This is what I know, but I only know a little bit. 1) The way the LJ code works currently, the URLs for all subscriptions are visible, so an authenticated feed done through LJ would, indeed, reveal the authenticating credentials. This is bad.
2) Storing other people's private info on DW's servers by pretending to be DW members is the sort of thing that many people would consider Evil Works. The benefit of Denise's plan is that it stores minimal info on the DW server -- a URL, and the info that when we last checked it out 12 hours ago, you had permission to view the information at the URL. 3) The benefit of my plan is that it lets people see the info w/out having to leave their watchlist page. The downside is that it's hotlinking, but only to people who, AFA Dreamwidth knows, have permission to and a desire to see the info. Also, with Denise's plan, I'm not sure that the actual number of downloads would be substantially lessened, since people presumably put others on their watchlists because they want to read the things they write. Which, actually, makes me wonder if it would be possible to include AS AN OPTION to the unlocked RSS feeds, which is what people on the LJ codebase or via a regular RSS feed would get "This user posted a restricted access entry at $url." (I would not include time information, because anyone who actually had access to view the entry would be able to see the datestamp, and anyone who doesn't have access to view the entry doesn't need to know that much.) --zvi
_______________________________________________ dw-discuss mailing list [email protected] http://lists.dwscoalition.org/cgi-bin/mailman/listinfo/dw-discuss
