On Sat, 26 Sep 2009 13:49:00 +0000, Ævar Arnfjörð Bjarmason wrote: > On OSM.org you can give out tokens that allow the holder to *only* edit > the map data. As opposed to also getting access to your private GPX > tracks, making diary entries / comments etc. > > So transfering plaintext OAuth tokens would be more secure as in the > event of a breach the access the attacker would gain to OSM.org in your > name would at least be compartmentalized. > > Not to mention that the OAuth token would *only* work on OSM.org whereas > users are likely to supply the same email/password pair for multiple > websites that they're using.
This definitely sounds like a step forward in the right direction. This seams like a nice feature to secure users account, and you are right, this would be much better than nothing. -- pratite me na twitteru - www.twitter.com/valentt http://kernelreloaded.blog385.com/ linux, blog, anime, spirituality, windsurf, wireless registered as user #367004 with the Linux Counter, http://counter.li.org. ICQ: 2125241, Skype: valent.turkovic _______________________________________________ josm-dev mailing list [email protected] http://lists.openstreetmap.org/listinfo/josm-dev
