Re: [OAUTH-WG] We appear to still be litigating OAuth, oops
Seán Kelleher <sean@trustap.com> Thu, 25 February 2021 08:22 UTC
Return-Path: <sean@trustap.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DAA553A159C for <ietf@ietfa.amsl.com>; Thu, 25 Feb 2021 00:22:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=trustap-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aG4jm66ek12q for <ietf@ietfa.amsl.com>; Thu, 25 Feb 2021 00:22:35 -0800 (PST)
Received: from mail-ej1-x634.google.com (mail-ej1-x634.google.com [IPv6:2a00:1450:4864:20::634]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F15353A15B8 for <ietf@ietf.org>; Thu, 25 Feb 2021 00:22:33 -0800 (PST)
Received: by mail-ej1-x634.google.com with SMTP id u20so7340896ejb.7 for <ietf@ietf.org>; Thu, 25 Feb 2021 00:22:33 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=trustap-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=JZEOOgJxmdrNZXf/vUxKtEyqjCS868VSl/V8BNRYAGY=; b=pGVfOuAS/KwiDTEtJVZDUuk9DbiHP7Qga4Kqey2ZWwyd9ylqPTH3K9pZStWRKDaNLC 8njTN2sq7XhTxAKNxtaJKtgcHP+fRPMnbA3Apq6gFKCO39a3BIfPuIz3RHp0lREuNs4u ZP9Bro4sOOw+l0zmG3okCD0D6U/pFg5bySa7z8dQls+HSvW+xL2/8+J0gfz+2NOjAOjX ZPxgKqLnXAAkfQwvXNfYwN/Ze21tm+bqq2ZTLsnnTQqi8OxRpSQ8Srs7SjoSSmvn2C6q kK/8mGSNx/cF0zuwov9Du98DE23m5+vcO0V5Y+vqiElhf510aLONrbDfOoVQdBgTFh4K qibw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=JZEOOgJxmdrNZXf/vUxKtEyqjCS868VSl/V8BNRYAGY=; b=O8bX2CEcuyxPZdOpQDy6vHA4uw9VyzXPx53uM29IaP8ZUWHV3oFnX+e+dhdGxqa1QE LYSPKXXultZ+TNUe5zO9rIzMXjCHv+EgvRzf0vFVAyb9g18m7VB2JHE99PAEiOut1ccd diY3p51+qgTTeQ986ypxTiyMeIh2b/qGnkkXn9iYVB7S92YJbMXqRXGK6aQctesrx00W yvjvh34C0O0j9/q/HHLqSiFkfY+HcFPzW5tU6H16UHi/7kggYBLdjs/3AePu5g8JMNAE c/QmoA+zgluToJSfEahV/e7+CLNK1CPVV5sthaXrx+lvvohbSQdjZ7oEiZgcV8ZCyUtm ySbQ==
X-Gm-Message-State: AOAM531FIFkso2ZMKDBwa6vOZZmo8kiabHEqY7xpLpMvY1L2Gd58fdBz wdf2Vk00OuQe9Sv5iludrWoyd4L+wB+6PhQeHXgacw==
X-Google-Smtp-Source: ABdhPJwBuP6bQYMVmHDpLTfXaXGDLoLTy1Vd54xb77Knqt0TeVe/OaBpMvm9Kfg91K08eMopSDWtlf809LcrNToILJE=
X-Received: by 2002:a17:906:644f:: with SMTP id l15mr1631070ejn.229.1614241350959; Thu, 25 Feb 2021 00:22:30 -0800 (PST)
MIME-Version: 1.0
References: <CAMm+LwgbK3HYDjSHnTN3f6hWSQCQrEjHLNn6z0JpfY7hdxaQpg@mail.gmail.com> <A8128346-B557-472F-B94F-8F624F955FCE@manicode.com> <eb2eaaa7-7f7e-4170-ab87-1cc1fdd3359b@www.fastmail.com> <CAJot-L0PS_3LxEkC-jd1aqXDdYF+z8BajSs4Rhx3LgRPn6wkdQ@mail.gmail.com> <DAB127D7-809F-4EC2-A043-9B15E2DB8E07@tzi.org> <CAJot-L1e8GegjXjADRQ87tGqnSREoO4bEKLX+kPkZFsQpevGQA@mail.gmail.com> <66be0ffe-a638-45a0-ba05-1585ea02e6bf@www.fastmail.com> <CAJot-L2KO2dOzZQJJeB1kbk6_KTQwUYUsoJOoRt=9maynS1jZg@mail.gmail.com> <121f52be-4747-45f3-ad75-79fa2f693d75@beta.fastmail.com> <E84B4446-5F74-402B-8071-A1164EF0B02C@mit.edu> <6b5d0e34-340f-4f93-83ef-817d4624ec7d@dogfood.fastmail.com>
In-Reply-To: <6b5d0e34-340f-4f93-83ef-817d4624ec7d@dogfood.fastmail.com>
From: Seán Kelleher <sean@trustap.com>
Date: Thu, 25 Feb 2021 08:22:20 +0000
Message-ID: <CAPLh0AMfncjJ0iaZ5gmzrh1D0Z7WCOtG-+6GZkmzfQuAttsBtw@mail.gmail.com>
Subject: Re: [OAUTH-WG] We appear to still be litigating OAuth, oops
To: Bron Gondwana <brong@fastmailteam.com>
Cc: Justin Richer <jricher@mit.edu>, Phillip Hallam-Baker <phill@hallambaker.com>, "oauth@ietf.org" <oauth@ietf.org>, ietf@ietf.org
Content-Type: multipart/related; boundary="0000000000004e772305bc24da13"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/U2UNNwAbADFEmsgtUv1XFcSkZ9s>
X-Mailman-Approved-At: Thu, 25 Feb 2021 08:33:19 -0800
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Feb 2021 08:22:45 -0000
Just to clarify, I assume in this discourse that the "server" in this client and server relationship refers to an AS/RS pair in OAuth terminology? Based on this, one big sticking point for me on the applicability of NxM, or even 1xM, is that all of the "M" RSs need to publish the same interface for any meaningful implementation in the first place. It probably makes more sense with email clients, since as Bron said, there is the common standard of POP. If we assume that all the email services that we want to connect to publish the same POP interface, and would accept tokens in the same way, then the way the authZ is handled is indeed the point of divergence that needs to be resolved. However, we're talking about NxM in the general case here. I feel like using the likes of discovery and dynamic registration, etc. that's already supported by OAuth, the "N" part of this equation is surmountable. But each of the "M" servers also need to export the same interface, otherwise a client is going to have to write custom code to deal with talking to the service after the authZ step anyway, reintroducing the "problem" part of the NxM problem. As such, I would actually suggest constraining this discussion to just the POP NxM problem rather than NxM in general because, for me at least, the authZ part of the general case is the most "solved" part of the problem, and the outstanding work lies more in consolidating the "M" RS interfaces. On Wed, 24 Feb 2021 at 22:32, Bron Gondwana <brong@fastmailteam.com> wrote: > On Thu, Feb 25, 2021, at 02:18, Justin Richer wrote: > > I agree that the NxM problem