[OSM-talk] Why doesn't OSM implement a simple measure to protect it's users and passwords?
Frederik Ramm
frederik at remote.org
Tue Dec 22 18:31:10 GMT 2009
Hi,
Florian Lohoff wrote:
> So encrypting all API calls shouldnt be much of a problem - There is not that
> much data transferred anyway, just a lot of connected with little data in them.
I thought the expensive bit was setting up the connection, not
transmitting data?
> I'd like to see SSL encrypted connections for everything, there are a lot of
> employees spying on their staff, governments on their population and people
> each other. I am not afraid in loosing my password to someone as its a unique
> for OSM but the world is full of privacy black holes and we want to support
> our users/mappers against any breach of confidentiality.
I might support that elsewhere but with regard to OSM, my honest plea to
everyone is: If you have something that should remain secret, DO NOT
UPLOAD IT TO OSM. Because I (as a member of the project) do not want to
share responsibility for keeping the secret.
Bye
Frederik
--
Frederik Ramm ## eMail frederik at remote.org ## N49°00'09" E008°23'33"
More information about the talk
mailing list