Ask HN: Can my users prove they own a GitHub/LinkedIn account, would this work?
I want my users to prove their identity, or at least go some way towards establishing trust by saying "see I can be trusted, look, these is my LinkedIn account and this is my GitHub account".
I could possibnly do this my requiring them to sign in via Oauth to those sites, but maybe it would be easier to give the user a random string and get them to put it somewhere like on a public github page, thereby proviong that they own the account.
I'm not sure, maybe there is somewhere on LinkedIn that a string could be placed that proves the user owns the account.
What do you think of that idea? keybase.io do something similar with github - they give you a piece of text to publish as a gist. It seems to work for them. Also, domain validated certificates issued by CAs work the same way: among a few other requirements, you publish a value provided by them at a specific relative URL on your domain.