Hi all, This could be a long email. I read Raffi's post today,the original post is here: https://groups.google.com/group/twitter-development-talk/browse_thread/thread/c2c4963061422f28
I think the abandon of HTTP basic auth would be a disaster for all Chinese twitter users. The gov of China runs a big censorship system called GFW. Wikipedia gives more information about GFW here: http://en.wikipedia.org/wiki/Golden_Shield_Project GFW blocked many websites like facebook, twitter, youtube, plurk and so on. So how does Chinese users post tweets from twitter client? We uses Twitter API proxy. A twitter API proxy is a simple script which redirect all POST and GET request it received to twitter.com. These scripts are written in PHP or Python, so it can be set up on virtual host outside China or on GAE. Basically, a API proxy script works as a middleman between twitter and twitter client, little like man-in-the-middle attack.It's possible to do this if the authentication is made in HTTP basic auth.But there is no way to do the same thing with OAuth. The base string of an OAuth request contains the domain of the HTTP request, so all client developers modify their code if they want to suite the need of API proxy. This is really a disaster for all Chinese twitter users.
