IETF Logo Mail Archive

RE: Diversity and Inclusiveness in the IETF

Hannes Tschofenig <Hannes.Tschofenig@arm.com> Wed, 24 February 2021 07:33 UTC

Return-Path: <Hannes.Tschofenig@arm.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0E3603A0D3C for <ietf@ietfa.amsl.com>; Tue, 23 Feb 2021 23:33:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.1
X-Spam-Level: *
X-Spam-Status: No, score=1.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RAND_MKTG_HEADER=2.999, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=pFdP/nm8; dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=pFdP/nm8
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wsWp9y10ExmJ for <ietf@ietfa.amsl.com>; Tue, 23 Feb 2021 23:33:41 -0800 (PST)
Received: from EUR03-DB5-obe.outbound.protection.outlook.com (mail-eopbgr40076.outbound.protection.outlook.com [40.107.4.76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AA3723A0D39 for <ietf@ietf.org>; Tue, 23 Feb 2021 23:33:40 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=sWsAQtDNAN+Wga85vK0Pi01FyVsTOwDu4sFruORrpg8=; b=pFdP/nm8hhiWHaGGhmbpjIuONaQGEV+QzYngF7Tn2QCsjYbcGeoEElw4n3f/8s8quFbxEB5FTSO2q04TBb6XHba1G9hNtbeEYoPDzXkAiQBxmSTY0woeLsgYQhrOw9gC8k1wwOGlhYnPN0CwKc6iCX1deag3y5SNkmM5wBOqFvg=
Received: from AM6PR02CA0030.eurprd02.prod.outlook.com (2603:10a6:20b:6e::43) by VI1PR08MB4477.eurprd08.prod.outlook.com (2603:10a6:803:fb::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3868.29; Wed, 24 Feb 2021 07:33:37 +0000
Received: from AM5EUR03FT040.eop-EUR03.prod.protection.outlook.com (2603:10a6:20b:6e:cafe::d8) by AM6PR02CA0030.outlook.office365.com (2603:10a6:20b:6e::43) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3868.27 via Frontend Transport; Wed, 24 Feb 2021 07:33:37 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; ietf.org; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;ietf.org; dmarc=pass action=none header.from=arm.com;
Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com;
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by AM5EUR03FT040.mail.protection.outlook.com (10.152.17.148) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3868.27 via Frontend Transport; Wed, 24 Feb 2021 07:33:36 +0000
Received: ("Tessian outbound 2e8b6751367e:v71"); Wed, 24 Feb 2021 07:33:36 +0000
X-CR-MTA-TID: 64aa7808
Received: from af6339e62701.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 91253F50-EA1C-4EE2-9B6B-44E4AD011BF9.1; Wed, 24 Feb 2021 07:33:31 +0000
