Re: [apps-discuss] Webfinger

Gonzalo Salgueiro <gsalguei@cisco.com> Mon, 21 November 2011 21:24 UTC

Return-Path: <gsalguei@cisco.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 78B1711E80F4 for <apps-discuss@ietfa.amsl.com>; Mon, 21 Nov 2011 13:24:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.598
X-Spam-Level:
X-Spam-Status: No, score=-10.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eYOhcCtZE8l6 for <apps-discuss@ietfa.amsl.com>; Mon, 21 Nov 2011 13:24:42 -0800 (PST)
Received: from av-tac-rtp.cisco.com (hen.cisco.com [64.102.19.198]) by ietfa.amsl.com (Postfix) with ESMTP id D29B711E80E8 for <apps-discuss@ietf.org>; Mon, 21 Nov 2011 13:24:41 -0800 (PST)
X-TACSUNS: Virus Scanned
Received: from chook.cisco.com (localhost.cisco.com [127.0.0.1]) by av-tac-rtp.cisco.com (8.13.8+Sun/8.13.8) with ESMTP id pALLOe7s021862 for <apps-discuss@ietf.org>; Mon, 21 Nov 2011 16:24:41 -0500 (EST)
Received: from rtp-gsalguei-8717.cisco.com (rtp-gsalguei-8717.cisco.com [10.116.61.56]) by chook.cisco.com (8.13.8+Sun/8.13.8) with ESMTP id pALLOd6u000525; Mon, 21 Nov 2011 16:24:39 -0500 (EST)
Mime-Version: 1.0 (Apple Message framework v1084)
Content-Type: multipart/alternative; boundary=Apple-Mail-339-6095399
From: Gonzalo Salgueiro <gsalguei@cisco.com>
In-Reply-To: <CAAz=sck=9SSHLrDwgEOOBmSftoY55DwwatmOap73+RdszZbkhA@mail.gmail.com>
Date: Mon, 21 Nov 2011 16:24:38 -0500
Message-Id: <BEE464F5-DA16-425C-BC09-E97445B4EF7D@cisco.com>
References: <032101cc9288$e3a06910$aae13b30$@packetizer.com> <90C41DD21FB7C64BB94121FBBC2E7234526735EDED@P3PW5EX1MB01.EX1.SECURESERVER.NET> <06b001cca865$1d9ccb80$58d66280$@packetizer.com> <CAAz=sck=9SSHLrDwgEOOBmSftoY55DwwatmOap73+RdszZbkhA@mail.gmail.com>
To: Blaine Cook <romeda@gmail.com>
X-Mailer: Apple Mail (2.1084)
Cc: Joseph Smarr <jsmarr@google.com>, apps-discuss@ietf.org
Subject: Re: [apps-discuss] Webfinger
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Nov 2011 21:24:42 -0000

On Nov 21, 2011, at 12:53 PM, Blaine Cook wrote:

> On 21 November 2011 15:49, Paul E. Jones <paulej@packetizer.com> wrote:
>> 1)      You want to mandate use of JSON, which we also indicated in the
>> draft.  However, I would personally prefer to give both XML and JSON equal
>> weight and require both.
> 
> Implementations of XML-based host-meta clients are significantly more
> complex than JSON implementations. To completely abandon XML-based
> host-meta would have been impossible, but JSON is vastly preferred. To
> lower the barrier for Webfinger adoption, +1 for JSON as a strong
> recommendation over XML. It's still early days, so existing
> implementations shouldn't be given undue weight.

I agree that XML should be retained, but JSON given preference.  This is a nice opportunity for a good old fashioned RFC 2119 'RECOMMENDED'.

--Gonzalo

> 
>> 2)      You wanted to mandate HTTPS. I’m not opposed, but host-meta does not
>> mandate it.  Shouldn’t we Webfinger requirements on what is there?
> 
> host-meta does not necessarily have security implications. Webfinger
> almost certainly does, and as such should mandate HTTPS.
> 
> b.
>