[josm-dev] HTTPS changes on osm.org

Dirk Stöcker openstreetmap at dstoecker.de
Wed Feb 25 07:54:23 UTC 2015


On Wed, 25 Feb 2015, Paul Woelfel wrote:

> If OSM stays with the startssl certificate, we could implement a
> TrustManager which first checks the default Trust store and then a JOSM
> custom one including the StartSSL certificate.
>
> There are samples out there, which can be used as a basic guideline.
> http://nelenkov.blogspot.co.at/2011/12/using-custom-certificate-trust-store-on.html
>
> If you wish, I can create the sample code and we discuss, if we should go
> with that workaround.

I think it's worth a try. If you can supply a patch as josm-ticket this 
would be fine.

But I fear that this will lead to a lot of trouble if I compare it with 
the idea to implement proper IPv6 support and the required "we dig into 
the code everywhere to implement another resolving strategy".

I'd prefer if OSM does not use StartSSL for the domains JOSM accesses.

Ciao
-- 
http://www.dstoecker.eu/ (PGP key available)



More information about the josm-dev mailing list