Yeah I understand your caution Dewald. It's not fun running into
issues you have no control over and then
taking the blame from you users. I would say begin implementing OAuth
support in your product in prep for the
depreciation of basic auth. Maybe even offer a hybrid approach where
you support both basic and oauth. Then users
can pick which one they prefer (stability vs security). Also you get
time to test your oauth code before basic auth dies.

Best of luck,

Josh

On Tue, Dec 1, 2009 at 3:37 PM, Dewald Pretorius <dpr...@gmail.com> wrote:
> Switching to OAuth is not a trivial issue for me. I will need to get
> more than 160,000 Twitter accounts switched over from Basic Auth to
> OAuth.
>
> That's why I will only do it on a stable production-level Twitter
> OAuth. I'm not going to inundate myself with user support requests
> because of Twitter OAuth beta issues.
>
> On Dec 1, 11:41 am, Abraham Williams <4bra...@gmail.com> wrote:
>> OAuth is still in beta so when something goes wrong Twitter can fly the
>> *beta* flag. (Thanks Google)
>>
>>
>>
>> On Tue, Dec 1, 2009 at 09:30, ryan alford <ryanalford...@gmail.com> wrote:
>> > I never knew that asking questions would be considered "whining".
>>
>> > Twitter has never officially stated that OAuth is in "production" like they
>> > announce other features (like Lists).  Now they seem to be telling
>> > developers to start moving to OAuth.
>>
>> > You state to "don't" use it.  It doesn't look like we will have much of a
>> > choice soon.  Twitter is recommending third-parties move to OAuth.  Looks
>> > like it won't be long before basic auth is depreciated.
>>
>> > On Tue, Dec 1, 2009 at 10:17 AM, Duane Roelands 
>> > <duane.roela...@gmail.com>wrote:
>>
>> >> Use it or don't, and own your decision.  It works.  It's stable.  It's
>> >> more secure than Basic Auth.  It's what Twitter wants you to use.
>> >> What's the problem here?
>>
>> >> So tired of OAuth whining.
>>
>> >> > If Twitter OAuth is stable enough for Twitter to recommend that that
>> >> > all third-party applications connect through OAuth connection, then
>> >> > move it out of beta and into production mode, and announce it as such.
>> >> > If not, then don't make that recommendation.
>>
>> --
>> Abraham Williams | Community Evangelist |http://web608.org
>> Hacker |http://abrah.am|http://twitter.com/abraham
>> Project | Awesome Lists |http://twitterli.st
>> This email is: [ ] blogable [x] ask first [ ] private.
>> Sent from Madison, WI, United States
>

Reply via email to