Thomas, I do agree that the currently used method for authentication is dated and could be modernized. From your perspective, why is PGP support preferred over a more modern API approach like Oauth2? While I am not against the use of PGP authentication, I do feel that a better approach would be through using technologies that are typical for this kind of application (like Oauth2). Thanks, William Sylvester
On Nov 1, 2016, at 7:06 AM, Thomas von Dein <tom@f-i-ts.net> wrote:
Hello WG,
I'd like to propose an enhancement of the whois REST api to support PGP authenticated POST requests for create,update,delete methods.
Currently the API doesn't support this, so you have to use the REST interface to download objects and the MAIL interface to modify them if you don't want to use password authentication.
A consistent user interface however, would be more reliable, easier to understand and maintain.
Thanks in advance, Thomas von Dein
-- Thomas von Dein <admins@f-i-ts.net> Finanz Informatik Technologie Service GmbH & Co. KG, OE 76052 Tel:089/94511-8833, Fax:089/94511-8941, http://www.f-i-ts.net