacks > - apis that permit changing such settings > - screen scraping via embedded browser instances > > and possibly more. > > Its also nonintrusive and straightforward, and we could include a > confirmation token in the email people get sent too, if we felt thats > needed. > > That is: > LP.me.addSSHKey(...) > -> email sent > <-202 ACCEPTED (please check your email and confirm via the token link in it) > Quickly shows the user 'please check email' > User clicks in the email, ssh key is enabled / disabled.
Sounds a good way to avoid all the non-permitted apps and hacks to go away. Love it! Well, at first release, people will have 3/4 mails if they setup nothing: - ssh - gpg - coc - ppa But I think we can live with that for now, seeing the added value. Didier _______________________________________________ Mailing list: https://launchpad.net/~launchpad-dev Post to : [email protected] Unsubscribe : https://launchpad.net/~launchpad-dev More help : https://help.launchpad.net/ListHelp
