IETF Logo Mail Archive

Re: [hybi] Process! was: [whatwg] HttpOnly cookie for WebSocket?

Greg Wilkins <gregw@webtide.com> Sat, 30 January 2010 00:33 UTC

Return-Path: <gregw@webtide.com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A083D3A679C for <hybi@core3.amsl.com>; Fri, 29 Jan 2010 16:33:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.64
X-Spam-Level:
X-Spam-Status: No, score=-1.64 tagged_above=-999 required=5 tests=[AWL=-0.431, BAYES_00=-2.599, PLING_QUERY=1.39]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kjk0H5FPhKFr for <hybi@core3.amsl.com>; Fri, 29 Jan 2010 16:33:33 -0800 (PST)
Received: from mail-yw0-f179.google.com (mail-yw0-f179.google.com [209.85.211.179]) by core3.amsl.com (Postfix) with ESMTP id 561E33A635F for <hybi@ietf.org>; Fri, 29 Jan 2010 16:33:33 -0800 (PST)
Received: by ywh9 with SMTP id 9so2777215ywh.19 for <hybi@ietf.org>; Fri, 29 Jan 2010 16:33:54 -0800 (PST)
Received: by 10.90.16.33 with SMTP id 33mr1614182agp.91.1264811634501; Fri, 29 Jan 2010 16:33:54 -0800 (PST)
Received: from ?10.10.1.11? (60-242-119-126.tpgi.com.au [60.242.119.126]) by mx.google.com with ESMTPS id 16sm1535970gxk.11.2010.01.29.16.33.51 (version=TLSv1/SSLv3 cipher=RC4-MD5); Fri, 29 Jan 2010 16:33:53 -0800 (PST)
Message-ID: <4B637E68.4050903@webtide.com>
Date: Sat, 30 Jan 2010 11:33:44 +1100
From: Greg Wilkins <gregw@webtide.com>
User-Agent: Thunderbird 2.0.0.23 (X11/20090817)
MIME-Version: 1.0
To: Hybi <hybi@ietf.org>
References: <de17d48e1001280012i2657b587i83cda30f50013e6b@mail.gmail.com> <4B616F17.4030402@ericsson.com> <4B619223.60408@webtide.com> <Pine.LNX.4.64.1001282141080.22020@ps20323.dreamhostps.com> <4B620B8F.6030706@gmx.de> <Pine.LNX.4.64.1001282217320.22053@ps20323.dreamhostps.com> <bbeaa26f1001281449q1a6e1813q3f537fe15a5a9d60@mail.gmail.com> <4B625733.2020907@webtide.com> <Pine.LNX.4.64.1001290407290.22020@ps20323.dreamhostps.com> <4B636FC2.3040206@webtide.com> <ad99d8ce1001291541j70a99d26m33b5498e997c0ec4@mail.gmail.com>
In-Reply-To: <ad99d8ce1001291541j70a99d26m33b5498e997c0ec4@mail.gmail.com>
X-Enigmail-Version: 0.95.7
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Subject: Re: [hybi] Process! was: [whatwg] HttpOnly cookie for WebSocket?
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 30 Jan 2010 00:33:34 -0000

Roberto,

I don't mean to criticise your efforts on SPDY.    As I said
it is really great that you guys are doing that kind of research
and you're finding out great stuff.

I'm definitely not advocating that you should do design by
committee and I don't mean to fault what you have done to
date.

The note of caution I was trying to highlight, is what if
google started shipping Chrome with SPDY enabled.   Given
Googles general market presence (and growing browser
presence), that would essentially be a take over of the
future of HTTP by a single corporation.

Considering how they have proceeded with websocket, it
is not inconceivable that a similar path might eventually
be followed for SPDY.

That is why it is important that the internet industry
through the IETF clearly asserts that the IETF process
is the currently accepted way of creating consensus
for internet protocols.

Even if the "network has ossified" somewhat (and I've
been robustly corrected before for saying similar), that
is not a reason to give up on a consensus approach.
The WHATWG is not an alternative consensus mechanism,
it is a closed consortium of a one sector of the industry,
with a market-share behemoth in control.

I don't mean to be over dramatic, but this discussion
is essentially about if we are going to cede control over
the future of internet protocols from the IETF to Google.

Sorry again if my comments were taken as a criticism of
your work on SPDY.  None was intended, just a note of
caution about the future.

regards





Roberto Peon wrote:
> I guess I can't just lurk today!
> 
> Actually for SPDY we're trying to do a lot of experimentation (i.e.
> research) and then we'll figure out what the standard needs to be.
> Until we know it is actually better *and why*, it is not useful to waste
> people's time discussing a standard.
> 
> Were we to do it the other way around (set a standard, and then do
> research), things would be unlikely to work well.. what else would you
> have us do?
> We're even being public about it, with open source implementations for
> something which will be backwards compatible with what exists today...
> Honestly, if it worked, I'd happily use a different port (currently
> we're wanting to use port 443 and it *is* an encrypted channel), but we
> have data that shows that this doesn't work reliably.
> 
> It seems like the network has ossified a bit, and it is hard to get any
> changes out there.
> -=R
> 
> On Fri, Jan 29, 2010 at 3:31 PM, Greg Wilkins <gregw@webtide.com
> <mailto:gregw@webtide.com>> wrote:
> 
>     Ian Hickson wrote:
>     > Instead, what's happened is the equivalent of me talking to some
>     of the
>     > people working on HTTP, and then saying "ok we'll do HTTP on a new
>     mailing
>     > list" and not even letting the HTTP working group know about it.
> 
>     Hello!!!!    Google has done exactly that!    SPDY!
> 
>      http://dev.chromium.org/spdy/
> 
> 
>     Don't get me wrong, I think it's awesomely great that google is doing
>     such research.   But google has to be aware that their market power
>     makes them a poor community player.    If chrome suddenly started
>     shipping with SPDY enabled by default, then that would effectively
>     be a hostile takeover of HTTP.
> 
>     As google has done exactly this with websocket, it shows that they
>     have no  concerns about doing a non consensus based takeover of
>     port 80, so why not takeover the entire web protocol as well.
> 
> 
>     You talk as if the IETF is trying to do the take over.
> 
>     The  reality is that the IETF has had custodianship of the internet
>     protocols since day dot, and it is Google^H^H^H^H^H^HWhatWG that is
>     trying to take over the job of creating new internet standards.
>     Maybe that was warranted in the case of HTML5 and the W3C, but I see
>     no evidence that IETF deserves to be usurped when it comes to
>     their role regarding internet protocols.
> 
> 
>     regards
> 
> 
> 
> 
> 
> 
>     _______________________________________________
>     hybi mailing list
>     hybi@ietf.org <mailto:hybi@ietf.org>
>     https://www.ietf.org/mailman/listinfo/hybi
> 
>

v2.23.0 | Report a Bug | By Email