On Nov 27, 2004, at 11:11 AM, Thomas Gries wrote:
you have recently introduced two new variables (see
consulting me. This action put a lot of pressure to me, as I am
working on a perfect Email Authentication by using the principles as
fully described in
[Bug 866] Email authentication by a dummy "forgot my password" cycle
which is almost ready. I would kindly like to ask you that you inform
my about such variables, which influence my work.
We have a CVS commit log mailing list:
Also, I recommend you avoid implementing 866 as I'm about to change the
'forgot my password' system; mailing a password directly usable to
login (and never expired until the next attempt) isn't very safe.
Please can you explain to me the reasons for your
E-mail functions are not always available on a given server (or may be
available but non-functional), and in general open e-mail can be
abused. Being able to disable all e-mail functions on the wiki prevents
false presentation of unusable features, and disabling of user-to-user
e-mail could cut down on abuse (for instance as a spam relay).
- they make no sense without an ***email
authentication*** as for
example disclosed in my
This assertion is completely false, as they are unrelated.
-- brion vibber (brion @ pobox.com