[lpi-discuss] verification key
G. Matthew Rice
matt at starnix.com
Thu Sep 1 17:26:13 EDT 2005
"Andres K. Foerster" <list at AKFoerster.de> writes:
> Yes, I understood that.
> What I don't understand is, why they made it so complicated,
> with such a large key. The LPI-ID should be enough, I think.
There are privacy laws that we have to abide by. If we just list people, we
could get sued, fined, etc...
Heck, we just had someone threaten us with a lawsuit because they made a
posting to a public list that was mirrored on mail-archive.com. They wanted
us to remove the posting from a service that we have no control over <sigh>.
You can always put the URL in your signature with a URL something like this:
https://www.lpi.org/en/verify.html?lpi_id=<lpi_id>&ver_code=<code>
Or even create a short cut with a service like tinyurl.
As for the length of the verification code, it is like that to provide
protection from brute force attacks.
What _could_ be done in the future is get permission from alumni to list them
publicly. It would have to be an opt-in service, though.
HTH,
--
g. matthew rice <matt at starnix.com> starnix, toronto, ontario, ca
phone: 647.722.5301 x242 gpg id: EF9AAD20
http://www.starnix.com professional linux services & products
More information about the lpi-discuss
mailing list