<div dir="ltr"><div><div><div><div><div><div><div><div>Hi everybody.<br><br></div>Now we have rather strange situation. In one hand we encourage new users to register.<br></div>(It was one of the point of new design for <a href="http://osm.org">osm.org</a> that it's motivating users to register.)<br></div>In other hand it's rather hassle to register, especially using mobile device.<br><br></div>If you open new user form (or attached screenshot) you'll find same situation:<br></div>In one hand, you can use google / facebook / windows live / openID login <br>(it's good, because it made signup more fluent and easy).<br></div>But in other hand, this capability hided under spoiler and you still should enter email.<br><br></div>I haven't tested should you verify entered email with signup in that case, <br>I hope no, but still, email shouldn't be required field for signup with google/fb/etc<br></div>because we ask user to give us google/fb/etc email.<br><div><div><div><div><div><br></div></div></div></div></div></div><div class="gmail_extra"><br><div class="gmail_quote">2015-12-28 23:03 GMT+05:00 Greg Troxel <span dir="ltr"><<a href="mailto:gdt@ir.bbn.com" target="_blank">gdt@ir.bbn.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class=""><br>
Simon Poole <<a href="mailto:simon@poole.ch">simon@poole.ch</a>> writes:<br>
<br>
> If I understand Ilya correctly what he wants to avoid is (the hassle of)<br>
> the authorisation step when using OAuth. During this process you need to<br>
> login to <a href="http://openstreetmap.org" rel="noreferrer" target="_blank">openstreetmap.org</a> with your credentials and then confirm that<br>
> the app is allowed to access the API on your behalf.<br>
><br>
> To see what is involved in practical terms you can try to use the HOT<br>
> task manager, maproulette etc (or on a mobile device Vespucci, I assume<br>
> Go Map! uses OAuth too, as any current third party app for OSM should).<br>
<br>
</span>Thanks; I am begininng to understand. I dimly remember that Vespucci<br>
used to store username/paassword, but recently I tried to upload some<br>
changes and had to go through the oauth process. Other than having to<br>
know my osm password it was quite trivial, requiring typing 'gdt' and<br>
the password and then changing a few checkboxes. This seems like a<br>
very nice solution and I particularly appreciate the fine-grained<br>
permissions.<br>
<span class=""><br>
> The authorisation is a one time process (per app) and as such I'm not<br>
> quite convinced that the whole discussion isn't a solution looking for a<br>
> problem, but Ilya is correct in that it does involve the hassle of<br>
> people remembering their google/FB/whatever password. Naturally on a<br>
> mobile device you want to minimize typing in any case so I'm mildly in<br>
> support of at least investigating what this would entail (it is unlikely<br>
> that we would use a proprietary solution in Vepsucci though, on other<br>
> devices and with other apps the trade-offs might be different).<br>
<br>
</span>The word "social" (that you didn't use :-) seems confounding in this<br>
discussion.<br>
<br>
So is the notion:<br>
<br>
One could link some third-party openid/openauth provider to one's OSM<br>
account, either manually, or because it was used to sign up.<br>
<br>
On a device, one might already be authorized for this third-party<br>
openauth/openid provider.<br>
<br>
A program that does OSM stuff (Vespucci, OsmAnd, firefox) might then<br>
authorize to <a href="http://osm.org" rel="noreferrer" target="_blank">osm.org</a> via this third-party provider, requiring only a<br>
yes click to an "authorize to osm via foo" popup?<br>
<br>
<channeling rms><br>
That seems harmless enough as long as it doesn't lead to proprietary<br>
software showing up in Free programs, doesn't result in any data<br>
flowing to those third-party sites for users that don't already have a<br>
relationship with them, and doesn't lead to apps suggesting that people<br>
sign up with these other places.<br>
</><br>
<span class=""><br>
> The above is a separate but related issue to making the signup process<br>
> "mobile friendly" see<br>
> <a href="https://github.com/openstreetmap/openstreetmap-website/issues/894" rel="noreferrer" target="_blank">https://github.com/openstreetmap/openstreetmap-website/issues/894</a> for a<br>
> longish discussion.<br>
<br>
</span>Thanks for the link. That mostly makes sense, except for the notion<br>
that Android is unusable without a Google account. I will agree with<br>
"base Android with google stuff (vs CM) is hostile to those without a<br>
google account" though.<br>
<br>_______________________________________________<br>
dev mailing list<br>
<a href="mailto:dev@openstreetmap.org">dev@openstreetmap.org</a><br>
<a href="https://lists.openstreetmap.org/listinfo/dev" rel="noreferrer" target="_blank">https://lists.openstreetmap.org/listinfo/dev</a><br>
<br></blockquote></div><br><br clear="all"><br>-- <br><div class="gmail_signature"><div dir="ltr">Thank you for your time. Best regards.<br>Dmitry.</div></div>
</div>