2009/12/26 Matt Amos <zerebub...@gmail.com>: > which means there's no argument here for using SSL on vodafone.
I have no idea what Voda is up to, because they would throw up all sorts of warning messages from browsers, even on phones, and users would complain endlessly. SSL is usually left alone if for no other reason to prevent custom complaints, but no such browser errors/warnings occur if html has been messed with. > indeed. OSM doesn't need SSL for API traffic, it just needs a system > for secure authentication. and it has one in OAuth. So people can brute force OAuth credentials? _______________________________________________ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk