[OSM-talk] forum.openstreetmap.org

Robert (Jamie) Munro rjmunro at arjam.net
Sun Sep 30 00:26:03 BST 2007 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Tom Hughes wrote:
> In message <46FED092.5010700 at arjam.net>
>           "Robert (Jamie) Munro" <rjmunro at arjam.net> wrote:
> 
>> Frederik Ramm wrote:
>>> Single sign-on is not about being known under the same name
>>> everywhere. That would be the OpenID line of things which is not
>>> primarily about single sign-on, but primarily about reputation - you
>>> want to know that this is the same guy who writes that blog and so on.
>>> I would not necessarly advocate this for OSM.
>> That's not how I would use OpenID at all. There's no reason not to have
>> users login with an OpenID, but then be displayed by a configurable
>> screen name.
>>
>> I guess that OpenID is most popular in blog comments, and your
>> reputation idea may well happen, but AFAIK it's not an intended part of
>> the standard. I think that OSM should move to OpenID, simply because
>> plug ins for Rails, MediaWiki, mailman and anything else we might use
>> are already available. Making it work with JOSM may be a bit harder, but
>> we could just let people log in to the site with OpenID and set a random
>> API password for JOSM to use.
> 
> What's special about JOSM? It's just an API client so is talking to
> rails, so if rails can be made to support OpenID then JOSM will also
> support it by default.

JOSM isn't a web browser. OpenID is a web based system. The interaction
goes:
1. Enter your OpenID URL into the box, and press login (note that you
don't put a password at this stage)
2. You get redirected to your OpenID provider's login page
3. You log in to that page, using your password (or one of those
keyrings that banks give you or a smartcard or fingerprint reader with
special browser plugin or whatever else you want to use to prove
yourself - it doesn't matter as it's between you and the OpenID provider)
4. You get redirected back to the site you are trying to access, and are
now logged in

JOSM couldn't do 2 and 3, particularly if 3 involved special browser
plugins, which it could. There may be a solution if JOSM was to open
your web browser for you on the OpenID login screen, but I'm not sure
how it could complete the transaction.

Robert (Jamie) Munro
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFG/t8Iz+aYVHdncI0RAs3TAJ9IuoyOPNQIzsXp08YzJ9D62h/chQCdFuAh
UKx+9RoMuVAWesgdZ2sPX0g=
=ffhb
-----END PGP SIGNATURE-----

More information about the talk mailing list