Re: [apps-discuss] WebFinger compromises
Peter Saint-Andre <stpeter@stpeter.im> Wed, 31 October 2012 15:52 UTC
Return-Path: <stpeter@stpeter.im>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 01EFF21F8475 for <apps-discuss@ietfa.amsl.com>; Wed, 31 Oct 2012 08:52:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WARaIRJ2KoVV for <apps-discuss@ietfa.amsl.com>; Wed, 31 Oct 2012 08:52:52 -0700 (PDT)
Received: from stpeter.im (mailhost.stpeter.im [207.210.219.225]) by ietfa.amsl.com (Postfix) with ESMTP id 25B9521F846F for <apps-discuss@ietf.org>; Wed, 31 Oct 2012 08:52:52 -0700 (PDT)
Received: from [192.168.1.7] (unknown [71.237.13.154]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id CC3B74011B; Wed, 31 Oct 2012 09:56:15 -0600 (MDT)
Message-ID: <50914952.7090100@stpeter.im>
Date: Wed, 31 Oct 2012 09:52:50 -0600
From: Peter Saint-Andre <stpeter@stpeter.im>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:16.0) Gecko/20121026 Thunderbird/16.0.2
MIME-Version: 1.0
To: webfinger@googlegroups.com
References: <CAAkTpCqcijuj9m6yVgWXeZqrBWLDSbhbsDNfM1JmsmESa307qg@mail.gmail.com> <22D799A3-D79C-47C4-B9B3-3FFD5146B35D@gmail.com>
In-Reply-To: <22D799A3-D79C-47C4-B9B3-3FFD5146B35D@gmail.com>
X-Enigmail-Version: 1.4.5
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Cc: public-fedsocweb@w3.org, "apps-discuss@ietf.org" <apps-discuss@ietf.org>, Dick Hardt <dick.hardt@gmail.com>
Subject: Re: [apps-discuss] WebFinger compromises
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Oct 2012 15:52:53 -0000
[ +cc apps-discuss@ietf.org given that the spec is now an Internet-Draft... ] On 10/31/12 9:48 AM, Dick Hardt wrote: > +1 on everything. > > A simple, easy to understand spec that solves the major use cases > released soon is far superior to kitchen sink spec that solves all use > cases that is released in a year. > > JSON only (if that is not obvious, you need to write some code this decade) > > 1 round trip vs 2 round. Pick one that is simple to implement. Let's not > get caught up in optimization. Brad's comments below seem sane (as usual) > > -- Dick > > > On Oct 31, 2012, at 12:45 AM, Brad Fitzpatrick <bradfitz@google.com > <mailto:bradfitz@google.com>> wrote: > >> To everybody who recently saw me rant about WebFinger in person >> recently, hello again. >> >> To everybody else, a brief summary: >> >> -- I was an early WebFinger evangelist. I remember discussing it at >> conferences for years before it sorta became a thing. I think I even >> named it? >> >> -- I added Google's WebFinger support >> (https://groups.google.com/group/webfinger/msg/e8df6402708841ea) >> >> -- I think it's critically important for the Internet to preserve >> user@host.com <mailto:user@host.com> hierarchical identifiers before >> email gets too passe and we're stuck with single-namespaced walled >> gardens. It's on us to make email-looking identifiers more useful to >> compete with all the latest proprietary silo hotness, before the >> people of the internet no longer recognize them. >> >> (trying to establish that I'm a friend here) >> >> That said, >> >> -- this is the slowest moving community ever (I accept part of the >> blame here) >> >> -- can we please stop changing things? >> >> -- JSON, XRD, great, whatever. But let's just pick one. If JSON is >> now the hotness, let's pick *only* JSON. Specs that say "X is >> required but you can maybe do Y if you want to" just reek of political >> compromise to gain a certain party's favor. Look at OpenID 2.0. (I >> remember being sad about those political moves too, but I had lost the >> energy to fight) >> >> -- My recommendation: just remove all mention of XRD from the latest >> WebFinger spec. Yes, this is counter to my "please stop changing >> things" bullet earlier. But WebFinger has a better chance of success >> if it's a simple spec. And you're not breaking compatibility with >> anybody because *nobody uses WebFinger*. >> >> -- 1 round trip, 2 round trips. Don't really care. 2 round trips keeps >> the spec simpler and the 1st will be highly cacheable (Expires: >> weeks), so it's 1 round trip in practice, but I won't fight (too much) >> *optional* parameters in the 1st request to possibly skip the 2nd >> request. It worries me, though. I'd rather see that optimization >> added in a subsequent version of the spec, so all 1.0 implementations >> have then shown that they're capable of performing the base algorithm. >> I worry that too many servers will implement the optimization and >> then lazy clients will become pervasive which only do one round trip, >> thus making the "optional" optimization now de facto required for >> servers. So I'd really rather drop that from the spec too. Let's add >> it only later, once it's shown to be needed. As is, clients could >> even fire off two HTTP requests in parallel to reduce latency, one for >> host-meta and one optimistically for the presumed host-meta location >> in cases of big hosts that rarely change, or expired cached host-meta >> documents. >> >> I will continue to fight for Google's WebFinger support, but I'm not >> the only one losing patience. >> >> Everybody please hurry up, simplify, then hurry up. I'll help however >> I can. I'm not sure whether this was helpful. >> >> - Brad >> >> (If any of the above is offensive to my employer, I'm speaking as myself.) >> > -- Peter Saint-Andre https://stpeter.im/
- Re: [apps-discuss] WebFinger compromises Peter Saint-Andre
- Re: [apps-discuss] WebFinger compromises Tim Bray
- Re: [apps-discuss] WebFinger compromises Paul E. Jones
- Re: [apps-discuss] WebFinger compromises William Mills
- Re: [apps-discuss] WebFinger compromises William Mills
- Re: [apps-discuss] WebFinger compromises Paul E. Jones
- Re: [apps-discuss] WebFinger compromises Brad Fitzpatrick
- Re: [apps-discuss] WebFinger compromises Brad Fitzpatrick
- Re: [apps-discuss] WebFinger compromises Brad Fitzpatrick
- Re: [apps-discuss] WebFinger compromises Dick Hardt
- Re: [apps-discuss] WebFinger compromises Joe Gregorio