Il 11/10/2022 15:04, Andrew Newton ha scritto:
On Tue, Oct 11, 2022 at 8:16 AM Mario Loffredo
<mario.loffr...@iit.cnr.it> wrote:
my humble opinion is that this document shouldn't deal with any kind of RDAP
client other than a browser.
At the moment, I disagree with this. Authentication for non-browser
clients can be very useful. GitHub's client is a great example for
anybody who has ever needed Oauth/OpenID at the command line.
Andy, I didn't write that non-browser clients are unuseful.
On the contrary, I was the first here raising the question of how to
deal with non-browser clients that most likely will issue the biggest
number of requests to the RDAP servers.
I only expressed my concern about using for non-browser clients the same
approach used thus far. IMHO, the classic scheme based on tokens fit
better in that case while sessions are the best for end users operating
through a browser.
With regard to GitHub, AFAIK non-browser clients can access a repository
either through an access token or via SSH key, anyway nothing similar to
the exchange of a session cookie, right ?
Best,
Mario
-andy
--
Dr. Mario Loffredo
Technological Unit “Digital Innovation”
Institute of Informatics and Telematics (IIT)
National Research Council (CNR)
via G. Moruzzi 1, I-56124 PISA, Italy
Phone: +39.0503153497
Web: http://www.iit.cnr.it/mario.loffredo
_______________________________________________
regext mailing list
regext@ietf.org
https://www.ietf.org/mailman/listinfo/regext
