Re: [apps-discuss] Webfinger

Blaine Cook <romeda@gmail.com> Mon, 21 November 2011 17:54 UTC

Return-Path: <romeda@gmail.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4D93A11E80E1 for <apps-discuss@ietfa.amsl.com>; Mon, 21 Nov 2011 09:54:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.549
X-Spam-Level:
X-Spam-Status: No, score=-103.549 tagged_above=-999 required=5 tests=[AWL=0.050, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mGw8jBD-Tp4C for <apps-discuss@ietfa.amsl.com>; Mon, 21 Nov 2011 09:54:03 -0800 (PST)
Received: from mail-vx0-f172.google.com (mail-vx0-f172.google.com [209.85.220.172]) by ietfa.amsl.com (Postfix) with ESMTP id C2C5F11E80DB for <apps-discuss@ietf.org>; Mon, 21 Nov 2011 09:54:03 -0800 (PST)
Received: by vcbfy13 with SMTP id fy13so3343224vcb.31 for <apps-discuss@ietf.org>; Mon, 21 Nov 2011 09:54:03 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type:content-transfer-encoding; bh=w40+XmYpkFbW3yehZ11/LHUZfbs4J+MsOtSQ/JCVXWk=; b=k3L1u7yk1c00pFKhrtx+skkj+4P45LPXvROD1G1ncaDxHvM7hZBUdUP0rxmTgArFCy Fy5PI9DSaspZKiaRN4rhOp1MMajveDOd25E8lTMaK/AFsdju+z9FWPySNwJnsMMDRpM7 nlMPWq7/Hk818XDfAbid2QOaOBXU5A+ejz7sw=
Received: by 10.182.45.3 with SMTP id i3mr3192606obm.62.1321898043278; Mon, 21 Nov 2011 09:54:03 -0800 (PST)
MIME-Version: 1.0
Received: by 10.182.44.35 with HTTP; Mon, 21 Nov 2011 09:53:42 -0800 (PST)
In-Reply-To: <06b001cca865$1d9ccb80$58d66280$@packetizer.com>
References: <032101cc9288$e3a06910$aae13b30$@packetizer.com> <90C41DD21FB7C64BB94121FBBC2E7234526735EDED@P3PW5EX1MB01.EX1.SECURESERVER.NET> <06b001cca865$1d9ccb80$58d66280$@packetizer.com>
From: Blaine Cook <romeda@gmail.com>
Date: Mon, 21 Nov 2011 17:53:42 +0000
Message-ID: <CAAz=sck=9SSHLrDwgEOOBmSftoY55DwwatmOap73+RdszZbkhA@mail.gmail.com>
To: "Paul E. Jones" <paulej@packetizer.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Cc: Joseph Smarr <jsmarr@google.com>, apps-discuss@ietf.org
Subject: Re: [apps-discuss] Webfinger
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Nov 2011 17:54:04 -0000

On 21 November 2011 15:49, Paul E. Jones <paulej@packetizer.com> wrote:
> 1)      You want to mandate use of JSON, which we also indicated in the
> draft.  However, I would personally prefer to give both XML and JSON equal
> weight and require both.

Implementations of XML-based host-meta clients are significantly more
complex than JSON implementations. To completely abandon XML-based
host-meta would have been impossible, but JSON is vastly preferred. To
lower the barrier for Webfinger adoption, +1 for JSON as a strong
recommendation over XML. It's still early days, so existing
implementations shouldn't be given undue weight.

> 2)      You wanted to mandate HTTPS. I’m not opposed, but host-meta does not
> mandate it.  Shouldn’t we Webfinger requirements on what is there?

host-meta does not necessarily have security implications. Webfinger
almost certainly does, and as such should mandate HTTPS.

b.