[OSM-talk] Why doesn't OSM implement a simple measure to protect it's users and passwords?
John Smith
deltafoxtrot256 at gmail.com
Tue Dec 22 15:16:39 GMT 2009
2009/12/23 Frederik Ramm <frederik at remote.org>:
> I don't value privacy above all else. Name a jurisdiction you think respects
> privacy, and then let us evaluate
Even if I were to do all this you would simply rebuff me with more
time wasting endeavours, as you pointed out you care about everything
else above privacy.
> I'm unlikely to be in favour.
So you're wasting both our time as a result.
> Raise funds for better hardware that seamlessly handles encryption; or start
And here I was thinking raising the issue was the first step to this,
of course you are just giving me time wasting exercises in the hope
that this issue will go away.
> modifying editors to support OAuth so that they can use SSL for the login
> part only - that would be a start. Write How-Tos etc. that explain OAuth to
> users.
How does OAuth make things any more secure than encryption?
Perhaps you are confusing mutual authentication via cryptography (ie
ssl client certificates) which removes the need completely for
passwords.
More information about the talk
mailing list