On Wed, 7 Oct 2009 09:04:32 +0100, Shaun McDonald <o...@shaunmcdonald.me.uk> wrote:
>>> [...OAuth discussion...] Hi, I've followed the discussion losely the past days. Could someone kindly recap why good old HTTPS is not an option? The original question was to encrypt the username/password authentication. You now discuss replacing that with an OAuth authentication which doesn't need secret username/passwords. Both solves the problem of someone sniffing data inbetween gaining access to the OSM acount. But while https would just work transparently behind the scenes, OAuth is quite complicated in going back and forth between JOSM and OSM Website implying a lot of changes to the present workflow. So what is it that prevents https? Regards, Stefan _______________________________________________ josm-dev mailing list josm-dev@openstreetmap.org http://lists.openstreetmap.org/listinfo/josm-dev