On 01/30/2010 02:43 PM, Isaiah Carew wrote: > > So, in simple language: Twitter's policy is that *every user* of > *every open source client* register as a *new twitter application*? > > Or, have I misinterpreted something? And if so, could you explain > further what mean?
If that were the case, then it would be the requirement for all desktop apps. Open source just makes it easier to grab the key; if you stick your keys in your Air or .NET app, they can still be grabbed. Basically, if you're doing a desktop app (of any kind) with OAuth, there is a risk that your consumer key will be misappropriated. The OAuth spec explicitly acknowledges this, stating that the consumer key/secret is cannot necessarily be trusted to securely identify the consumer. - Michael -- mouse, n: A device for pointing at the xterm in which you want to type. Confused by the strange files? I cryptographically sign my messages. For more information see <http://www.elehack.net/resources/gpg>.
signature.asc
Description: OpenPGP digital signature