Re: Chromium and Google API keys
On Tue, Oct 29, 2013 at 7:23 AM, Ben Finney wrote:
> I've received a response from Paweł Hajdan, Jr., who wants to continue
> this discussion here but only recently subscribed to this forum.
Moving the keys to a file on the installed system sounds like a good
idea. I would suggest compile-time and run-time options for this, as
well as checking paths in the user's home directory.
Paweł, could you explain the motivations and intentions of the
Chromium and Google API teams here?
Debian cannot comply with the Google API terms, will Google therefore
revoke the API keys that we are using and block Debian users from
using Google APIs?
I never understood why anyone providing web APIs would require keys
per piece of software using the API, rather than per-user keys or
completely public APIs. This is especially pointless when the software
using those APIs is software libre and the private keys are therefore
shared with the public. Even for proprietary software it can't be too
hard for people to extract the private keys from downloadable
binaries, especially with the advanced debuggers that are available
for proprietary plaforms like Windows.