-
Notifications
You must be signed in to change notification settings - Fork 420
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allowing email replies to annotations when no account exists #1010
Comments
@dwhly, in your summary it sounds like you're assuming that users without a username/account can comment, but that's not the case today. |
|
@dwhly, good question, and good answers. My opinion:
2a) I don't think we should deobfuscate email addresses even if the reader is logged in; it's more complex behavior, and doesn't solve any real problem
A related question: what if someone replies from a W3C mailing list with one email address, but registers with a different email address? Could they associate multiple (verified) email addresses with the same username? |
Agree with these points. Re: 3 above, had same thought. Might be something we do later. @tilgovi will have the best perspective. And yes, associating multiple email addresses with the same account will become a priority at some point, for exactly these kinds of reasons. |
Like with time-stampts, GitHub has a nice workflow for this. We just need to copy that. |
I think the most sensible thing would be to consider the annotations as made by a the server. This issue then reduces to the issue of separating the annotation from its body. What we show then as the author of the body is definitely the e-mail address, and we may wish to obfuscate it slightly depending on the requirements of the deployment. But I'm going to close this issue here because it's something I would prefer to see solved by a separate project. The plan of attack is:
|
Moving to hypothesis/vision#44 |
If we're emailing a mailing list for every annotation made, and for any responses creating annotations as replies (see #1004), then we'll have situations when replies are generated for folks for whom we have no user account.
It seems like we should probably use the email address in these situations as the user name-- and displayed as such when viewing the annotation.
Should we obfuscate these usernames? i.e. "dwhaley@....."
Only when not logged in?
If the person later creates an account with this username, should we then show these previous annotations as being from that user, or continue to refer to them as being from the email address? (Policy question and technical difficulty both here probably).
Interested in perspectives from @tilgovi and @shepazu and others.
The text was updated successfully, but these errors were encountered: