IRC log for #rest, 2014-06-21

https://trygvis.io/rest-wiki/

← Previous day | Channels | #rest index | Today | Next day → | Search | Google Search | Plain-Text | plain, newest first | summary

All times shown according to UTC.

Time	S	Nick	Message
02:38			wilmoore joined #rest
09:23			wilmoore joined #rest
09:58			DrCode joined #rest
15:18			licyeus joined #rest
16:08			graste joined #rest
16:24			Left_Turn joined #rest
17:06			licyeus joined #rest
17:14			danielemm joined #rest
17:18		danielemm	hi guys. I would to make a simple RESTful service for a mobile app. My idea is to avoid OAuth and use hmac authentication. I've found several articles online but I'm still a bit confused abour registration process. How can I deal a new user registration? A request should include both new username and password... but it seems to be so insecure....any idea?
17:18		spaceone	insecure?
17:19		spaceone	force HTTPS
17:21		danielemm	The idea is this. Both client and server has the private key. On user registration I could encrypt username and password and send it with my request to the server (using the hmac approach). If it's okay I reply to the client OK and I can pass user/pass encrypted (or a md5 of both) at each other new request
17:21		danielemm	it should be okay
17:22		spaceone	i don't understand the md5 thing
17:22		danielemm	it's to avoid to send user+pass each time
17:23		spaceone	yes
18:01			HighBit joined #rest
18:19			danielemm2 joined #rest
19:51			wilmoore joined #rest
20:00		spaceone	self descriptive messages means that the message which is transferred between two components contains not only data but also metadata, metadata about the metadata / controldata... anything more?
20:53			graste joined #rest
21:20			HighBit joined #rest
22:08			HighBit joined #rest
22:40			HighBit joined #rest

← Previous day | Channels | #rest index | Today | Next day → | Search | Google Search | Plain-Text | plain, newest first | summary

https://trygvis.io/rest-wiki/