Re: [hybi] Process! was: [whatwg] HttpOnly cookie for WebSocket?

[Greg Wilkins <gregw@webtide.com>]

Ian Hickson wrote:
> On Fri, 29 Jan 2010, "Martin J. Dürst" wrote:
>> Ian, could you please explain how exactly *you* imagine such a 
>> cooperation should work, if not e.g. by cross-posting?
> 
> The same way it works with the HTML5 specification and the various Web 
> Apps specifications....


Ian,

the problem with this approach is that an internet protocol
is out of scope of for the WHATWG charter and the WHATWG
process is entirely inappropriate for forging a consensus
across all the interested parties.

The whatwg process relies on the consent of a single individual
(yourself) as editor.  This position is an appointment made by an
invitation only committee made up of 9 representatives from
various  browser manufacturers.   You are also on that committee,
the spokesman for the group and an employee of the company that
is shipping the first client implementation.

The whatwg self describes as having a main focus of HTML5,
plus work on Web Workers, Web Forms and Web Controls.   There
is nothing in the whatwg activities to suggest that it is
the right body to specify something that will affect web
servers, OS network stacks, firewalls, proxies, routers, bridges,
caches, connection aggregators, SSL offload, load balancers,
filters,  corporate security policies, web frameworks,
3G networks, mobile battery life, traffic analysis tools,
etc. etc.

I'm totally happy for a consortium of browser vendors
to use whatever process they like to define the
specifications for the mark up and javascript APIs
they will support in their own products.

I'm totally unhappy that such a consortium should
produce a "standard" internet protocol without
due process involving all of the industry and
community in a truly open decision making process.

You are an incredibly diligent guy and I really applaud
the effort you put in to consider and reply to the
vast amount of feedback that you get.  But at the
end of the day, if you personally are unconvinced, then
it's not going in the spec.   No one person is without
bias, conflicts of interest, areas of inexperience,
bad days at the office etc.




So the solution that I would like to suggest,
is that the WhatWG continue work on the current protocol
specification, and that will be 1.0.  The browser vendors and
other WhatWG participants can continue to work towards the
goal of interoperable  implementations.  This will be a
WhatWG document and will never be an IETF RFC.

In parallel, the IETF WG should focus on producing
a 1.1 version of the protocol/specification based on
an all-of-industry feedback and consensus.  This will
be built on 1.0 and have reasonable backwards
compatibility as a necessary requirement.  But it's
charter will directly address the concerns of the whole
internet and not just the browsers and app developers.
It will exposed to the full IETF process and will
eventually be an IETF RFC.

Each group will have editorial control over
their own document and they will need to
cooperate, so that they do not significantly
diverge on any points of substance.  The
whatwg would also participate in the IETF
process and their consent would be a vital
part of any rough consensus there.

This is not unlike the standardization of HTTP,
where HTTP/1.0 was more or less a codification of the
protocol that had been implemented by browsers.
HTTP/1.1 was the internet standard developed by
all of industry and addressed the concerns of all.


regards