Ah. I had not realized that my name, at the top of the page, was a link, and so hadn't found that page.
-- John F. Eldredge -- j...@jfeldredge.com "Reserve your right to think, for even to think wrongly is better than not to think at all." -- Hypatia of Alexandria -----Original Message----- From: Peter Childs <pchi...@bcs.org> Date: Tue, 22 Dec 2009 16:38:32 Cc: Open Street Map mailing list<talk@openstreetmap.org> Subject: Re: [OSM-talk] Why doesn't OSM implement a simple measure to protectit's users and passwords? 2009/12/22 John F. Eldredge <j...@jfeldredge.com>: > There also does not appear to be any provision on the OSM web site for > changing to a new password, which is something that one should do > occasionally. At least, if there is a way to do so, I haven't found it. > Select your name at the top, (Its a link) Then My Settings Change you password and save changes. Peter. > -- > John F. Eldredge -- j...@jfeldredge.com > "Reserve your right to think, for even to think wrongly is better than not to > think at all." -- Hypatia of Alexandria > > -----Original Message----- > From: John Smith <deltafoxtrot...@gmail.com> > Date: Wed, 23 Dec 2009 00:11:43 > To: Talk Openstreetmap<talk@openstreetmap.org> > Subject: [OSM-talk] Why doesn't OSM implement a simple measure to protect > it's users and passwords? > > When does anyone plan to use SSL to protect passwords and users on OSM? > > I noticed the other day about how JOSM puts this in it's MOTD: > > "Your username and password are sent to the server unencrypted. If you > do not like this, do not upload." > > While I'm aware that this is occurring, many others may not and may be > put off with statements like the above. While removing that statement > from JOSM might fix some of the image problems, it doesn't do anything > for real security. > > There has even been a bug on this issue for 3 years! > > http://trac.openstreetmap.org/ticket/275 > > This is even more concerning when you add into the mix the UK > government is trying to record globs and globs of additional > information on data travelling across internet links in the UK, among > other things. > > http://go.theregister.com/feed/www.theregister.co.uk/2009/12/22/mobile_imp/ > > As has been pointed out on the trac ticket, OSM should be eligible for > a free cert from godaddy, then there is ideological reasons for > supporting other options like CAcert, just like many support OSM for > ideological reasons rather than Google. > > I realise there is some APIs floating about that use alternative > authentication schemes, but the majority of users will be sending > their passwords (and everything else for that matter) clear text over > the internet for all and sundry to snoop on. > > Is it really reasonable to not offer SSL encryption? > >_______________________________________________ > talk mailing list > talk@openstreetmap.org > http://lists.openstreetmap.org/listinfo/talk >_______________________________________________ > talk mailing list > talk@openstreetmap.org > http://lists.openstreetmap.org/listinfo/talk > _______________________________________________ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk _______________________________________________ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk