Re: [apps-discuss] WebFinger compromises
Joe Gregorio <joe@bitworking.org> Wed, 31 October 2012 16:20 UTC
Return-Path: <joe.gregorio@gmail.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5D5DC21F870F for <apps-discuss@ietfa.amsl.com>; Wed, 31 Oct 2012 09:20:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.977
X-Spam-Level:
X-Spam-Status: No, score=-2.977 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s-8WM-1FTz05 for <apps-discuss@ietfa.amsl.com>; Wed, 31 Oct 2012 09:20:40 -0700 (PDT)
Received: from mail-oa0-f44.google.com (mail-oa0-f44.google.com [209.85.219.44]) by ietfa.amsl.com (Postfix) with ESMTP id 4183021F8668 for <apps-discuss@ietf.org>; Wed, 31 Oct 2012 09:20:39 -0700 (PDT)
Received: by mail-oa0-f44.google.com with SMTP id n5so1758786oag.31 for <apps-discuss@ietf.org>; Wed, 31 Oct 2012 09:20:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type; bh=yx6myq4dzd5ng5QWHB1KXeBRwV9bE+OVv5DqpJDjAKY=; b=oK6NUn38XUS/ureOe3/XwQjIGCax20fiy7magPksuc53DuMGTLuB+V8oETFDIN9b8u 4lG7iR3aMfzLDWiQ4gRb59pOoTPuVSCRZ6/oZ6h0ZsQXVBlcjsefNR1SqBX8X8P8SYGE alnO+6VZuP3wrctnriWEio7e6ZmF5rtDViufPzgO5r+aUGiC5oRM1DViVExuzQQ7khQ9 P/VMydqAVB7RWTu3I2IbOgHfezRmY5AGmu8GS0DTG04qEPvLKLjE1VRgwgXo5mtqDdrI YlndV20Cu4q/+zQAHU6/ozZ5U2plx9kdnZTKn+WITJfYD8MTi/65TZJWjJS4jABQLGJA 4D+w==
MIME-Version: 1.0
Received: by 10.182.31.13 with SMTP id w13mr31209470obh.29.1351700436211; Wed, 31 Oct 2012 09:20:36 -0700 (PDT)
Sender: joe.gregorio@gmail.com
Received: by 10.76.84.101 with HTTP; Wed, 31 Oct 2012 09:20:36 -0700 (PDT)
In-Reply-To: <50914952.7090100@stpeter.im>
References: <CAAkTpCqcijuj9m6yVgWXeZqrBWLDSbhbsDNfM1JmsmESa307qg@mail.gmail.com> <22D799A3-D79C-47C4-B9B3-3FFD5146B35D@gmail.com> <50914952.7090100@stpeter.im>
Date: Wed, 31 Oct 2012 12:20:36 -0400
X-Google-Sender-Auth: 5p4w-pogE42YRsLimjGsSMIECL0
Message-ID: <CA+-NybUGaaTTRB93eXHHiTVuTn5SERAJVbqvEGVkoBqCEvuQyQ@mail.gmail.com>
From: Joe Gregorio <joe@bitworking.org>
To: webfinger@googlegroups.com
Content-Type: text/plain; charset="ISO-8859-1"
X-Mailman-Approved-At: Thu, 01 Nov 2012 08:03:02 -0700
Cc: public-fedsocweb@w3.org, "apps-discuss@ietf.org" <apps-discuss@ietf.org>, Dick Hardt <dick.hardt@gmail.com>
Subject: Re: [apps-discuss] WebFinger compromises
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Oct 2012 16:35:20 -0000
On Wed, Oct 31, 2012 at 11:52 AM, Peter Saint-Andre <stpeter@stpeter.im> wrote: > [ +cc apps-discuss@ietf.org given that the spec is now an > Internet-Draft... ] > > On 10/31/12 9:48 AM, Dick Hardt wrote: >> +1 on everything. >> >> A simple, easy to understand spec that solves the major use cases >> released soon is far superior to kitchen sink spec that solves all use >> cases that is released in a year. >> >> JSON only (if that is not obvious, you need to write some code this decade) >> >> 1 round trip vs 2 round. Pick one that is simple to implement. Let's not >> get caught up in optimization. Brad's comments below seem sane (as usual) Agreed, +1 to everything he said. -joe >> >> -- Dick >> >> >> On Oct 31, 2012, at 12:45 AM, Brad Fitzpatrick <bradfitz@google.com >> <mailto:bradfitz@google.com>> wrote: >> >>> To everybody who recently saw me rant about WebFinger in person >>> recently, hello again. >>> >>> To everybody else, a brief summary: >>> >>> -- I was an early WebFinger evangelist. I remember discussing it at >>> conferences for years before it sorta became a thing. I think I even >>> named it? >>> >>> -- I added Google's WebFinger support >>> (https://groups.google.com/group/webfinger/msg/e8df6402708841ea) >>> >>> -- I