Ah. I had not realized that my name, at the top of the page, was a link, and
so hadn't found that page.
--
John F. Eldredge -- j...@jfeldredge.com
"Reserve your right to think, for even to think wrongly is better than not to
think at all." -- Hypatia of Alexandria
-----Original Message-----
From: Peter Childs <pchi...@bcs.org>
Date: Tue, 22 Dec 2009 16:38:32
Cc: Open Street Map mailing list<talk@openstreetmap.org>
Subject: Re: [OSM-talk] Why doesn't OSM implement a simple measure to
protectit's users and passwords?
2009/12/22 John F. Eldredge <j...@jfeldredge.com>:
> There also does not appear to be any provision on the OSM web site for
> changing to a new password, which is something that one should do
> occasionally. At least, if there is a way to do so, I haven't found it.
>
Select your name at the top, (Its a link)
Then My Settings
Change you password and save changes.
Peter.
> --
> John F. Eldredge -- j...@jfeldredge.com
> "Reserve your right to think, for even to think wrongly is better than not to
> think at all." -- Hypatia of Alexandria
>
> -----Original Message-----
> From: John Smith <deltafoxtrot...@gmail.com>
> Date: Wed, 23 Dec 2009 00:11:43
> To: Talk Openstreetmap<talk@openstreetmap.org>
> Subject: [OSM-talk] Why doesn't OSM implement a simple measure to protect
> it's users and passwords?
>
> When does anyone plan to use SSL to protect passwords and users on OSM?
>
> I noticed the other day about how JOSM puts this in it's MOTD:
>
> "Your username and password are sent to the server unencrypted. If you
> do not like this, do not upload."
>
> While I'm aware that this is occurring, many others may not and may be
> put off with statements like the above. While removing that statement
> from JOSM might fix some of the image problems, it doesn't do anything
> for real security.
>
> There has even been a bug on this issue for 3 years!
>
> http://trac.openstreetmap.org/ticket/275
>
> This is even more concerning when you add into the mix the UK
> government is trying to record globs and globs of additional
> information on data travelling across internet links in the UK, among
> other things.
>
> http://go.theregister.com/feed/www.theregister.co.uk/2009/12/22/mobile_imp/
>
> As has been pointed out on the trac ticket, OSM should be eligible for
> a free cert from godaddy, then there is ideological reasons for
> supporting other options like CAcert, just like many support OSM for
> ideological reasons rather than Google.
>
> I realise there is some APIs floating about that use alternative
> authentication schemes, but the majority of users will be sending
> their passwords (and everything else for that matter) clear text over
> the internet for all and sundry to snoop on.
>
> Is it really reasonable to not offer SSL encryption?
>
>_______________________________________________
> talk mailing list
> talk@openstreetmap.org
> http://lists.openstreetmap.org/listinfo/talk
>_______________________________________________
> talk mailing list
> talk@openstreetmap.org
> http://lists.openstreetmap.org/listinfo/talk
>
_______________________________________________
talk mailing list
talk@openstreetmap.org
http://lists.openstreetmap.org/listinfo/talk
_______________________________________________
talk mailing list
talk@openstreetmap.org
http://lists.openstreetmap.org/listinfo/talk
