-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Claudius schrieb: > No, OAuth is not about encryption at all. The inital OAuth setup call > still allows to be listened into and the login+password to be retrieved. > All subsequent API calls won't transmit username+PW but the token > instead, but still the content is transferred unencrypted.
Got it - thanks > btw. which wiki (article) are you referring to? http://josm.openstreetmap.de/wiki/Help/Preferences/Connection#OAuthbasedauthentication colliar -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEAREIAAYFAkvhZmsACgkQalWTFLzqsCthHgCdG63IiebKWBWtbC1Sq/fOLBtR KAoAnj59AwUWQecB0gpQmGSl7s6QL4EV =O2hc -----END PGP SIGNATURE----- _______________________________________________ josm-dev mailing list josm-dev@openstreetmap.org http://lists.openstreetmap.org/listinfo/josm-dev