Design a user interface for redeeming invite tokens
Please see comment #4 on this ticket for a better description of the scope of this ticket. The following description is kept for historical purposes, and is no longer relevant due to developments in the design of #7520 (moved). —isis
Original Description
Should this interface be web based? Email based with gpg support? Both?
Should a token be redeemed for an account, or be used each time to request a bridge?
If a token is exchanged for an account, BridgeDB would need to store account credentials provided by a user. That might be more convenient for a user to remember, but might lead to problems such as:
account names can be probed (i.e. does an account by a certain name already exist?) users might re-use nyms, potentially a liability.
On the other hand, an account might be identified by an email address, which could be used to periodically send new bridges or invites. We want to add email subscription support to BridgeDB (#1610 (moved)), and perhaps these features should overlap.
Perhaps we could support both modes, where a valid token can be used to request bridges and add/remove email addresses. If a user chooses to add an email address, a suitable warning would be displayed to advise the user that the email address will be stored on the system.