[josm-dev] shocking - unsecure password sending!
Valent Turkovic
valent.turkovic at gmail.com
Thu Oct 1 09:52:37 BST 2009
On Thu, 24 Sep 2009 17:49:43 +0200, Tobias Wendorff wrote:
> A token gets gets generated on the database server (or transmitted to
> it) and it gets transmitted to the user via HTTPS.
>
> The token will encode the password on the user's side and transmit it in
> plaintext to the server. The server will encode it using the token.
>
> That sounds secure to me and shouldn't slow down any process.
Any plans on implementing this feature into JOSM?
--
pratite me na twitteru - www.twitter.com/valentt
http://kernelreloaded.blog385.com/
linux, blog, anime, spirituality, windsurf, wireless
registered as user #367004 with the Linux Counter, http://counter.li.org.
ICQ: 2125241, Skype: valent.turkovic
More information about the josm-dev
mailing list