[OAI-implementers] Should OAI-PMH over HTTPS be permitted?
roy.tennant at ucop.edu
Wed Feb 16 11:47:17 EST 2005
At least two sites are registered at UIUC with HTTPS data providers:
both DSpace sites.
On Feb 16, 2005, at 8:40 AM, Simeon Warner wrote:
> There has been some interest recently in using OAI-PMH over HTTPS .
> OAI-PMH specification  mentions only operation over HTTP, so I think
> that at present HTTP must be used to conform to the specification (and
> this is enforced by the validation/registration site). The
> should be explicit about whether the use of HTTPS is conforming or not.
> It would be trivial to extend the specification to permit the use of
> as it is just standard HTTP operating over an additional security
> There would be no need to change the semantics or syntax beyond the
> substitution of 'https://' for 'http://'. Permitting HTTPS would have
> implications for data-providers unless they wished to use the protocol.
> The main implication of permitting HTTPS would be that harvesters would
> have to support HTTPS in addition to HTTP (or else be unable to harvest
> from some data-providers). In many programming environments there are
> libraries that provide seamless support for both HTTPS and HTTP (e.g.
> Perl, HTTPS comes for free in LWP) but this may not be true in all
> Who is using or would like to use HTTPS?
> Which harvesters already support HTTPS or could easily do so?
> Which harvesters could not easily support HTTPS?
>  http://www.isi.edu/in-notes/rfc2818.txt
> Simeon Warner Email: simeon at cs.cornell.edu
> Cornell Information Science Tel: 607-254-8605
> 301 College Ave Fax: 607-255-5196
> Ithaca, NY 14850-4623, USA
> OAI-implementers mailing list
> List information, archives, preferences and to unsubscribe:
More information about the OAI-implementers