On 9/8/10 2:44 PM, Jan Wildeboer wrote:
This whole key thingy however has a fundamental privacy problem esp in the
case of "one key per install" - it effectively resembles the UUID that Intel
tried to put in their CPUs a long time ago. And this UUID stuff was shot
down for very good reasons.
A central server that issues keys per install defeats one of the most
important goals of statusnet - distributed architecture.
We have no central server; each StatusNet instance maintains its own set
of app registrations, and any user on that instance can register apps
they trust to be used for API authentication via OAuth on that server.
-- brion
_______________________________________________
StatusNet-dev mailing list
[email protected]
http://lists.status.net/mailman/listinfo/statusnet-dev
