IHMO the discussion of international politics and social media should
take place in a wider forum, such as Twitter itself, and not be
limited to oAuth vs. basic authentication. ;-) There was a keynote
speech at Open Source Bridge 2010 by Danny O'Brien about this - see
http://opensourcebridge.org/sessions/478 and http://www.cpj.org/ to
get started.
--
M. Edward (Ed) Borasky
http://borasky-research.net http://twitter.com/znmeb
"A mathematician is a device for turning coffee into theorems." - Paul Erdos
Quoting earth2marsh <ma...@earth2marsh.com>:
At least "people at work" have the potential to use phones to access
Twitter…
I'm worried about users like those in China behind The Great Firewall.
Currently, they can interact with Twitter by using proxies and http
basic auth. But OAuth requires access to twitter.com (or some sort of
mediation). xAuth could be a solution, but there is already a shortage
of clients that support alternate endpoints, and some of those use
OAuth instead of xAuth (or neither).
When basic auth is shut off, who knows how many Chinese voices will
fall silent… or in North Korea. Or in Iran. Or in …?
I'm interested in hearing what others think about this.
Marsh
On Aug 12, 10:31 pm, TheGuru <jsort...@gmail.com> wrote:
I'm curious to post this question to see if Twitter has fully thought
out the impact of forcing OAuth onto their API applications. While it
may appear to be a more secure method preferred in principle by users,
the fact of the matter is that one of the main benefits of the API, is
the ability for third party twitter alternatives to be created, thus
allowing people to tweet during "business hours", when they normally
could not due to firewall / web sense restrictions, etc, that prevent
them from accessing the twitter.com domain.
Via basic authentication, users would never have to visit twitter.com
to login and gain access to twitter functionality via api clients. By
shutting this down, you are now forcing ALL potential users to login
via twitter.com, many of which do not have access to this domain in
their workplace environment, thus excluding them from easily using
your service wholesale.
This can / will, I suspect, have significant impact on twitter usage /
volume, unless I am missing something and there is an alternative the
does not require them to directly access the twitter.com domain to
grant access.
