On Tue, Oct 29, 2013 at 7:23 AM, Ben Finney wrote: > I've received a response from Paweł Hajdan, Jr., who wants to continue > this discussion here but only recently subscribed to this forum.
Moving the keys to a file on the installed system sounds like a good idea. I would suggest compile-time and run-time options for this, as well as checking paths in the user's home directory. Paweł, could you explain the motivations and intentions of the Chromium and Google API teams here? Debian cannot comply with the Google API terms, will Google therefore revoke the API keys that we are using and block Debian users from using Google APIs? I never understood why anyone providing web APIs would require keys per piece of software using the API, rather than per-user keys or completely public APIs. This is especially pointless when the software using those APIs is software libre and the private keys are therefore shared with the public. Even for proprietary software it can't be too hard for people to extract the private keys from downloadable binaries, especially with the advanced debuggers that are available for proprietary plaforms like Windows. -- bye, pabs http://wiki.debian.org/PaulWise -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/caktje6gx_gbczt1kv1viq+bnn42uvetg-+3iku5wxx-vzv5...@mail.gmail.com
