[OAI-implementers] HTTPS and OAI

Simeon Warner simeon at cs.cornell.edu
Thu Sep 30 15:57:12 EDT 2004

On Thu, 30 Sep 2004, Thomas G. Habing wrote:
> Young,Jeff wrote:
> > It appears that at least some of the DSpace OAI installations are running
> > from the https protocol instead of http. I would think this violates OAI
> > conformity. Are there any harvesters currently available that deal with
> > https?
> >
> > Thanks.
> > Jeff
> Hi Jeff,
> Our UIUC Harvester can harvest from https.  However, this is mostly an
> accident of the Windows xml/http toolkit we use which seems to handle
> https pretty transparently.
> Even though the OAI spec doesn't mention https, it seems like it might
> be useful to allow it for cases were an OAI repository might require the
> security for some reason like closed systems passing secret metadata
> around.  Although, it probably shouldn't be used unless it is really needed.
> Tom Habing

Like, Tom it seems I get https pretty much for free with my Perl harvester
using LWP (just had to install Net::SSL package). I was then able to
harvest from the https://ir.uoregon.edu:8443/dspace-oai site listed on

However, https is not an 'accepted' transport for OAI-PMH. The
specification describes only http transport. I wonder if there any good
reason to encourage harvesters to support https in 'open' applications?


More information about the OAI-implementers mailing list