[josm-dev] OAuth secure ?
colliar
colliar4ever at aol.com
Wed May 5 13:37:01 BST 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Claudius schrieb:
> No, OAuth is not about encryption at all. The inital OAuth setup call
> still allows to be listened into and the login+password to be retrieved.
> All subsequent API calls won't transmit username+PW but the token
> instead, but still the content is transferred unencrypted.
Got it - thanks
> btw. which wiki (article) are you referring to?
http://josm.openstreetmap.de/wiki/Help/Preferences/Connection#OAuthbasedauthentication
colliar
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEAREIAAYFAkvhZmsACgkQalWTFLzqsCthHgCdG63IiebKWBWtbC1Sq/fOLBtR
KAoAnj59AwUWQecB0gpQmGSl7s6QL4EV
=O2hc
-----END PGP SIGNATURE-----
More information about the josm-dev
mailing list