[OAI-implementers] oai security

Carl Lagoze lagoze@cs.cornell.edu
Wed, 16 Jan 2002 09:49:13 -0500

Other people have spoken here, but to add briefly:  there is nothing about OAI that precludes restricted access to metadata.  Since the protocol is carried over HTTP any HTTP access management mechanimsms are appropriate.


Digital Library Scientist
Computer Science Department
Cornell University
Ithaca, NY 14853 USA
Phone: +1-607-255-6046
FAX: +1-607-255-4428
Email: lagoze@cs.cornell.edu
WWW: http://www.cs.cornell.edu/lagoze 

> -----Original Message-----
> From: Donna Bergmark [mailto:bergmark@CS.Cornell.EDU]
> Sent: Monday, January 14, 2002 8:19 PM
> To: Josie Imlay
> Cc: oai-implementers@oaisrv.nsdl.cornell.edu
> Subject: Re: [OAI-implementers] oai security 
> Josie,
> I suspect that username and password authentication is contrary
> to the spirit of the Open Archive Initiative.  However, you should 
> feel free to use the OAI protocol for your own purposes. 
> Currently intellectual property rights are handled in the response
> to the Identify verb by simply stating them. 
> We have not so far heard of people trying to use OAI for proprietary 
> purposes, but this is the mail group from which to get an affirmative
> response if there is one.  
> Interesting.
> Donna
> _______________________________________________
> OAI-implementers mailing list
> OAI-implementers@oaisrv.nsdl.cornell.edu
> http://oaisrv.nsdl.cornell.edu/mailman/listinfo/oai-implementers