Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simple Web Discovery (SWD)
"Paul E. Jones" <paulej@packetizer.com> Sun, 22 April 2012 03:51 UTC
Return-Path: <paulej@packetizer.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1F07D11E8097 for <apps-discuss@ietfa.amsl.com>; Sat, 21 Apr 2012 20:51:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.715
X-Spam-Level:
X-Spam-Status: No, score=-1.715 tagged_above=-999 required=5 tests=[AWL=-0.451, BAYES_00=-2.599, HTML_MESSAGE=0.001, HTML_TAG_BALANCE_HEAD=1.334]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id k4VgkPQTQffH for <apps-discuss@ietfa.amsl.com>; Sat, 21 Apr 2012 20:51:11 -0700 (PDT)
Received: from dublin.packetizer.com (dublin.packetizer.com [75.101.130.125]) by ietfa.amsl.com (Postfix) with ESMTP id A49DA21F851D for <apps-discuss@ietf.org>; Sat, 21 Apr 2012 20:51:11 -0700 (PDT)
Received: from dyn-129.arid.us (rrcs-98-101-148-48.midsouth.biz.rr.com [98.101.148.48]) (authenticated bits=0) by dublin.packetizer.com (8.14.5/8.14.5) with ESMTP id q3M3p7RM011527 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NO); Sat, 21 Apr 2012 23:51:10 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=packetizer.com; s=dublin; t=1335066670; bh=iD+/wuBQD8sQO+1jSwtkQSMZYDab+Cb5yomd14Ly/54=; h=In-Reply-To:References:MIME-Version:Content-Type:Subject:From: Date:To:CC:Message-ID; b=guYmf03pRb/TU4CMqGi5DRvMLM15i3nRG2/0scNEcrm6HAbUUNIavdkV51JRzf3WY JSAV/REAXOb+vjFXrCk+aM+TxUq20BFD9MUzodJk9bxHGJb4pyaov2g3sYFvom9eRR RR3PiKkJOzBhTVYqbv2eE3VTBNP5HjTIJNmu7XMU=
User-Agent: Kaiten Mail
In-Reply-To: <CAKaEYh+S8+_-4EsjAa36XVN8HvgWW4phKMyg64zhqXQueMjOdg@mail.gmail.com>
References: <423611CD-8496-4F89-8994-3F837582EB21@gmx.net> <4F8852D0.4020404@cs.tcd.ie> <9452079D1A51524AA5749AD23E0039280EFE8D@exch-mbx901.corp.cloudmark.com> <sjm1unn338j.fsf@mocana.ihtfp.org> <9452079D1A51524AA5749AD23E0039280FACC3@exch-mbx901.corp.cloudmark.com> <4E1F6AAD24975D4BA5B168042967394366490B2A@TK5EX14MBXC284.redmond.corp.microsoft.com> <091401cd1ea3$e159be70$a40d3b50$@packetizer.com> <CAHBU6it3ZmTdK-mTwydXSRvGvZAYuv0FFR2EWLwdfTxQh4XV5g@mail.gmail.com> <091901cd1eb0$167a8ce0$436fa6a0$@packetizer.com> <sjmbommzdv4.fsf@mocana.ihtfp.org> <4F917CE6.2060904@mtcc.com> <0a7601cd1f74$cc5a26a0$650e73e0$@packetizer.com> <4E1F6AAD24975D4BA5B1680429673943664920DE@TK5EX14MBXC284.redmond.corp.microsoft.com> <CAKaEYh+S8+_-4EsjAa36XVN8HvgWW4phKMyg64zhqXQueMjOdg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----JWII7ZD6XR2ECNEZ1AZPSEHB51NJPN"
From: "Paul E. Jones" <paulej@packetizer.com>
Date: Sat, 21 Apr 2012 23:51:06 -0400
To: Melvin Carvalho <melvincarvalho@gmail.com>, Mike Jones <Michael.Jones@microsoft.com>
Message-ID: <f3112e24-e3fb-4465-b8e9-d9e8be80b217@email.android.com>
Cc: Michael Thomas <mike@mtcc.com>, Derek Atkins <derek@ihtfp.com>, Apps Discuss <apps-discuss@ietf.org>
Subject: Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simple Web Discovery (SWD)
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 22 Apr 2012 03:51:13 -0000
Melvin, The acct: URI scheme is not a new protocol, but just a scheme that refers to user accounts. It is documented in the WebFinger draft. Paul -------- Original Message -------- From: Melvin Carvalho <melvincarvalho@gmail.com> Sent: Sat Apr 21 23:09:54 EDT 2012 To: Mike Jones <Michael.Jones@microsoft.com> Cc: "Paul E. Jones" <paulej@packetizer.com>, Michael Thomas <mike@mtcc.com>, Derek Atkins <derek@ihtfp.com>, Apps Discuss <apps-discuss@ietf.org> Subject: Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simple Web Discovery (SWD) On 21 April 2012 18:37, Mike Jones <Michael.Jones@microsoft.com> wrote: > I want to completely agree with what Paul wrote: "What is a pain on the > client side is conditional code that has to be followed in order to consume > whatever the server wants to send. The client should have a single code > path knowing it will get what it wants". > > BTW, this is also part of the argument for making the resource parameter > required. Paul's example of: > curl -v > https://packetizer.com/.well-known/host-meta.json?resource=acct:paulej@packetizer.com > should work on all deployments - not just packetizer.com, so clients can > rely on it working (and not have to have conditional code to try again in a > different way when it doesn't). > > As a design principle, to the extent there's any complexity, it should be > pushed to the servers, rather than the clients, as clients will vastly > outnumber servers. The solution should be as simple for clients to use > as possible, to facilitate adoption. > if acct: is to become a new protocol for the internet , I request that it should be fully documented, and available for review > Best wishes, > -- Mike > > (moved OAuth to bcc) > > -----Original Message----- > From: apps-discuss-bounces@ietf.org [mailto:apps-discuss-bounces@ietf.org] > On Behalf Of Paul E. Jones > Sent: Friday, April 20, 2012 9:11 PM > To: 'Michael Thomas'; 'Derek Atkins' > Cc: oauth@ietf.org; 'Apps Discuss' > Subject: Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simple Web Discovery > (SWD) > > Mike, > > > On 04/20/2012 07:17 AM, Derek Atkins wrote: > > > <OAUTH Chair Hat> Note that this is a replay of the historical "MUST > > > Implement" versus "MUST Use" arguments. Just because the server MUST > > > IMPLEMENT JSON and XML does not mean that a Client must use both (or > > > even that a client must implement both). It is perfectly reasonable > > > and generally acceptable to have a server that provides data in > > > multiple formats whereas the client only supports a subset and > > > specifies which format(s) are acceptable. </OAUTH Char Hat> -derek > > > > To Paul's