www-infrastructure-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alan Cabrera <...@toolazydogs.com>
Subject Re: Canonical sources for information
Date Wed, 29 May 2013 13:10:15 GMT

Sent from my iPad

On May 29, 2013, at 5:51 AM, Tony Stevenson <pctony@apache.org> wrote:

> Alan D. Cabrera wrote on Wed, May 29, 2013 at 05:36:19AM -0700:
>> If you review earlier emails in this thread you'll see that Sam's REST API requires
a username/password.  My tools will prompt for the user's username and password and pass that
> Alan, I will re-iterate my concerns about the storing of personal data -
> please dont cache our data, and more importantly never cache the
> crenedtials you prompt for.  
> Please also ensure that you only do this via SSL to prevent simple eaves
> dropping etc. 

Yes. I will use ssl.  No data will be cached.

>> Previously there was talk about Sam also providing a REST API that didn't require
a username/password, and this API would return a smaller subset of publicly safe information.
 While I could use such a thing I'm not going to wait for it to take shape as the content
of this API still seems to be in flux.
> That is the whole point of whimsy, it is a staging post for
> tools, scripts etc before they make it into prime time. Things will
> likely work just fine, but they may also change.  


Having whimsy change would be a bad thing.  I need a simple, canonical, REST API to access
data and was hoping whimsy would be that API.  It makes no sense having a myriad of scripts
and libraries all with the same cookie cut code to access lower levels of information.  All
of that stuff should be behind an API like whimsy.  Then you'll have a single choke point
to control access.


View raw message