Skip Menu |

Preferred bug tracker

Please visit the preferred bug tracker to report your issue.

This queue is for tickets about the AnyEvent-Twitter-Stream CPAN distribution.

Report information
The Basics
Id: 70649
Status: open
Priority: 0/
Queue: AnyEvent-Twitter-Stream

People
Owner: Nobody in particular
Requestors: znmeb [...] borasky-research.net
Cc:
AdminCc:

Bug Information
Severity: Wishlist
Broken in: 0.21
Fixed in: (no value)



Subject: Information / Documentation - Twitter is phasing out non-SSL Streaming
This isn't really a bug, just a heads-up / addition to the documentation. Twitter is phasing out non-SSL access to Streaming: https://dev.twitter.com/blog/streaming-api-turning-ssl-only-september- 29th Streaming API turning SSL only on September 29th All our Streaming API products are now supporting SSL and we've just updated the Streaming API Methods, User Streams and Site Streams documentation pages accordingly. As we're planning to sunset HTTP support in about a month, we strongly encourage you to switch to SSL (HTTPS) as soon as possible, especially if you're still authenticating your Streaming API requests with Basic Auth. On a related note, Basic Auth will eventually be deprecated on the Streaming API, and we recommend that you switch to OAuth well in advance. Implementation changes on your side should be as simple as changing http protocol for https Streaming API: use https://stream.twitter.com instead of http://stream.twitter.com User Streams: you should already be using https://userstream.twitter.com Site Streams: you should already be using https://sitestream.twitter.com Just like for api.twitter.com, we are using Verisign SSL certificates on these domains. If for some reason you need the Verisign Root CA Certificate, you can obtain it directly from Verisign, or from this link: http://curl.haxx.se/ca/cacert.pem i:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority - G2/OU=(c) 1998 VeriSign, Inc. - For authorized use only/OU=VeriSign Trust Network On September 29th, the Streaming API will turn SSL only. While one month’s time is our plan, please be sure to give us your feedback on this discussion thread if you think you needed more time. As always, if you have questions about the Streaming API, let us know on our Developers Discussions board. To comment on the Twitter development site, go to https://dev.twitter.com/discussions/1356 As far as I can tell from the documentation, the package works with SSL but I haven't had a chance to test it yet. If it actually doesn't work, I'll upgrade this to a real bug.
Subject: Re: [rt.cpan.org #70649] Information / Documentation - Twitter is phasing out non-SSL Streaming
Date: Sun, 18 Sep 2011 12:58:16 -0700
To: bug-AnyEvent-Twitter-Stream [...] rt.cpan.org
From: Tatsuhiko Miyagawa <miyagawa [...] gmail.com>
Thank you - could you patch the doc and open a pull request on https://github.com/miyagawa/AnyEvent-Twitter-Stream ? On Wed, Aug 31, 2011 at 11:41 AM, znmeb@borasky-research.net via RT <bug-AnyEvent-Twitter-Stream@rt.cpan.org> wrote: Show quoted text
> Wed Aug 31 14:41:26 2011: Request 70649 was acted upon. > Transaction: Ticket created by znmeb@borasky-research.net >       Queue: AnyEvent-Twitter-Stream >     Subject: Information / Documentation - Twitter is phasing out non-SSL >  Streaming >   Broken in: 0.21 >    Severity: Wishlist >       Owner: Nobody >  Requestors: znmeb@borasky-research.net >      Status: new >  Ticket <URL: https://rt.cpan.org/Ticket/Display.html?id=70649 > > > > This isn't really a bug, just a heads-up / addition to the > documentation. Twitter is phasing out non-SSL access to Streaming: > > https://dev.twitter.com/blog/streaming-api-turning-ssl-only-september- > 29th > > Streaming API turning SSL only on September 29th > > All our Streaming API products are now supporting SSL and we've just > updated the Streaming API Methods, User Streams and Site Streams > documentation pages accordingly. As we're planning to sunset HTTP > support in about a month, we strongly encourage you to switch to SSL > (HTTPS) as soon as possible, especially if you're still authenticating > your Streaming API requests with Basic Auth. > > On a related note, Basic Auth will eventually be deprecated on the > Streaming API, and we recommend that you switch to OAuth well in > advance. > > Implementation changes on your side should be as simple as changing http > protocol for https > > Streaming API: use https://stream.twitter.com instead of > http://stream.twitter.com > User Streams: you should already be using https://userstream.twitter.com > Site Streams: you should already be using https://sitestream.twitter.com > Just like for api.twitter.com, we are using Verisign SSL certificates on > these domains. If for some reason you need the Verisign Root CA > Certificate, you can obtain it directly from Verisign, or from this > link: http://curl.haxx.se/ca/cacert.pem > >  i:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification > Authority - G2/OU=(c) 1998 VeriSign, Inc. - For authorized use > only/OU=VeriSign Trust Network > On September 29th, the Streaming API will turn SSL only. While one > month’s time is our plan, please be sure to give us your feedback on > this discussion thread if you think you needed more time. As always, if > you have questions about the Streaming API, let us know on our > Developers Discussions board. > > To comment on the Twitter development site, go to > > https://dev.twitter.com/discussions/1356 > > As far as I can tell from the documentation, the package works with SSL > but I haven't had a chance to test it yet. If it actually doesn't work, > I'll upgrade this to a real bug. >
-- Tatsuhiko Miyagawa