point about how easy it is for a server to support both, I'd > > retort that it's equally easy for a client to gin up JSON instead of XML. > > I don't follow. > > I agree I could write a client that could do JSON easily. > I agree I could write a client that could do XML easily. > > What is a pain on the client side is conditional code that has to be > followed in order to consume whatever the server wants to send. The client > should have a single code path knowing it will get what it wants, ether XML > or JSON. > > Granted, the server has to have a conditional statement and generate XML > or JSON as requested. However, generating either is trivial. Really, I > did it in minutes. We're not talking about huge complex data structures > here with WebFinger. > > > Pity the poor programmer who can't get their head around that gigantic > > change. On the other hand, having to support XML and JSON is an > > ongoing maintenance headache server-side. Why do it? > > Would we expect to see a lot of changes to the data structures used by > WebFinger? That's really the only ongoing maintenance issue. Don't touch > the code that produces the XML or JSON and there is no ongoing maintenance. > > > There isn't even the dubious > > religious war like back in the day saying that binary encoded ASN.1 > > was "better/faster/stacks and cleans dishes" than "human readable" > > XML. XML is just a clunky and past its prime text encoding at this > > point. Requiring it smacks of nostalgia to me. > > I disagree with you on that one. First, ASN.1 is better for defining > protocols, so long as you stay away from the complex stuff. Basic ASN.1 > looks a lot like C and produces C data structures that can be readily read, > decoded, and consumed in C code. Rarely, rarely do I see decoding issues > when using ASN.1, whereas issues pop up quite often with text protocols, > especially things like SIP where a semi-colon in the wrong place breaks > things. But, let's not start that debate again ;-) > > XML *can* be big and clunky. As you've well noticed, I can also write > lengthy emails that seem to have more typos as the evening progresses. :-) > > However, XML can be a very compact encoding and it's extremely readable. > > I just did a query on my server to see the XML vs. JSON output. The XRD > document provided was 1032 octets. The JRD document was 1077 octets. > Removing every possible space and making both formats hard as heck to > read, JSON was 837 and XML was 940. I'm hard pressed to say that's makes > much difference. Further, I can't read either of them now without some > effort. > > Considering that a lot of WebFinger use (I suspect) is going to be > server-to-server interaction, XML seems like a reasonable format to retain. > That, and the fact it is already mandatory in RFC 6415 and deployed out > there. > > It's not nostalgia for me. XML is a very well-structured, readable format. > No objection to JSON, but I really don't understand the clamoring for JSON. > I guess more precisely, I don't understand the disdain for XML. Is it > because people created hideously complex XML data structures and feel pain > for having done that? XRD is not that kind of document. > > Paul > > > _______________________________________________ > apps-discuss mailing list > apps-discuss@ietf.org > https://www.ietf.org/mailman/listinfo/apps-discuss > > > _______________________________________________ > apps-discuss mailing list > apps-discuss@ietf.org > https://www.ietf.org/mailman/listinfo/apps-discuss >
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Stephen Farrell
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Stephen Farrell
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Murray S. Kucherawy
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Mike Jones
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Peter Saint-Andre
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Melvin Carvalho
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Bob Wyman
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Mike Jones
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Peter Saint-Andre
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Tim Bray
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Melvin Carvalho
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Bob Wyman
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Derek Atkins
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Kevin Marks
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Melvin Carvalho
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Bob Wyman
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Paul E. Jones
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Mike Jones
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Paul E. Jones
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Paul E. Jones
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Stephen Farrell
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Murray S. Kucherawy
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… John Panzer
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Murray S. Kucherawy
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Paul E. Jones
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Eran Hammer
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Peter Saint-Andre
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… William Mills
- [apps-discuss] R: [OAUTH-WG] Web Finger vs. Simpl… Goix Laurent Walter
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Eran Hammer
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Eran Hammer
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… John Bradley
