On Wed, 7 Oct 2009 07:53:37 -0400, "Mike N." <nice...@att.net> wrote:
> Restricting the HTTPS connections to auth only would solve much of the > CPU concern. But the token used for the upload session would be exposed, > > which could still result in account takeover. > It could result in an upload session takeover. It depends on the implementation if these tokens are valid for things other than map data upload. And at least it's limited due to the session timeout and can't be reused later. Regards Stefan _______________________________________________ josm-dev mailing list josm-dev@openstreetmap.org http://lists.openstreetmap.org/listinfo/josm-dev
