-
2013-08-06T22:34:21Z via Pumpa To: Public CC: Followers
Is there a high-level description of the Pump architecture anywhere? I'm curious about how the distributed communication happens, but I don't have time for a code-diving expedition right now.
My specific question of the moment: when I comment on a post, where does that go? Onto my own server, or onto the server containing the original thread?
[email protected] shared this.
-
2013-07-26T18:30:15Z via Microca.st Web CC: Public , Followers
Ok, now that I'm on a legit Pump server, somebody explain this to me. To follow a user on another server, I need to... authorize that server with write permissions to my account...?
Show all 6 replies
Ian it is part of OAuth. When you authorize a client for Twitter, you'll see similar warnings. I'd like to see the permissions become more fine-grained and time-limited: "This site will have permission to modify your contact list [in order to follow this user] and to post as you [to post on your behalf whatever you enter here] for thirty minutes." After that, it should log you out of that site and lose added permissions.
It does motivate one to ask whether subscribing to an off-site user is an appropriate use for OAuth. I suspect it is not.
Right. I should not trust an external server to do a *single* thing except add that user to my followers. And even that is a backwards way to do it. It makes me deeply concerned about the entire Pump architecture.
It might possibly have something to do with privacy and security, but I agree that absent those considerations, OAuth makes no sense in that situation.
Meanwhile...
-
iangreenleaf favorited a note
-
iangreenleaf posted a comment in reply to a note
-
iangreenleaf favorited a note