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Stephen Farrell
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Melvin Carvalho
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Derek Atkins
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Christian Weiske
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Blaine Cook
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… John Panzer
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Bob Wyman
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Paul E. Jones
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Pelle Wessman
- [apps-discuss] R: [OAUTH-WG] Web Finger vs. Simpl… Goix Laurent Walter
- [apps-discuss] Web Finger vs. Simple Web Discover… Michiel de Jong
- Re: [apps-discuss] R: [OAUTH-WG] Web Finger vs. S… Melvin Carvalho
- Re: [apps-discuss] R: [OAUTH-WG] Web Finger vs. S… Bob Wyman
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Dick Hardt
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Mike Jones
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Melvin Carvalho
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… John Panzer
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Murray S. Kucherawy
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Paul E. Jones
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Mike Jones
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Eran Hammer
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Torsten Lodderstedt
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… William Mills
- Re: [apps-discuss] R: [OAUTH-WG] Web Finger vs. S… Paul E. Jones
- Re: [apps-discuss] R: [OAUTH-WG] Web Finger vs. S… Bob Wyman
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Melvin Carvalho
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Melvin Carvalho
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Peter Saint-Andre
- Re: [apps-discuss] R: [OAUTH-WG] Web Finger vs. S… Paul E. Jones
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Melvin Carvalho
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Paul E. Jones
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Tim Bray
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Paul E. Jones
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Mike Jones
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Tim Bray
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Paul E. Jones
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Paul E. Jones
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Mike Jones
- [apps-discuss] R: [OAUTH-WG] Web Finger vs. Simpl… Goix Laurent Walter
- [apps-discuss] R: R: [OAUTH-WG] Web Finger vs. Si… Goix Laurent Walter
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Paul E. Jones
- Re: [apps-discuss] R: [OAUTH-WG] Web Finger vs. S… Paul E. Jones
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Paul E. Jones
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Gonzalo Salgueiro
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Pelle Wessman
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Melvin Carvalho
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… William Mills
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Daniel Renfer
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Tim Bray
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… John Bradley
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Derek Atkins
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Michael Thomas
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Michael Thomas
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Eran Hammer
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Julian Reschke
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Michael Thomas
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Gonzalo Salgueiro
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… John Bradley
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Gonzalo Salgueiro
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… John Bradley
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Eran Hammer
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… George Fletcher
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Stephen Farrell
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Paul E. Jones
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Paul E. Jones
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Paul E. Jones
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Paul E. Jones
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Paul E. Jones
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Mike Jones
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Bob Wyman
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Tim Bray
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… SM
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Melvin Carvalho
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Paul E. Jones
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Paul E. Jones
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Martin J. Dürst
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Derek Atkins
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Michael Thomas
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Derek Atkins
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Paul E. Jones
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Derek Atkins
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Michael Thomas
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Kevin Marks
- Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simp… Michael Thomas