Aaron Parecki · Nov 5, 2013 · 4:39 AM UTC

Aaron Parecki · Nov 5, 2013 · 4:39 AM UTC

Aaron Parecki

Aaron Parecki @aaronpk

5 Nov 2013

Hello Internet friends! What is the latest hotness in signed HTTP requests? Looking for a) easy to understand from... aaron.pk/n4St1

Hello Internet friends! What is the latest hotness in signed ...

Hello Internet friends! What is the latest hotness in signed HTTP requests? Looking for a) easy to understand from both client and server perspectives, and b) easy to implement in multiple languages...

aaronparecki.com

Nov 5, 2013 · 4:39 AM UTC

peat · Nov 5, 2013 · 4:41 AM UTC

peat @peat

5 Nov 2013

Replying to @aaronpk

@aaronpk Doesn't SHA HMAC fit the bill? Depends on a shared secret, otherwise, pretty groovy.

Aaron Parecki · Nov 5, 2013 · 4:48 AM UTC

Aaron Parecki @aaronpk

5 Nov 2013

@peat Yeah that seems to be the general consensus, but still leaves questions like which headers to sign, is the... aaron.pk/r4St6

more replies

Jᵾlien Genestoux · Nov 5, 2013 · 8:26 AM UTC

Jᵾlien Genestoux

@julien51

5 Nov 2013

Replying to @aaronpk

@aaronpk beware the turducken!

Jaisen · Nov 5, 2013 · 4:43 AM UTC

Jaisen @jmathai

5 Nov 2013

Replying to @aaronpk

@aaronpk It's neither new nor hot but that's precisely why I like OAuth. Even though I hate it sometimes. @benwerd