 |
 |
On Tue, Aug 18, 2015 at 09:29:17PM +1200, Stuart A. Yeates wrote: > While these may appear to be OAI-PMH providers, they're non-conformant: > > http://www.openarchives.org/OAI/openarchivesprotocol.html#ProtocolFeatures > > OAI-PMH requests *must* be submitted using either the HTTP GET or POST > methods. Everything that holds for HTTP also holds for HTTPS because HTTPS is simply HTTP over TLS, as the HTTPS standard is aptly titled: https://tools.ietf.org/html/rfc2818 A discussion on the OAI implementers mailing list seemed to converge on the position to accept HTTPS wherever possible but not to require it. That was in 2005 when the IETF had not started to consider declaring HTTP without TLS obsolete altogether. https://www.openarchives.org/pipermail/oai-implementers/2005-February/001419.html > Maybe because forcing people to upgrade their tech leaves behind those with > the least resources. Maybe because switching to a protocol whose minimum > message cost (in cpu cycles) is many thousands of times higher is a dubious > cost/benefit trade-off in some situations. The burden of TLS encryption on CPUs is negligible these days: https://www.imperialviolet.org/2010/06/25/overclocking-ssl.html C: -- Christian Pietsch · http://purl.org/net/pietsch LibTec (Library Technology and Knowledge Management) department of Bielefeld University Library, Bielefeld, Germany