Not really that hard to distinguish between 5 IPs making 20k API hits and 20k IPs making 5 API hits each...
Abraham On Wed, Jan 20, 2010 at 16:50, Cameron Kaiser <spec...@floodgap.com> wrote: > > Another hunch: desktop apps are negligible and the real load comes > > from web apps who spider asynchronously 24/7. Should the load be > > differentiated across client and web apps? Client apps are typically > > only one user per device at a time, whereas the web app may be > > spidering on behalf of who knows how many people. > > The problem here is distinguishing the two. OAuth doesn't (and I was > told this by one of the people on the OAuth committee) specifically > allow you to unambiguously and securely identify an application just > because it has a certain app key, and Twitter's Basic Auth implementation > uses source keys pretty much purely cosmetically. > > -- > ------------------------------------ personal: > http://www.cameronkaiser.com/ -- > Cameron Kaiser * Floodgap Systems * www.floodgap.com * > ckai...@floodgap.com > -- BOND THEME NOW PLAYING: "Die Another Day" > ---------------------------------- > -- Abraham Williams | Moved to Seattle | May cause email delays Project | Intersect | http://intersect.labs.poseurtech.com Hacker | http://abrah.am | http://twitter.com/abraham This email is: [ ] shareable [x] ask first [ ] private. Sent from Seattle, WA, United States