In this case there are two things - motivation for spending time on edit and effects of actual changes.
Motivation is not really important - it is not important whatever someone loves letter s or wants to improve security (and even if security is improved there was no point in mentioning it). No matter what is the motivation, result is that really boring update work will be done and OSM database will be sligthly more up to date. I do not really care about "latest edit date will change" problem - this is only heurestic and extremely poor one to measure anything. Feb 26, 2019, 3:39 PM by iknowjos...@gmail.com: > Hi Rory, > > Sure, so my point is: If someone wants to encourage https adoption in the > wider world, the OSM database is not the place to do it. Security mechanisms > exist for website operators to implement if they so desire, and they may need > help making the most appropriate decisions. > > Cheers, Joseph > > On Tue, 26 Feb 2019 at 14:30, Rory McCann <> r...@technomancy.org > <mailto:r...@technomancy.org>> > wrote: > >> On 26/02/2019 14:45, Joseph Reeves wrote: >> > As an aside, HSTS is interesting here because the website operator is >> > saying "only use this domain over https", but at that point, we don't >> > need to make changes to the database because the web client should be >> > aware of the HSTS preload list; the protocol listed in the referrer >> > is not relevant. >> >> I don't think we can rely totally on HSTS. I'm sure not all sites are on >> HSTS preload lists. I think OSM has more "website=http://*"; tags (965k)¹ >> than Firefox² & Chrome³ have in their HSTS preload lists... >> >> [1] >> https://taginfo.openstreetmap.org/keys/website#values >> <https://taginfo.openstreetmap.org/keys/website#values> >> >> [2] >> >> >> https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security#Preloading_Strict_Transport_Security >> >> <https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security#Preloading_Strict_Transport_Security> >> >> >> https://hg.mozilla.org/mozilla-central/raw-file/tip/security/manager/ssl/nsSTSPreloadList.inc >> >> <https://hg.mozilla.org/mozilla-central/raw-file/tip/security/manager/ssl/nsSTSPreloadList.inc> >> >> [3] >> >> https://www.chromium.org/hsts <https://www.chromium.org/hsts> >> >> >> https://cs.chromium.org/codesearch/f/chromium/src/net/http/transport_security_state_static.json?cl=5b2537d89ea5994d27bba5735961b0be1095c54c >> >> <https://cs.chromium.org/codesearch/f/chromium/src/net/http/transport_security_state_static.json?cl=5b2537d89ea5994d27bba5735961b0be1095c54c> >>
_______________________________________________ talk mailing list talk@openstreetmap.org https://lists.openstreetmap.org/listinfo/talk
