What would you propose instead? I’m not arguing or anything just genuinely curious what it would be replaced with. Maybe some kind of cryptographic identity, I guess?
As is 4093rnbgv3q09vn032. Everyone already needs a unique identity. It’s called a username.
You can have more than one
More than one what? Email? How about zero?
It’s platform agnostic
There are a thousand platform-agnostic communication methods.
It’s anonymous
Email? LOL absolutely not.
It’s transferable
It’s only transferable if you use your own domain, which the vast majority are not doing.
What would you propose instead?
That depends on the purpose. You can receive messages and notifications right in the app, so for the purposes of communication I would propose absolutely nothing.
It’s all of the above at once. It’s hard to think of another identifier that hits them all.
4093rnbgv3q09vn032
It’s not a communication method outside of the platform it’s on. It’s also not platform agnostic if it’s your identity on a service.
I have several email addresses that are not remotely associated with any legal identity that I could transfer to someone that took over associated projects should the need arise.
It looks like your complaint is as a user, not the service owner? I wouldn’t run a project like that, but feel free to start one up. Lots of people would appreciate that, I’m sure.
It’s all of the above at once. It’s hard to think of another identifier that hits them all.
I already gave you one. The username.
It’s not a communication method outside of the platform it’s on.
Why is that necessary?
It looks like your complaint is as a user, not the service owner?
My complaint, as someone who hosts a variety of services, is that setting up an email server is ridiculously complicated, costs money, and is completely unnecessary.
Recently Ghost updated their software to add 2FA for email. Not TOTP or Passkeys, or anything actually secure, those are still unavailable. After updating I was completely locked out of my own account because it was trying to verify my login using a system that doesn’t exist on my install. It was a super annoying and completely unnecessary problem I had to deal with.
I wouldn’t run a project like that, but feel free to start one up.
Great, I’ll just go ahead and fork every open source project in existence on my own to remove this feature using the software engineering degree and the time I don’t have.
Then you’re just going to be at the mercy of the people that do maintain these things. I realize maybe my response was taken as disagreement or argument but it really wasn’t meant that way.
As a product owner I’d want a way to contact or validate a user for customer service or service management reasons. Self service password reset, etc.
But I’m interested in anonymity and if there were another good solution I’d be all ears. I’m not trying to defend email, just curious what mechanism could take its place. Some sort of cryptographic signature might work, though I would have to think carefully about no separate communication/ confirmation channel. I could see offering someone to use any identity of their choosing which would allow them as much anonymity and freedom of choice as they wanted. It’s an interesting challenge.
Then you’re just going to be at the mercy of the people that do run these things
I wasn’t asking for a way around them, I’m asking why they exist and suggesting we collectively move on from them.
I realize maybe my response was taken as disagreement
I didn’t take it as a disgreement, I took it as a dismissal. Rather than discussing why it’s necessary or whether it should be removed, you suggest that I create my own alternative.
As a product owner I’d want a way to contact
You can. We’ve already been over this. Send them a message on the platform.
or validate a user
How is an email address validation? I can spin one up in 3 seconds.
Self service password reset
You’re just creating a security vulnerability.
I’m not trying to defend email, just curious what mechanism could take its place.
Again, I already explained this.
Some platforms only require a username and a passkey (not even a password). That is ideal, in my opinion.
Email is also used to track user activity across the web, and while you know whether or not you will be tracking, collecting, and selling my activity, I don’t. Removing email eliminates that concern.
Some sort of cryptographic signature might work
That’s called a Passkey.
though I would have to think carefully about no separate communication/ confirmation channel
Again I ask, why? What is this fixation on multiple communication methods? Maybe as the user I don’t want you to have other ways of contacting me?
If you really need it there are hundreds of alternatives.
threaded - newest
<img alt="" src="https://beehaw.org/pictrs/image/f4895ef0-813a-42ae-966d-a8f6ffa76af8.jpeg">
Wow, I sure do love looking at the blue skies through the Windows of my corporate business office.
Why the fuck are so many software projects dependent on email? Why do we need this!? It’s infuriating.
That’s a fairly nice set of attributes.
What would you propose instead? I’m not arguing or anything just genuinely curious what it would be replaced with. Maybe some kind of cryptographic identity, I guess?
So is BlueSky
As is 4093rnbgv3q09vn032. Everyone already needs a unique identity. It’s called a username.
More than one what? Email? How about zero?
There are a thousand platform-agnostic communication methods.
Email? LOL absolutely not.
It’s only transferable if you use your own domain, which the vast majority are not doing.
That depends on the purpose. You can receive messages and notifications right in the app, so for the purposes of communication I would propose absolutely nothing.
It’s all of the above at once. It’s hard to think of another identifier that hits them all.
It’s not a communication method outside of the platform it’s on. It’s also not platform agnostic if it’s your identity on a service.
I have several email addresses that are not remotely associated with any legal identity that I could transfer to someone that took over associated projects should the need arise.
It looks like your complaint is as a user, not the service owner? I wouldn’t run a project like that, but feel free to start one up. Lots of people would appreciate that, I’m sure.
I already gave you one. The username.
Why is that necessary?
My complaint, as someone who hosts a variety of services, is that setting up an email server is ridiculously complicated, costs money, and is completely unnecessary.
Recently Ghost updated their software to add 2FA for email. Not TOTP or Passkeys, or anything actually secure, those are still unavailable. After updating I was completely locked out of my own account because it was trying to verify my login using a system that doesn’t exist on my install. It was a super annoying and completely unnecessary problem I had to deal with.
Great, I’ll just go ahead and fork every open source project in existence on my own to remove this feature using the software engineering degree and the time I don’t have.
Then you’re just going to be at the mercy of the people that do maintain these things. I realize maybe my response was taken as disagreement or argument but it really wasn’t meant that way.
As a product owner I’d want a way to contact or validate a user for customer service or service management reasons. Self service password reset, etc.
But I’m interested in anonymity and if there were another good solution I’d be all ears. I’m not trying to defend email, just curious what mechanism could take its place. Some sort of cryptographic signature might work, though I would have to think carefully about no separate communication/ confirmation channel. I could see offering someone to use any identity of their choosing which would allow them as much anonymity and freedom of choice as they wanted. It’s an interesting challenge.
I wasn’t asking for a way around them, I’m asking why they exist and suggesting we collectively move on from them.
I didn’t take it as a disgreement, I took it as a dismissal. Rather than discussing why it’s necessary or whether it should be removed, you suggest that I create my own alternative.
You can. We’ve already been over this. Send them a message on the platform.
How is an email address validation? I can spin one up in 3 seconds.
You’re just creating a security vulnerability.
Again, I already explained this.
Some platforms only require a username and a passkey (not even a password). That is ideal, in my opinion.
Email is also used to track user activity across the web, and while you know whether or not you will be tracking, collecting, and selling my activity, I don’t. Removing email eliminates that concern.
That’s called a Passkey.
Again I ask, why? What is this fixation on multiple communication methods? Maybe as the user I don’t want you to have other ways of contacting me?
If you really need it there are hundreds of alternatives.