Received: from EUR04-HE1-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id af6339e62701.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Wed, 24 Feb 2021 07:33:31 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=YDOvdt5NLzHuhBMYYgI0WXjXPiHp5E6Z4x8UjdHeVkvASQhpWDc9iY8Utakzd/y0EJp6/ZbvPWEZpy3CkFQsYTxK//5gDfxGX8O8SEmtg3Ffw16bp8SsVgnNFw8f/1HZrT7m/nVC3iFfUlVDRif9Sm/Bj43nCSw8vpM69sxUlMs4RnZj7cvVAP5WNcHmKbA5X9CYbBD5gXxYSgVwwvJ/HaU2IDaDEUcJ5PmpEr+sHJW+xLSycj/gT7xS00jFT3Zr7kMs7fl+jhmKfdaZdYWzadmm16JsDK9+nVroiax5dQMgSlEVbmPuQdeVcq/LSQ2lJwOgSTrXZw553UaHkN11gQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=sWsAQtDNAN+Wga85vK0Pi01FyVsTOwDu4sFruORrpg8=; b=UiOR9Qcfl7QAHjMsXwWNr2o2Yvc5h0HiehkSrOm4kN+qCQkU3X4EUPV9RKU1wBgb0NIdiTdth0MtpeISM/WEl0mUc+HUJjt320PmrVyh4OOLOpYLq5OFnx+4xvZ5QGXc/f0Ah3IYF3p2TxhrGoFwgI5iaX26kECfSvGhuswjE56qj6nHTtKLZb3N4nG3PwTROqVm2I2C8F0qrEq9i8mttAeub2E7ZWBdjWmdrssT41zvsBam0uXoPcI9muS7uDA9XQspeok+LiDpqpUcfzzNdmlWvWa8b0VN9lskhttyBRt2wstmlg6cqo68KUVYua7VOKRtmSzF0e3CmdGbcJuMIQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=sWsAQtDNAN+Wga85vK0Pi01FyVsTOwDu4sFruORrpg8=; b=pFdP/nm8hhiWHaGGhmbpjIuONaQGEV+QzYngF7Tn2QCsjYbcGeoEElw4n3f/8s8quFbxEB5FTSO2q04TBb6XHba1G9hNtbeEYoPDzXkAiQBxmSTY0woeLsgYQhrOw9gC8k1wwOGlhYnPN0CwKc6iCX1deag3y5SNkmM5wBOqFvg=
Received: from AM0PR08MB3716.eurprd08.prod.outlook.com (2603:10a6:208:106::13) by AM0PR08MB3458.eurprd08.prod.outlook.com (2603:10a6:208:d3::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3868.30; Wed, 24 Feb 2021 07:33:29 +0000
Received: from AM0PR08MB3716.eurprd08.prod.outlook.com ([fe80::7484:8c2b:e664:648]) by AM0PR08MB3716.eurprd08.prod.outlook.com ([fe80::7484:8c2b:e664:648%7]) with mapi id 15.20.3868.033; Wed, 24 Feb 2021 07:33:29 +0000
From: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
To: Keith Moore <moore@network-heretics.com>, "ietf@ietf.org" <ietf@ietf.org>
Subject: RE: Diversity and Inclusiveness in the IETF
Thread-Topic: Diversity and Inclusiveness in the IETF
Thread-Index: AQHXCXgbtlRdrPa6OEShU5hVFqdRTqplIz0AgABqRRCAABPPgIAADfGAgAABowCAABzOAIAADk2AgADyA4CAABqcgIAAAMkQ
Date: Wed, 24 Feb 2021 07:33:28 +0000
Message-ID: <AM0PR08MB3716D06A5EAD8699EC8329AAFA9F9@AM0PR08MB3716.eurprd08.prod.outlook.com>
References: <37eecb9b-f0eb-e21c-b162-b1f0339e4981@si6networks.com> <3c2d646d-f18d-4d88-b458-29dbd486432b@beta.fastmail.com> <AM0PR08MB371669108E9CEA561BEC9EF6FA809@AM0PR08MB3716.eurprd08.prod.outlook.com> <d6648437-332b-4668-a1c7-591f2c287539@dogfood.fastmail.com> <CADNypP8GKTY-Jhpb6AEfcpXOihwLap7OrrByNemGc2GNvZLeog@mail.gmail.com> <10fd9d2d-afb4-44aa-b618-fb5ce1efa69e@dogfood.fastmail.com> <c21477c8f68047cabac7aeae60a688f2@cert.org> <CAHbuEH7Qvc3AaBxbk1kXd4knS4_+Wrs3P7WNETRNNoFP-dGNCA@mail.gmail.com> <CAMm+LwgbK3HYDjSHnTN3f6hWSQCQrEjHLNn6z0JpfY7hdxaQpg@mail.gmail.com> <1ca2f81d-58ac-914e-c9d3-611ec7d261ec@network-heretics.com>
In-Reply-To: <1ca2f81d-58ac-914e-c9d3-611ec7d261ec@network-heretics.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ts-tracking-id: 27E9D964AF57DE4FB990C5496AFAE039.0
