launchpad-dev team mailing list archive

Thread
Date

Re: https://dev.launchpad.net/API "Authenticated Access Only" needs rationale

To: launchpad-dev@xxxxxxxxxxxxxxxxxxx
From: Max Bowsher <maxb@xxxxxxx>
Date: Sun, 20 Sep 2009 22:33:31 +0100
In-reply-to: <87pr9ls7i5.fsf@canonical.com>
User-agent: Thunderbird 2.0.0.23 (X11/20090817)

Karl Fogel wrote:
> Max Bowsher <maxb@xxxxxxx> writes:
>> Quoting https://dev.launchpad.net/API:
>>
>> """
>> Authenticated Access Only
>>
>> By design, there is no anonymous access through the API. You can do
>> read-only access (through a read-only token) but not anonymous access.
>> All API use is accounted to a person.
>> """
>>
>> Why?
>>
>> Please feel free to respond in the form of a wiki edit :-)
> 
> I'll answer here, and see if anyone follows up with more (or more
> correct) information, before we put this in the wiki.
> 
> My understanding is that it's a way to have some safeguard against
> [possibly accidental] DoS.  If all accesses are authenticated, then if
> someone does something that causes a problem, we can shut off just that
> person's API access.  (Presumably, we'd then try to contact them and
> figure out a better solution.)

The obvious followup question, then, is: Why is this treated any
differently to someone abusively screenscraping information from
Launchpad webpages?

Max.

Attachment: signature.asc
Description: OpenPGP digital signature

Follow ups

Re: https://dev.launchpad.net/API "Authenticated Access Only" needs rationale
From: Graham Binns, 2009-09-20

References

https://dev.launchpad.net/API "Authenticated Access Only" needs rationale
From: Max Bowsher, 2009-09-20
Re: https://dev.launchpad.net/API "Authenticated Access Only" needs rationale
From: Karl Fogel, 2009-09-20