[OSM-dev] OpenID for OpenStreetMap?

Frederik Ramm frederik at remote.org
Fri Feb 11 07:10:42 GMT 2011


On 02/11/11 06:59, Samat K Jain wrote:
> 2. Eliminate extra, confusing, and unnecessary logins for other OSM websites (help, wiki, forum, etc).

The forum and help system can already use the standard OSM login. The 
only thing where you need an extra login is the wiki.

The area where I see most potential benefit for OpenID is an use case 
that has popped up on these lists at least twice: Third-party system N 
has an existing user base who have logins at the site, and wants these 
users to be able to make certain edits in OSM. Since N believes that 
their users cannot be asked to go to the OSM site, sign up there, and 
then use OAuth to permit A's application to edit the map, N is tempted 
to use one single account to submit all edits under (to make it easier 
for users).

With a well-integrated OpenID/OAuth system, which we don't yet have, N 
could act as an OpenID provider against OSM, redirect their users to OSM 
once, where the user would only have to fill in a single web page that 
says "yes, I am User U and I want to create an OSM account and allow N 
to submit edits", and they're all set.

Other than that - even if I *had* a Google account, which I don't, I 
would not want Google to know when I log in to OSM. I think that if we 
should allow OpenID logins, it is also our responsibility to inform the 
user about the privacy they give away by using it.

(Being located in the UK and bound to relatively strict data protection 
laws might even mean that we are legally required to do so. But then 
again, the same data protection laws should in fact keep UK companies 
from using Google Analytics without the user's consent, and I don't 
believe many care.)


More information about the dev mailing list