User:Jeblad/verified contact

An user can be a verified contact for some other named entity, by sending an email from the entity given that the email contain a valid domain name for the named entity.

The process would be quite simple. First of all, the user act as a verified contact for a single entity, and should set up the email for this purpose. The user goes to a special page "Verified contact" containing a single button, and pushing this button sends a specially formatted email to the user. The email contains an access code, and this is entered on the special page, which has now added a field for this code. When the code is entered the user is verified for this domain.

When an user account is verified a small text saying which named entity the user has verified against is added after the title on the user page. That is an excerpt from the WhoIs-report. The report is divided into blocks on multiple new lines, or on leading part-names, and each block is scanned for some keywords. Sets of keywords can be chosen given matches on other keywords, such that specific whois-layouts can be detected and handled.

That text is clickable, and will purge the verification. This makes it possible to force an employee to stop acting like a verified contact for a specific named entity. Only admins or other users listed as verified contacts for the domain should be able to purge the verification for another user. Requests to create and purge verified contacts are logged and listed on recent changes to avoid abuse.

The access codes are listed in the log, and the only valid code would be the last one available from the log. An alternative to reading the log could be to use memcached. If the code is lost the user could make a new request, as the cost is pretty low. Usually the page would be open during the process.

A verified contact is placed in a special user group, which may not have any additional rights at all, but could be granted rights similar to autoconfirmed users.