But that's the choice you're forced to make by OAuth, not Twitter. And
it is YOUR choice. Personally, I would probably use the conventional
mechanisms of open source: mailing lists, special interest and user
groups. Pound the pavement and promote yourself. Who said it was going
to be "easy"?


On Wed, Jul 1, 2009 at 11:22 AM, JDG<ghil...@gmail.com> wrote:
> The problem is that by everyone getting their own consumer keys, the source
> parameter will be different for every person. Now, I'm not interested in
> getting my name in lights in the Twitter world -- I could honestly care
> less. That said, if I'm going to spend a significant portion of my time
> creating an open source app for people to enjoy, I'd like for people to
> actually know that they can use it, and the source parameter is by far the
> easiest way to accomplish that.
>
> On Wed, Jul 1, 2009 at 09:10, Andrew Badera <and...@badera.us> wrote:
>>
>> No one's snarking, but again, interesting you would interpret it that way.
>>
>> Open source all you want, each person deploying an instance will have
>> to get their own keys. What's so tough about that?
>>
>>
>>
>> On Wed, Jul 1, 2009 at 11:07 AM, DWRoelands<duane.roela...@gmail.com>
>> wrote:
>> >
>> > Andrew,
>> >
>> > This isn't about credit in the source parameter.  It's about
>> > application security.
>> >
>> > Twitter has stated that Basic Auth will eventually be deprecated.
>> > OAuth will eventually be the only method of authentication available.
>> > When that happens, developers of open source clients will be forced to
>> > reveal their Consumer Key Secret.
>> >
>> > This is a very real problem; open-source developers of desktop clients
>> > will have to reveal their Consumer Key Secret.
>> >
>> > Can we keep this discussion focused on the technical issues at hand,
>> > rather than snarking about one another's motives?  It's not
>> > productive.
>> >
>> > Regards,
>> > Duane
>> >
>> >
>> > On Jul 1, 10:57 am, Andrew Badera <and...@badera.us> wrote:
>> >> Not what I said in the least, but it's interesting that you should
>> >> interpret it that way.
>> >>
>> >> Re-read what I said.
>> >>
>> >> If someone is open sourcing something, in the true spirit of open
>> >> source, they shouldn't care about getting credit in the source
>> >> parameter.
>> >>
>> >> Thanks you and good night, I'm here all week, try the veal, don't
>> >> forget to tip your waitresses and angry developers.
>> >>
>> >>
>> >>
>> >> On Wed, Jul 1, 2009 at 10:50 AM, Cameron Kaiser<spec...@floodgap.com>
>> >> wrote:
>> >>
>> >> >> Yes, but don't distribute it. Obviously config files are human
>> >> >> readable, but you blank out secrets before publishing them.
>> >>
>> >> >> People using open source libraries will have to get their own keys.
>> >> >> So, either you really are contributing in the spirit of open source,
>> >> >> and you don't care about getting credit, or you're doing it for self
>> >> >> promotional purposes, and the conversation is moot anyhow.
>> >>
>> >> > That's an asinine statement. So everybody who doesn't make their open
>> >> > source software anonymous is a publicity whore?
>> >>
>> >> > --
>> >> > ------------------------------------
>> >> > personal:http://www.cameronkaiser.com/--
>> >> >  Cameron Kaiser * Floodgap Systems *www.floodgap.com*
>> >> > ckai...@floodgap.com
>> >> > -- In memory of John Banner
>> >> > ---------------------------------------------------
>> >
>
>
>
> --
> Internets. Serious business.
>

Reply via email to