Add that to the list of even more reasons why this is an issue.

However, even stating oh well, tell them to use their cell phones,
obviously isn't a solution of any degree.  Smart Phone penetration in
the US, for example, is still less than 20%...

On Aug 13, 9:43 am, earth2marsh <> wrote:
> At least "people at work" have the potential to use phones to access
> Twitter…
> I'm worried about users like those in China behind The Great Firewall.
> Currently, they can interact with Twitter by using proxies and http
> basic auth. But OAuth requires access to (or some sort of
> mediation). xAuth could be a solution, but there is already a shortage
> of clients that support alternate endpoints, and some of those use
> OAuth instead of xAuth (or neither).
> When basic auth is shut off, who knows how many Chinese voices will
> fall silent… or in North Korea. Or in Iran. Or in …?
> I'm interested in hearing what others think about this.
> Marsh
> On Aug 12, 10:31 pm, TheGuru <> wrote:
> > I'm curious to post this question to see if Twitter has fully thought
> > out the impact of forcing OAuth onto their API applications.  While it
> > may appear to be a more secure method preferred in principle by users,
> > the fact of the matter is that one of the main benefits of the API, is
> > the ability for third party twitter alternatives to be created, thus
> > allowing people to tweet during "business hours", when they normally
> > could not due to firewall / web sense restrictions, etc, that prevent
> > them from accessing the domain.
> > Via basic authentication, users would never have to visit
> > to login and gain access to twitter functionality via api clients.  By
> > shutting this down, you are now forcing ALL potential users to login
> > via, many of which do not have access to this domain in
> > their workplace environment, thus excluding them from easily using
> > your service wholesale.
> > This can / will, I suspect, have significant impact on twitter usage /
> > volume, unless I am missing something and there is an alternative the
> > does not require them to directly access the domain to
> > grant access.

Reply via email to