x-checkrecipientchecked: true
Authentication-Results-Original: network-heretics.com; dkim=none (message not signed) header.d=none; network-heretics.com; dmarc=none action=none header.from=arm.com;
x-originating-ip: [80.92.115.86]
x-ms-publictraffictype: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 1fc4fd50-cbba-48b8-583a-08d8d8967f80
x-ms-traffictypediagnostic: AM0PR08MB3458:|VI1PR08MB4477:
X-Microsoft-Antispam-PRVS: <VI1PR08MB4477C201A2B86616DE9A3F0BFA9F9@VI1PR08MB4477.eurprd08.prod.outlook.com>
x-checkrecipientrouted: true
nodisclaimer: true
x-ms-oob-tlc-oobclassifiers: OLM:9508;OLM:10000;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: Zw6kmmba1Ux0YK433oCu5NS+zOtXE4DaKmL8IxQE3l2eYWFtJmsOBbtG5DerNj4U/cMe0/+LZTR8w+bOzvJVGvoa0Zvwl8/jOa14XjMnmlIRE924DDyjjY+OaGfrL0phsTz4HFIi7pEllHqeFJ/KlDJeJQptZOYT2KxWFuOi3i/zuhaRWS0Lr/Ee9zvoacBQ7y14Nf8mJnh5/7clc0SoZLSP/nk/fqWRo+cAq2+onrKJi/IDzp0LGW6ZU0oqQkS1kDMW7Jk9vnGaEDVRdlcxWm55u2lO3A9876ofA15PCmyNdk4vyHQ3i7YQ5mVgoyir6fmgdz/rMjUzGifZxYaA7dIeB2Ad2OOevNYllbGOzgxUYUr8Xv7I6sHjCVpO4Gq9kYWhuJ26Lzspc1TOEqAu/TZolQrs7WShmeNGvc6fmVCXem0YmAum3zts7T2DHpDcN1gVmZdztOtmYy7C7bmdYQTzrafLQv65itq8DRuWjw2x0peSUKZZPgH0BZWcBzqas63XROvt9WIvAc4xXPcAkQ==
X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM0PR08MB3716.eurprd08.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(396003)(39850400004)(376002)(346002)(366004)(136003)(66574015)(5660300002)(186003)(83380400001)(33656002)(66556008)(478600001)(316002)(66476007)(8676002)(64756008)(110136005)(66946007)(66446008)(8936002)(86362001)(53546011)(6506007)(52536014)(26005)(71200400001)(7696005)(55016002)(9686003)(2906002)(76116006); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: euwQgbc7lG4zREvjdec0OJpgGqsTyP+by41P5Uov4dqz7SYshltfofz03gNoIuGGyugrqlMUEn8HX+JQHX//IOX58QH/kn/eiJUge/E7lUYcTSx4HboeJCVs+ByJ4UeMLUI1YpWKL1h2cJ14MmwS47skFwx0HLP3mxOcH2bzwRShMbQMWbsYKBX8JGEzotVrFihSz+JPv8M4osvRnN8LJ/J23/K2+3UUUjHdtVIavxm0qSFpqEpb1tCThbrrRJX9T6FOMKHJb+PUTaZs/gU6bk7krTD8ZT0GXQ9xw1KbfDApZRvhrdEwchwu+8AVWM6CBLNG/ZizvRabgnnBs/8DsWmrIV5orDQ8j05GwAFpMYw1YXej5p9jOphi986hptBaBEhva4VtEzkzFfJTkDQ8SCREmnegVeDlzV/iEcQW2m7LbK47VmE3q88jBxqIweZ4VpJtOfP3hKX8jKxFDDDkuwb1Nh1uBTwoKhAzk2OUfrZN4sswgFYgnDMtmM4ggJgQYwYTOJKYgKIAA038TChOQlk96lZ/eWgZOhJp1dWlRxS9KXxGnxOdWAf0LmYM2xhPmpTyDYeIt0BGxgSRGa/kfJykfotc+fIYn9a1zESYGh64TmbvJoFrIHmq2JS3pZ/U9NBMKObcxb2V73pEfOhmomSpZrrijYapAPwsEytFWGTgCYfGb1QEHE59lkGVkA6geMaq2/mt/D85VrFJNyXgN7GGH9WwHLfdu3YmbXGU4yjkxP7JxW23U0ydXCqlLS223NYD0LqZKt7vlL7zvm+25HNpVqz6ZD2xVSJJQ9uNn4AfRY2bRaxzdcPFP8dHR2Xnise6umoULVEjl6trrRVzhCvlLa8Jyu3Q2+/gGmO/oZOA6ZRHLhUhGUnbORwZD/8RNWqfg/9oYOtpzNlAnpsvh1ki/6sL23V5T4YIS0fD95UzQBQ/Fk4HywW7Bm039HM2iTC+2qzRT9lT0LK2KSkbLXtTA022MsQRMIrANoMbcz8oA1ZpmQBJBEV0DBvsWFCby6HyXT3e2yd02Zb8B53IDZVwTbA1YtEaka8Q0IcNZ8sghAhCtZWbQBZrKxZOajb6hNBYuuQoRHY7XEjtX0PcpwuJLe7wcn05K9DIxxotAqftU3bDGX1V+YYRir3q4R7rWMHDov/0SoWVhugWB/xnXAXbOAvi+2rF2xnwrqy+VLAUupEwmpla9jqcfC1M/OwSb3kZrTVtr4PXWVRbOuYCuvxsh8K4q/FjDbfhJBi3t0Yvuqmvd+8DCQ6/EAcxFEFiKeq/58z5fF0IuQ5C0HmDuwm7xwsDqxTP0A3dEkPg/nfnzc4RKEQdtXnIEdgB3t45
