OpenID - getting mass take up, anti-spam?
Mark Cross
m1bxd at hotmail.com
Fri Jan 6 13:49:02 UTC 2006
An idea - feedback required, mad / stupid /possible?
You log into your OpenID server - go to initate email to a new person
You enter the person’s OpenID into the To: field
Choose your email From: (if your profile knows about multiple email accounts you hold and your OpenID server will confirm as holding)
Your OpenID server (acting as a consummer) queries the receivers OpenID server to see if your OpenId is already on the person’s white list, if not up pops up a captcha box
On correct entry it returns back the to your OpenID server the “correct target email address” and ”authorisation key” (the receiver’s OpenId server makes a note of your email address, authorisation key and adds your email address to their white list), your OpenID server also embeds the key into the header of the email which about to be sent
The key might be an MD5 of your OpenID plus the receives OpenID plus timestamp plus random number plus a salt (I’m no expert here advice please)
Your OpenID server also adds the target email address into your address book for you to further manipulate and tag within your OpenID server profile. The receive like wise now has a new person they can choose to tag within address box
For the receives end before they check their email, they log into your OpenID server and it also holds your email login details. You can sweep and it validates the emails by reading headers and looking for the authorisation key or white list entry in your profile. (Linked to a blackhole database it offers allow you really clean up your que before you request your emails with your normal client.)
At first this would be implemented as a web based system - to get you on the person’s white list, then next time you could use your usual email client. After a time the system would gain popularity and get included in standard email clients
There will be three types of email, email with no authorisation key, email on your white list, possible spam
In the corporate world your emails would be scanned for the authorisation keys before they reached your MS Outlook box!
At point into time when take up has become universal you can just set your system to automatically delete the possible spam queue - your choice
After the initial spec the system needs one or two ISPs as sponsor who use SquirrelMail and Horde. Where their email server is able to act as the person’s OpenID server to mark email messages as people log into their accounts
Grisoft could be approached to create a freeware Exchange plug-in to automatically check incoming email, as they would get a lot of public visibility from such a move
Next would be to get a OpenSource Windows cleaner which would login to your OpenID server to do the cleaning before you ran Outlook Express or whatever
After that we would be looking a widespread take up along with address book synchronisation for thick email clients with your OpenID server’s
http://markcross.wordpress.com/2006/01/06/openid-getting-mass-take-up-anti-spam/
Request for feedback!
Cheers Mark
(If this doesn't work because it's in HTML - sorry this is a beta live.com account and I can't figure out how to send plain text...)
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.danga.com/pipermail/yadis/attachments/20060106/10f7edd7/attachment.htm
More information about the yadis
mailing list