[OAI-implementers] oai security

zubair@cs.odu.edu zubair@cs.odu.edu
Mon, 14 Jan 2002 20:31:30 -0500

I am not sure I agree with Donna on this. I do not think putting
restriction on "who harvest a data provider" is against OAI. I am
reproducing here the statement from the OAI web site:

"We expect that some repositories that adopt the protocol will permit more
or less unrestricted access to their metadata, while others may use various
methods to restrict access (e.g., by IP address of origin)."

In fact, a number of communities may want to restrict access. We are
working on projects where we are using IP based access restriction.


                    Donna Bergmark                                                                                                    
                    <bergmark@cs.cornell.edu>                   To:     Josie Imlay <jimlay@atypedigital.com>                         
                    Sent by:                                    cc:     oai-implementers@oaisrv.nsdl.cornell.edu                      
                    oai-implementers-admin@oaisrv.nsdl.c        Subject:     Re: [OAI-implementers] oai security                      
                    01/14/2002 08:19 PM                                                                                               
                    Please respond to bergmark                                                                                        


I suspect that username and password authentication is contrary
to the spirit of the Open Archive Initiative.  However, you should
feel free to use the OAI protocol for your own purposes.

Currently intellectual property rights are handled in the response
to the Identify verb by simply stating them.

We have not so far heard of people trying to use OAI for proprietary
purposes, but this is the mail group from which to get an affirmative
response if there is one.


OAI-implementers mailing list