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_AM0PR08MB3716D06A5EAD8699EC8329AAFA9F9AM0PR08MB3716eurp_"
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR08MB3458
Original-Authentication-Results: network-heretics.com; dkim=none (message not signed) header.d=none;network-heretics.com; dmarc=none action=none header.from=arm.com;
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: AM5EUR03FT040.eop-EUR03.prod.protection.outlook.com
X-MS-Office365-Filtering-Correlation-Id-Prvs: b2924453-2f08-4d1a-cd3e-08d8d8967ae0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: sddCELUZ9LBSR+DeRGrzRp96itiM2qEJrz5TmA9vCLIPIRAW3BpwCYVZwBcive6/6pXLwCsmUJrQm3kPowXEoCmdhfrE4jgVO4j1TqGo/7Y4MJLYWjgFngTXCyM6iR0vQrcE0JtZ22eE5NK3l3rhbwrZIcL/aA52TfQVK1QU3wUZbQtOvq9np3qnGURGKUrMolcI61U4Ia74HlwMBGitOgvuAI+iKV5lIn0Vzo44ONdo6zDBwf1yWnaXTzOCuiSc0hy9ZkKzI7eBd55uZE4XtTVzNjHfcRFf/J1a5NeSIhP78MsoOGPXgyRMWpsFm2uTrIXdWv+ehLmyMwf8zZQCeqnxx2mCJCfMl9hashglXRIw0V/Mje/e+QNjaIpN5GrXeL9o0nrsHA8zQKlQkBiE2hPzGEmsGI9WPqM5x7w8pNqp3D/W1gkorH+J+ThUYt5OEsjJ7eckgp5lXZAczlxh0yH+7pNlAZOLqZ8fvZRecC+WQCjsub5+YR9OjysiWGX2x9k7gsPYqn8Am1+0uUHPy2TtTPdqqZcWshBCUEG85fUxK25iJt6gmFC1WEfW5/X3xhTtlbP06o6xohH8iaVLgb/DbYBznLctxY5bx8UNiesuOXdcn4eP+UwZh5T6ZkH+zEHsl7XfeNI3gtqlmwfrIivWfu886ATnhgKt2jSfWaM=
X-Forefront-Antispam-Report: CIP:63.35.35.123; CTRY:IE; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:64aa7808-outbound-1.mta.getcheckrecipient.com; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; CAT:NONE; SFS:(4636009)(136003)(396003)(346002)(376002)(39850400004)(36840700001)(46966006)(66574015)(110136005)(8676002)(356005)(83380400001)(81166007)(82740400003)(82310400003)(55016002)(36860700001)(8936002)(53546011)(2906002)(33656002)(9686003)(336012)(316002)(70586007)(186003)(26005)(33964004)(5660300002)(86362001)(47076005)(6506007)(52536014)(7696005)(70206006)(478600001); DIR:OUT; SFP:1101;
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 24 Feb 2021 07:33:36.8087 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 1fc4fd50-cbba-48b8-583a-08d8d8967f80
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-AuthSource: AM5EUR03FT040.eop-EUR03.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR08MB4477
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/v91fg9CdIrANnmxh4UZJi0jUDYk>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Feb 2021 07:33:44 -0000

