[josm-dev] JOSM wants to add a certificate?

[Dirk Stöcker]

On Tue, 8 Jul 2014, Maarten Deen wrote:

>> >  Lets make it clear that, not having created this thumbprint myself, I 
>> >  can not verify this thumbprint and that this seems a very strange way of 
>> >  operating.
>>
>>  If you have a better solution, feel free to fix it.
>
> I really dislike such replies. You seem to insinuate that the only ones to 
> make comments are the ones that have the knowledge and ability to change the 
> source.

You talk about a topic in very high level, so you must accept that I 
assume you understand what you talk about and expect that you propose a 
better solution when there is one.

I explained the reasoning behind what we do at the moment, but this does 
not mean that we know everything - there may be better solutions which we 
don't know.

> I hope my view of your answer is incorrect.
> You may not like criticism, but my goal is not to talk the developers of JOSM 
> down but to try to give them hints of how things could (IMHO) improve.

Exactly that's what I said - I told you what we do and suggested to 
improve it when you have a better solution. You're writing to a 
devevelopers group, so I assume you know programming. If not, you still 
can tell us any improvments and we'll do the programming.

If this would be wiki, bug tracker or users group you'd get a totally 
different answer - less technical, more user centric.

And as said - current solution is not fine, as a private certificate 
should not be public at all. And probably there result security holes out 
of this, which we don't know yet.

Ciao
-- 
http://www.dstoecker.eu/ (PGP key available)