think it's critically important for the Internet to preserve >>> user@host.com <mailto:user@host.com> hierarchical identifiers before >>> email gets too passe and we're stuck with single-namespaced walled >>> gardens. It's on us to make email-looking identifiers more useful to >>> compete with all the latest proprietary silo hotness, before the >>> people of the internet no longer recognize them. >>> >>> (trying to establish that I'm a friend here) >>> >>> That said, >>> >>> -- this is the slowest moving community ever (I accept part of the >>> blame here) >>> >>> -- can we please stop changing things? >>> >>> -- JSON, XRD, great, whatever. But let's just pick one. If JSON is >>> now the hotness, let's pick *only* JSON. Specs that say "X is >>> required but you can maybe do Y if you want to" just reek of political >>> compromise to gain a certain party's favor. Look at OpenID 2.0. (I >>> remember being sad about those political moves too, but I had lost the >>> energy to fight) >>> >>> -- My recommendation: just remove all mention of XRD from the latest >>> WebFinger spec. Yes, this is counter to my "please stop changing >>> things" bullet earlier. But WebFinger has a better chance of success >>> if it's a simple spec. And you're not breaking compatibility with >>> anybody because *nobody uses WebFinger*. >>> >>> -- 1 round trip, 2 round trips. Don't really care. 2 round trips keeps >>> the spec simpler and the 1st will be highly cacheable (Expires: >>> weeks), so it's 1 round trip in practice, but I won't fight (too much) >>> *optional* parameters in the 1st request to possibly skip the 2nd >>> request. It worries me, though. I'd rather see that optimization >>> added in a subsequent version of the spec, so all 1.0 implementations >>> have then shown that they're capable of performing the base algorithm. >>> I worry that too many servers will implement the optimization and >>> then lazy clients will become pervasive which only do one round trip, >>> thus making the "optional" optimization now de facto required for >>> servers. So I'd really rather drop that from the spec too. Let's add >>> it only later, once it's shown to be needed. As is, clients could >>> even fire off two HTTP requests in parallel to reduce latency, one for >>> host-meta and one optimistically for the presumed host-meta location >>> in cases of big hosts that rarely change, or expired cached host-meta >>> documents. >>> >>> I will continue to fight for Google's WebFinger support, but I'm not >>> the only one losing patience. >>> >>> Everybody please hurry up, simplify, then hurry up. I'll help however >>> I can. I'm not sure whether this was helpful. >>> >>> - Brad >>> >>> (If any of the above is offensive to my employer, I'm speaking as myself.) >>> >> > > > -- > Peter Saint-Andre > https://stpeter.im/ > > -- Joe Gregorio http://bitworking.org
- Re: [apps-discuss] WebFinger compromises Peter Saint-Andre
- Re: [apps-discuss] WebFinger compromises Tim Bray
- Re: [apps-discuss] WebFinger compromises Paul E. Jones
- Re: [apps-discuss] WebFinger compromises William Mills
- Re: [apps-discuss] WebFinger compromises William Mills
- Re: [apps-discuss] WebFinger compromises Paul E. Jones
- Re: [apps-discuss] WebFinger compromises Brad Fitzpatrick
- Re: [apps-discuss] WebFinger compromises Brad Fitzpatrick
- Re: [apps-discuss] WebFinger compromises Brad Fitzpatrick
- Re: [apps-discuss] WebFinger compromises Dick Hardt
- Re: [apps-discuss] WebFinger compromises Joe Gregorio