Open brknkfr opened 2 years ago
But then the email address wouldn't be encrypted (visible to the server)? Doesn't this defeat the point of Croodle?
I share the privacy concerns raised by @austinhuang0131. Actually sharing the email address with the server may not be the most problematic aspect.
If the user opts in to sharing the email address with the server explicitly, I wouldn't have much concerns. The user already shares some personal information like IP address and browser used with the server when using Croodle. I don't think it would defeat the point of Croodle unless it affects encryption of the data in the poll.
I don't see any valuable content, which could be included an unencrypted email:
Such a notification only makes sense in two scenarios:
GPG is only used by a few. Copying a key for your email address is an user experience nightmare even for those few using GPG at all. I don't think spending time on that option is worth it.
The second option looks more promising. Croodle hat the potential to be locally installed as a progressive web app (PWA). Technically there is not much left to make that possible. But for that case it wouldn't be a notification via email. The notification must be processed by a specific app. Only that guarantees that encryption passphrase is available. Push notifications would be the way to go.
Having that said, I feel other topics have a higher priority when (and if) I have time to pick up Croodle development again.
Thank you very much for the detailed explanation which absolutely makes sense. I just thought, it would be nice to be informed, when someone adds a vote to a poll, otherwise all those comfortable people out there just forget about the poll and don't check it again. Couldn't it be a possibility to add a selectable notification by mail with a big fat warning about the consequences? I could imagine that privacy aware people would use an appropriate mail address for this function.
As a creator of a poll I'd like to have mail notifications when someone submitted a vote. This means I'd first have to supply an e-mail address.