[openstreetmap-website] Disable automatic gravatar opt-in, as it violates the privacy policy (#519)

Štefan Baebler notifications at github.com
Wed Nov 6 06:37:38 UTC 2013


OK, so the only acceptable solution is user's explicit opt-in. 

But users would be more inclined to use (opt-in for) remote avatar service if they can choose from many (even their own via DNS federation), not just Gravatar.
Sharing a secret salt would be nice, but no service supports it yet. How would that work? Each app registering at each avatar provider and generate a salt, then fetch images with additional appid parameter?

There is [some salting](https://github.com/libravatar/libravatar/commit/68cbafe703b031aa3827c5bf00af6a3c03cc3d71), but I suspect it is just for federated OpenId authentication.

---
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/pull/519#issuecomment-27845999
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20131105/e970b410/attachment.html>


More information about the rails-dev mailing list