> Could you explain how "OAuth Echo" works with OAuth WRAP/2.0?

working on it -- expect to see another update on oauth echo on mehack

> Would it be possible for you to skip the OAuth 1.0a version of Echo and
> just deploy the WRAP/2.0 version? Otherwise, clients are going to get stuck
> with having to implement BOTH versions, as some delegators will surely
> implement only the OAuth 1.0a version, while others only implement the WRAP
> version. Similarly, delegators will probably feel pressure to support both
> versions, as some clients will only implement one or the other.

its definitely something that we've considered.  i think, in reality, we're
going to have to support both types as we don't yet have any notion on
when/if we would deprecate oauth 1.0a -- in addition, not having oauth echo
implemented for 1.0a, when we're pushing towards basic auth deprecation in
june...  all in all, this seems too complicated to not have in our 1.0a

> xAuth vs. the WRAP username/password profile is not such a big problem
> because client implements can just keep using Basic Auth until you support
> the WRAP username/password profile, and skip xAuth completely (unless they
> need to take advantage of the higher rate limits for xAuth).

the same goes with xAuth.

Raffi Krikorian
Twitter Platform Team

Reply via email to