Re: [apps-discuss] a new web security list

Graham Klyne <GK@ninebynine.org> Mon, 21 February 2011 09:43 UTC

Return-Path: <GK@ninebynine.org>
X-Original-To: apps-discuss@core3.amsl.com
Delivered-To: apps-discuss@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1B49E3A6FF5 for <apps-discuss@core3.amsl.com>; Mon, 21 Feb 2011 01:43:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.307
X-Spam-Level:
X-Spam-Status: No, score=-4.307 tagged_above=-999 required=5 tests=[AWL=1.300, BAYES_00=-2.599, DATE_IN_PAST_12_24=0.992, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T7j-m+UnmsK6 for <apps-discuss@core3.amsl.com>; Mon, 21 Feb 2011 01:43:29 -0800 (PST)
Received: from relay5.mail.ox.ac.uk (relay5.mail.ox.ac.uk [163.1.2.163]) by core3.amsl.com (Postfix) with ESMTP id 3C9493A6F84 for <apps-discuss@ietf.org>; Mon, 21 Feb 2011 01:43:29 -0800 (PST)
Received: from smtp1.mail.ox.ac.uk ([129.67.1.207]) by relay5.mail.ox.ac.uk with esmtp (Exim 4.71) (envelope-from <GK@ninebynine.org>) id 1PrSJN-0006PZ-HS; Mon, 21 Feb 2011 09:44:09 +0000
Received: from tinos.zoo.ox.ac.uk ([129.67.24.47]) by smtp1.mail.ox.ac.uk with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.69) (envelope-from <GK@ninebynine.org>) id 1PrSJN-0001g9-3e; Mon, 21 Feb 2011 09:44:09 +0000
Message-ID: <4D615E2B.4020402@ninebynine.org>
Date: Sun, 20 Feb 2011 18:32:11 +0000
From: Graham Klyne <GK@ninebynine.org>
User-Agent: Thunderbird 2.0.0.24 (Macintosh/20100228)
MIME-Version: 1.0
To: Peter Saint-Andre <stpeter@stpeter.im>
References: <4D5D922A.8000508@stpeter.im>
In-Reply-To: <4D5D922A.8000508@stpeter.im>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Oxford-Username: zool0635
Cc: "apps-discuss@ietf.org" <apps-discuss@ietf.org>
Subject: Re: [apps-discuss] a new web security list
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Feb 2011 09:43:30 -0000

Peter,

I'm rather puzzled by your description.

Using "JSON to provide security services" seems a bit like "using gasolene to 
provide transportation services".  I.e., it has a part to play, but doesn't seem 
to be more than a bit-part player in the whole service provision issue.

In providing security services, I would expect the encoding syntax of the 
service to be the easy bit.  Determining the trust and service models is harder, 
and that should stand independently of (say) JSON, no?

#g
--

Peter Saint-Andre wrote:
> Folks, a dedicated list has been established for discussion about
> requirements and potential implementation of JSON to provide security
> services for Web-based applications. You can subscribe here:
> 
> https://www.ietf.org/mailman/listinfo/woes
> 
> Peter
> 
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> apps-discuss mailing list
> apps-discuss@ietf.org
> https://www.ietf.org/mailman/listinfo/apps-discuss