What does this really mean these days? Clearly your desktop app is connected to the internet in some way at some point, otherwise you wouldn't need Twitter. So are you just saying that you never want to have to display an HTML page? What about a web based "activation stage" that yielded some custom mime-type that securely downloaded the keys into your desktop app?
On Apr 22, 9:40 pm, Julio Biason <julio.bia...@gmail.com> wrote: > On Thu, Apr 23, 2009 at 10:23 AM, Chris Latko <ch...@latko.org> wrote: > > I'm going to have to side with Alex on this one. The APIs should be > > protected by OAuth and that is what should be pushed out and the basic > > auth deprecated. What I don't really understand is why it has taken > > until now to promote OAuth. I understand OAuth is an evolving > > standard, but it has been around for quite a while. > > Still waiting for a good explanation of how to use OAuth in a > console-only, no-browser environment. Until then, I see that Basic > Auth should remain active. > > -- > Julio Biason <julio.bia...@gmail.com> > Twitter:http://twitter.com/juliobiason