If that is the reason for disallowing the source param, why is this
policy not being applied uniformly? How would users of Tweetie,
Twitterrific, etc. feel if all their updates now said 'from web'? How
would the developers of those apps feel?
those applications have been grandfathered in
Raffi,
As I have noted before, the reliability of OAuth is an actual concern.
Also the availability of that easy one-time migration method (getting
the OAuth stuff when you have the username and password).
Twitter OAuth is still in beta. Ryan said that migration to OAuth will
become mandatory
I've been using OAuth for more than 3 months now, about 8 hours a day during
the week while at work, using my own library and my own twitter client.
I've never had an issue with stability. Now the desktop implementation is
crappy(been posted about 50 billion times), but other than that, I've
On Jan 13, 1:52 pm, ryan alford ryanalford...@gmail.com wrote:
I've been using OAuth for more than 3 months now, about 8 hours a day during
the week while at work, using my own library and my own twitter client.
I've never had an issue with stability. Now the desktop implementation is
On Thu, Jan 14, 2010 at 10:52 AM, ryan alford ryanalford...@gmail.comwrote:
I've been using OAuth for more than 3 months now, about 8 hours a day
during the week while at work, using my own library and my own twitter
client. I've never had an issue with stability. Now the desktop
I agree. I believe OAuth for mobile and the delegation between apps are the
biggest concerns that need to be addressed before the depreciation of basic
oauth in June. Both of these have been beaten to a pulp. However, these
issues certainly do not push OAuth into an unstable beta state that
On Tue, Jan 12, 2010 at 11:21 PM, Raffi Krikorian ra...@twitter.com wrote:
If that is the reason for disallowing the source param, why is this
policy not being applied uniformly? How would users of Tweetie,
Twitterrific, etc. feel if all their updates now said 'from web'? How
would the
As an User Experience designer, It is more complicated for first time
users as the process
is longer, I mean think about it what's more simple than open the app,
enter username/password
Done!, rather than open the app, go to twitter, sign in, copy pin,
paste pin, Done!, I believe the fewer
steps
As an User Experience designer, It is more complicated for first time
users as the process
is longer, I mean think about it what's more simple than open the app,
enter username/password
Done!, rather than open the app, go to twitter, sign in, copy pin,
paste pin, Done!, I believe the fewer
steps
Hi Raffi,
What is the reason for no longer allowing the source parameter for
Basic Auth desktop apps?
The issue is this: The policy is blatantly unfair. The current policy
benefits some desktop apps that use Basic Auth while penalizing
others. The policy should either remove the source parameter
What is the reason for no longer allowing the source parameter for
Basic Auth desktop apps?
the ability to forge the source parameter is too easy when simply using
basic auth.
--
Raffi Krikorian
Twitter Platform Team
http://twitter.com/raffi
What is the reason for no longer allowing the source parameter for
Basic Auth desktop apps?
the ability to forge the source parameter is too easy when simply using
basic auth.
Hi Raffi,
Why not disallow it for all apps then? Would the users of Tweetie,
Twitterrific, etc like that? Would
What is the reason for no longer allowing the source parameter for
Basic Auth desktop apps?
the ability to forge the source parameter is too easy when simply using
basic auth.
--
Raffi Krikorian
Twitter Platform Teamhttp://twitter.com/raffi
Hi Raffi,
If that is the reason for
If that is the reason for disallowing the source param, why is this
policy not being applied uniformly? How would users of Tweetie,
Twitterrific, etc. feel if all their updates now said 'from web'? How
would the developers of those apps feel?
those applications have been grandfathered in --
I'm doing desktop apps and I think the PIN workflow is just fine as
is. If there are security reasons why something else is needed, I can
see changing it. But it's no big deal for me to fire up a browser,
push the allow button, double-click on a PIN, and then CTL-C / CTL-
SHIFT-V into a Konsole
15 matches
Mail list logo