Re: [apps-discuss] WebFinger Draft Updated - draft-ietf-appsawg-webfinger-01
Christian Weiske <cweiske@cweiske.de> Sun, 21 October 2012 07:37 UTC
Return-Path: <cweiske@cweiske.de>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 472B421F88CF for <apps-discuss@ietfa.amsl.com>; Sun, 21 Oct 2012 00:37:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oOSwoQlJs3CY for <apps-discuss@ietfa.amsl.com>; Sun, 21 Oct 2012 00:37:30 -0700 (PDT)
Received: from mail.cweiske.de (mail.cweiske.de [IPv6:2a01:488:66:1000:53a9:7c6:0:1]) by ietfa.amsl.com (Postfix) with ESMTP id 264BC21F88BD for <apps-discuss@ietf.org>; Sun, 21 Oct 2012 00:37:29 -0700 (PDT)
Received: by mail.cweiske.de (Postfix, from userid 65534) id 31F6B1043801F; Sun, 21 Oct 2012 09:37:28 +0200 (CEST)
Received: from bogo (p54BD7959.dip.t-dialin.net [84.189.121.89]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (Client did not present a certificate) by mail.cweiske.de (Postfix) with ESMTPSA id 68CDD1043801E; Sun, 21 Oct 2012 09:37:26 +0200 (CEST)
Date: Sun, 21 Oct 2012 09:37:28 +0200
From: Christian Weiske <cweiske@cweiske.de>
To: webfinger@googlegroups.com
Message-ID: <20121021093728.590d2898@bogo>
In-Reply-To: <00c501cdaf13$13ef6d30$3bce4790$@packetizer.com>
References: <025b01cdae61$591e9690$0b5bc3b0$@packetizer.com> <5082C526.3050100@status.net> <00c501cdaf13$13ef6d30$3bce4790$@packetizer.com>
X-Mailer: Claws Mail 3.8.0 (GTK+ 2.24.10; x86_64-pc-linux-gnu)
Mime-Version: 1.0
Content-Type: multipart/signed; micalg="PGP-SHA1"; boundary="Sig_/p0rMIiX/SNZDSozf70ROj3y"; protocol="application/pgp-signature"
X-Mailman-Approved-At: Sun, 21 Oct 2012 10:41:13 -0700
Cc: apps-discuss@ietf.org
Subject: Re: [apps-discuss] WebFinger Draft Updated - draft-ietf-appsawg-webfinger-01
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 21 Oct 2012 07:37:31 -0000
Hello Paul, >> * Section 7 makes support for CORS a MUST and then turns >> around and said if you have a good reason not to support it, you >> SHOULD NOT. I suggest that support for CORS should just be a SHOULD. >> I can figure out myself whether I want to be the exception. > PEJ: You're entirely right about that and that text bugged me, too. > There was a strong desire for CORS to the point I was asked to make > it a MUST, yet there was the desire to allow an enterprise do > something more restrictive. I have no strong preference, myself, but > I do think that if we make it a SHOULD, though, that it will make it > impossible to build a client in a browser. What does the group want > here? Not supporting CORS does not make the data any more secure. If someone wants security for their intranet, they have to implement real security measurements, e.g. based on IP whitelists. Please leave CORS support a MUST. -- Regards/Mit freundlichen Grüßen Christian Weiske -=≡ Geeking around in the name of science since 1982 ≡=-
- Re: [apps-discuss] WebFinger Draft Updated - draf… Paul E. Jones
- Re: [apps-discuss] WebFinger Draft Updated - draf… Melvin Carvalho
- [apps-discuss] WebFinger Draft Updated - draft-ie… Paul E. Jones
- Re: [apps-discuss] WebFinger Draft Updated - draf… Evan Prodromou
- Re: [apps-discuss] WebFinger Draft Updated - draf… Melvin Carvalho
- Re: [apps-discuss] WebFinger Draft Updated - draf… Christian Weiske
- Re: [apps-discuss] WebFinger Draft Updated - draf… Blaine Cook
- Re: [apps-discuss] WebFinger Draft Updated - draf… Paul E. Jones
- Re: [apps-discuss] WebFinger Draft Updated - draf… Melvin Carvalho
- Re: [apps-discuss] WebFinger Draft Updated - draf… William Mills
- Re: [apps-discuss] WebFinger Draft Updated - draf… Paul E. Jones
- Re: [apps-discuss] WebFinger Draft Updated - draf… Paul E. Jones
- Re: [apps-discuss] WebFinger Draft Updated - draf… Melvin Carvalho
- Re: [apps-discuss] WebFinger Draft Updated - draf… Paul E. Jones
- Re: [apps-discuss] WebFinger Draft Updated - draf… Melvin Carvalho
- [apps-discuss] R: WebFinger Draft Updated - draft… Goix Laurent Walter
- Re: [apps-discuss] WebFinger Draft Updated - draf… Paul E. Jones
- Re: [apps-discuss] WebFinger Draft Updated - draf… Blaine Cook