IETF Logo Mail Archive

Re: [apps-discuss] IETF technical plenary: the end of application protocols

Dave Cridland <dave@cridland.net> Tue, 22 March 2011 08:59 UTC

Return-Path: <dave@cridland.net>
X-Original-To: apps-discuss@core3.amsl.com
Delivered-To: apps-discuss@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B18BA3A67E7 for <apps-discuss@core3.amsl.com>; Tue, 22 Mar 2011 01:59:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.559
X-Spam-Level:
X-Spam-Status: No, score=-2.559 tagged_above=-999 required=5 tests=[AWL=0.040, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uVnHAtqxKL8B for <apps-discuss@core3.amsl.com>; Tue, 22 Mar 2011 01:59:46 -0700 (PDT)
Received: from peirce.dave.cridland.net (peirce.dave.cridland.net [IPv6:2001:470:1f09:882:2e0:81ff:fe29:d16a]) by core3.amsl.com (Postfix) with ESMTP id 3D3AF3A67D0 for <apps-discuss@ietf.org>; Tue, 22 Mar 2011 01:59:46 -0700 (PDT)
Received: from localhost (peirce.dave.cridland.net [127.0.0.1]) by peirce.dave.cridland.net (Postfix) with ESMTP id 4F463116808F; Tue, 22 Mar 2011 09:01:17 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at peirce.dave.cridland.net
Received: from peirce.dave.cridland.net ([127.0.0.1]) by localhost (peirce.dave.cridland.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NFcZOxv-WU11; Tue, 22 Mar 2011 09:01:15 +0000 (GMT)
Received: from puncture (puncture.dave.cridland.net [IPv6:2001:470:1f09:882:221:85ff:fe3f:1696]) by peirce.dave.cridland.net (Postfix) with ESMTPA id 6BC1C1168067; Tue, 22 Mar 2011 09:01:15 +0000 (GMT)
References: <4D87612E.3090900@dcrocker.net> <4D881C04.2080406@qualcomm.com> <4D885482.2050006@ninebynine.org>
In-Reply-To: <4D885482.2050006@ninebynine.org>
MIME-Version: 1.0
Message-Id: <6266.1300784475.434865@puncture>
Date: Tue, 22 Mar 2011 09:01:15 +0000
From: Dave Cridland <dave@cridland.net>
To: Graham Klyne <GK@ninebynine.org>, Dave CROCKER <dcrocker@bbiw.net>, General discussion of application-layer protocols <apps-discuss@ietf.org>, Pete Resnick <presnick@qualcomm.com>
Content-Type: text/plain; delsp="yes"; charset="us-ascii"; format="flowed"
Subject: Re: [apps-discuss] IETF technical plenary: the end of application protocols
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Mar 2011 08:59:47 -0000

On Tue Mar 22 07:49:22 2011, Graham Klyne wrote:
> FWIW, I can think of two simple (to describe) capabilities that  
> would help to make the web more widely usable as a application  
> platform:
> 
> (a) a *simple* mechanism for pushing asynchronous notifications to  
> a web application (browser-based or otherwise).  I had early hopes  
> for HyBi, but have somewhat given up.
> 
> 
As have many.

Another option would be to use XMPP directly in the browser - not  
some hacked down variant communicating only with the webserver's  
approved domain, but full XMPP. This has different properties  
entirely from WebSockets, but those properties give rise to some  
interesting concepts.


> (b) a well-founded security model to permit controlled relaxation  
> of the same-origin restrictions on web applications in browsers.   
> Many of the current proposals I'm aware of seem to lack a coherent  
> security analysis (though, when I last looked, HTML5 may be an  
> exception in this regard).  I think this could make it easier to  
> separate data storage from applications, opening the way to give  
> users back control of their data.

Right - and full XMPP would also allow this, and single-identity, and  
your own [choice of] server/provider. In fact, it'd even allow a  
decoupling between the application and its UI, which'd make many of  
us happier.

Oddly, I'd have thought this would be embraced both by the "big  
players" and end-users with concerns about them.

I would love to see a world where the Web does what it's good at -  
that is, delivering static content, including application code and UI  
content - and protocols such as XMPP do what they're good at - that  
is, providing dynamic data between known federated entities.

Sadly, I suspect that there is sufficient inertia involved that  
maintaining the emerging status quo of HTTP for everything will prove  
impossible to break.

Dave.
-- 
Dave Cridland - mailto:dave@cridland.net - xmpp:dwd@dave.cridland.net
  - acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/
  - http://dave.cridland.net/
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade

v2.23.0 | Report a Bug | By Email