From the FAQ:

Are rate limits per user, per computer or per application?

Rate limits apply in different ways. Some methods are rate limited
whilst others are fair use limited. In the majority of methods GET
(read) requests are rate limited and POST (write) methods are not. You
should check the rate limited section of the documentation for the
method you want to use to make sure.

We apply requests to rate limits in the following ways:

• Rate limits for authenticated requests are applied to the user.
• Rate limits for unauthenticated requests are applied to the IP that
  we see.

This means applications share the unauthenticated rate limit AND the
authenticated limit. The application being used makes no difference so
switching between multiple clients on the same IP offers no rate limit
advantage – they will all share the same remaining requests.

Multiple user accounts in a Twitter client each have their own user
rate limit but share the unauthenticated requests.

Search has it’s own rate limit and as all requests are anonymous it
applies to the IP we see. This means all users on the same IP share
the search rate limit.

This means that every request which you’ll be doing for an authenticated user (OAuth) will check this user’s rate limit, while any general non authenticated request you’ll make will check your application’s IP rate limit.