[openstreetmap-website] Disable automatic gravatar opt-in, as it violates the privacy policy (#519)

Štefan Baebler notifications at github.com
Tue Nov 5 21:41:00 UTC 2013

Hiding md5 hashes in transit can be achieved by using https (if we put NSA aside for the moment and let browsers improve SSL).
Fear of centralized hashes gathering can be reduced by using
https://www.libravatar.org which supports SHA256 hashes, OpenID, federation and fallback to gravatar.

This does not fully fix the opt-in requirement, but provides greater flexibility to users.

Reply to this email directly or view it on GitHub:
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20131105/359e6c89/attachment.html>

More information about the rails-dev mailing list