On Nov 24, 5:05 pm, "Alex Payne" <[EMAIL PROTECTED]> wrote: > We're currently waiting on our User Experience team to put the final > touches on a BETA release of ourOAuthsupport. It's going to have > bugs, to be sure, but we should have it out there soon. >
Could you give us a time estimate? In a week? A month? Amir > > > On Mon, Nov 24, 2008 at 12:53, Stut <[EMAIL PROTECTED]> wrote: > > > On 24 Nov 2008, at 15:13, fastest963 wrote: > > >> A better alternative would be to just create an API key for > >> every user. Instead of entering username/password, they would enter > >> their secret API key? > > > This is far less secure thanOAuthand is actually not much better than > > requiring a username and password. > > > One of the core benefits ofOAuthis the ability to be very specific > > regarding what each authorised application is allowed to do, on a per > > application basis. It also allows you to selectively revoke the permissions > > of any specific application without needing to ask or even tell the > > application about it. To do this with the API key system you effectively > > need to re-authorise every app you use when you want to block just one of > > them. No real difference between this and having to change your password. > > > I would much prefer that the guys (and gals) at Twitter concentrate on > > gettingOAuthproperly implemented (which is harder than it sounds) than > > their attention gets diverted by developers too impatient to wait for the > > right solution to the problem. > > > -Stut > > > -- > >http://stut.net/ > > -- > Alex Payne - API Lead, Twitter, Inc.http://twitter.com/al3x