Hi Keith, Hi Phil,

I am trying to level up a bit here and not focus on OAuth or SAML.

When someone suggests you to use a certain technology then there is typically an entire context that comes with the question that led to this recommendation. Since we don’t know the context, it is hard to say whether the recommendation is reasonable.

I think we can all agree that there are many aspects involved of making a technology choice. Some of those choices are business related, with the availability of software and with the familiarity of the concepts by those using the technology.

What I also see happening again and again is that people confuse protocols with the deployment of protocols. Phil does this below too. Just because Facebook, Google & Co decide to use OAuth in some specific way does not mean that OAuth cannot be deployed by others in a completely different way.

Unfortunately, I don’t see how any of this relates to the diversity discussion. I would therefore suggest to move this discussion to the OAuth group. There are so many aspects in Phil’s email that require clarifications...
Ciao
Hannes

From: ietf <ietf-bounces@ietf.org> On Behalf Of Keith Moore
Sent: Wednesday, February 24, 2021 8:22 AM
To: ietf@ietf.org
Subject: Re: Diversity and Inclusiveness in the IETF


This.

- Keith
On 2/24/21 12:47 AM, Phillip Hallam-Baker wrote:
I am worried by the advice 'use OAUTH' but for a very different reason.

OAUTH and SAML are both attempts to provide a secure authentication scheme that works within the very particular and very peculiar environment of Web browsers. They are schemes that necessarily involve techniques that are rightly regarded as alchemy if not outright witchcraft.

That is fine, that is more than fine if you are developing an authentication scheme for use within Web browsers (or if you are developing whatever SAML and OAUTH are these days, neither was originally billed as authentication). But it is completely inappropriate to ever suggest let alone demand that anyone use a technology whose primary design constraint is to work around the voodoo of Javascript, URIs, HTTP cookies etc. etc. in an application where none of those legacy issues apply.

One of the big problems of IETF is that a lot of people don't think about how to get their scheme deployed and when they do, their plan is to tie it to some other group as a boat anchor. Back when we were doing DKIM and SPF we had to tell certain DNS folk that the fact that almost no DNS Registrars offered customers the ability to specify new RRTypes was their problem and was going to remain their problem no matter how loudly they tried to complain that it should become our problem.

In the case of OAUTH, there is another problem in that OAUTH really isn't a very open protocol from the standpoint of the user. I can use my Google or my Facebook or my Twitter accounts to log in via OAUTH at a large number of sites. But if I want to use any other OAUTH provider I am completely out of luck. Or at least I will be until this becomes one of the multifaceted complaints in the anti-trust hearings coming soon to a capitol hill near you. And yes, that is a consequence of how the protocol has been deployed, but that probably not going to get people very far on capitol hill.


The Internet is for everyone. The Internet is for end users.

I am really not that interested in who makes the ingredients except to the extent that it determines what sort of cake emerges. One of the unexpected side effects of Web 2.0 has been that it has greatly centralized power in the hands of a tiny number of individuals. Individuals who are at best accountable to shareholders, but in the case of some of them, a separate share class ensures that they are accountable to nobody. In neither case are the people with power accountable to end users because they are not even customers, they are the product.

What I am interested in is the extent to which Internet technologies are Technologies of Freedom. The question we need to ask ourselves is 'does this technology increase end user autonomy or increase their reliance on third parties'.
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

v2.23.0 | Report a Bug | By Email