Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Redesign forms, verify link ownership with rel="me" #8703
To some extent:
A TXT record for alternative verification would be nice. For example I wouldn't like having to add a link to my profile on the index of my GitLab instance and stuff like that.
Verifying multiple profiles is already possible with the current method. There should also be a way to confirm one link with multiple accounts using DNS. (comma separated links?)
The complexity with doing DNS verification comes from the fact that each link needs a special verification string, so the field must be saved before that string can be given to the user for copypasting, which means the actual verification must be done in a yet another step (+ wait for DNS propagation)
Don't forget that each server must verify on its own. I don't see how the user could have any control over when the checks happen, currently it's just tied into when the profile has been updated.
DNS verification could work in a similar fashion, listing domain or URLs to be honest. Although we probably want to check what kind of standards or proposed standards there already are for this.
Another minor issue I have with this is that this requires you to basically advertise your other identities everywhere, while someone may want to have only one-way verification (e.g., I may have a “private account” that I don't want to advertise to other people, but that I want to verify as being the private account tied to my public account).
Finally, I would also extend this to
"ownership of this link was checked..." might be better as:
with the negative case being:
Alternatively, no messaging on unverified links might also be better, so that no negative connotations are applied to links that are not intended or desired to be verified. Perhaps a checkbox representing "this is me, please verify" ("I own this site" ?) to signify verifiable links? could also cut down on effort verifying non-verifiable links.
I'm still not sure what I think about using "verification" language in this feature, given the baggage it carries from birdsite, but it is terminology that users understand.