> > yes, it could be a problem - however, there are known solutions to
> > obfuscating and keeping your consumer key secret. __not perfect, but pretty
> > good. __maybe we can start a discussion around this?
> What's the known solution for an open-source Web-based application
> that I want to distribute to the world[1]? "Make people get their own
> key" is not an acceptable solution; neither is "proxy all requests
> through your own web site and add the secret there".

I had the same question and was very gratified to find out that Raffi is in
fact working on this very problem with the next draft of oAuth.

------------------------------------ personal: http://www.cameronkaiser.com/ --
  Cameron Kaiser * Floodgap Systems * www.floodgap.com * ckai...@floodgap.com
-- mouse, n: A device for pointing at the xterm in which you want to type. ----

To unsubscribe, reply using "remove me" as the subject.

Reply via email to