[OSM-dev] API suggestion - "authorise"?

Shaun McDonald shaun at shaunmcdonald.me.uk
Sun Nov 18 11:18:28 GMT 2007 

On 18 Nov 2007, at 10:41, Nick Whitelegg wrote:

> On Saturday 17 Nov 2007 16:20, Lambertus wrote:
>> I agree, but on the other hand, how paranoid do you want to be?
>>
>> Anyway, changing the forum to use a future HTTPS API authentication  
>> is
>> simple. Dunno if the forum authentication itself is easy to change to
>> HTTPS.
>>
>> Maybe 3rd parties need to allow users to choose between using OSM  
>> API auth
>> or a specific auth for that 3rd party service. That way, if you do  
>> not
>> trust the 3rd party you can use a separate account for that service.
>
> A specific authorisation for the third party service (Freemap in my  
> case)
> would be *more* problematic though, I'd have thought. For this to  
> work in my
> case (freemap/osmajax) one would have to set up a special OSM  
> account for all
> Osmajax edits, and anyone who did any copyright-infringing editing  
> would be
> less traceable. If this OSM account was used for copyright  
> infringement, then
> *all* edits by that account would presumably have to be reversed,  
> affecting
> *all* its users (not just one).

When I seen specific authorisation, I was thinking more along the  
lines of the way that Flickr does the authorisation, whereby a webapp  
or application is only allowed access to the Flickr account once the  
user has logged in to the Flickr account and told Flickr that you are  
happy for the particular webapp or application to use your data.
Further information about the Flickr api service:
http://www.flickr.com/services/auth/ a key is passed as a parameter  
when an application request authorisation.
http://www.flickr.com/services/
http://www.flickr.com/account?tab=extend services that you have used.

If something similar to the flickr service is done, then a special  
account isn't needed.

Shaun
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2433 bytes
Desc: not available
URL: <http://lists.openstreetmap.org/pipermail/dev/attachments/20071118/4ba93003/attachment.bin>

More information about the dev mailing list