is the purview of the whole IETF, but it’s > something that we’re particularly interested in over in GNAP. As the editor > of OAuth’s dynamic registration extension and the GNAP core protocol, I > hope I can add to this conversation. > > From a technical standpoint, OAuth’s dynamic client registration lets > arbitrary clients talk to an AS, but the trust isn’t there in practice. On > top of that I think this problem is exacerbated by a fundamental protocol > design element of OAuth: the client_id that’s required. That field means > there’s an assumption that a relationship was set up between the pieces of > software, implied to be trusted by admins at the AS. Sure you can get that > client_id under special circumstances, but there’s still a special weight > handed to that and the dynamic stuff feels like you’re giving up control as > an AS. In GNAP, the relationship is inverted, and it’s designed as > “dynamic-first”, with pre-registered clients being an optimization on top > of that. > > > Yep, this is the big point - OAuth is designed to require the the third > leg of trust that creates the NxM problem. > > > > If that dotted line between client and server requires a pre-existing > trust relationship rather than the trust being entirely mediated by the > user choosing to connect client A with server B, then you have the NxM > problem. This is the "you can only have your John Deere tractor serviced > by an approved John Deere service centre" problem. You can only use this > client with servers who have pre-approved it. Or fall back to the "cash of > the internet" - plain text passwords. > > Does this solve the NxM problem? No, because companies are still going to > decide that they only talk to keys or identifiers that they know ahead of > time. But the protocol puts the dynamic case forward as baseline and fits > in much better with the likes of JMAP than OAuth ever could: > > - {The Bat} creates a key pair. > - {User} enters their email address into {Bat}, {Bat} does discovery > (maybe that’s a JMAP thing? Webfinger?) and finds the JMAP server and the > GNAP endpoint for authentication as an option. > - {Bat} talks to the GNAP AS at {ISP} and presents the key it just made > up. {ISP} has never seen this key, but knows how to talk GNAP and get the > user to authorize {Bat} to access email. > - {User} does this using GNAP and gets back an access token that’s tied to > the key {Bat} made back at the beginning. That token is tied (at the {ISP}) > to the user’s account. > > Yes, you can do all of this today with OAuth (and people have done so), > but OAuth’s basic model of “go do discovery and registration first and THEN > talk to me” is a trust impediment more than it is a technical impediment. > The “negotiation” part of the GNAP name comes from the philosophy of “start > talking first and figure out what you need as you go”. Instead of jumping > through hoops to get something you can trust, you just start in and then > decide how much you trust it. A corporate rollout could use its own key > distribution mechanism and static registration to limit which client > instances talk back to the company server, regardless of which accounts > would authorize access on top of that. An internet-facing service is going > to be more likely to take a TLS approach, of “I’ll talk to you in a secure > fashion without caring who you are right now”. > > We really are trying to make GNAP a consistent protocol at its core and > learn from problems with OAuth in the wild, all while letting GNAP address > a wider variety of use cases. I agree that GNAP could be clearer about > specific use cases, and we’re working on the spec still so any help here is > appreciated. > > > Excellent. This is precisely what I've been waiting for for these very > many years as a viable replacement for storing a password locally on disk. > Just having the server able to distinguish between different client > instances for the same user is a big start, because you can de-authorise > one without having to lock out every connection - even if the user is still > entering their password during the setup phase each time. > > This is what Fastmail already do with our own app, creating a long-lived > access token and storing that on the device rather than storing the > password itself - and you can log out any one client from your security > settings page. What's missing is a standard way to do that with any IMAP > client. The initial JMAP authentication proposal was a very simple case of > pretty much this, build into to the protocol so everyone would do it. > > Making it easy to connect up arbitrary clients with per-client tokens the > default, and easy rather than almost impossible to do in practice is where > the big difference comes in. > > Bron. > > -- > Bron Gondwana, CEO, Fastmail Pty Ltd > brong@fastmailteam.com > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth >
- Diversity and Inclusiveness in the IETF Fernando Gont
- Re: Diversity and Inclusiveness in the IETF Bron Gondwana
- Re: Diversity and Inclusiveness in the IETF Keith Moore
- Re: Diversity and Inclusiveness in the IETF Dominique Lazanski
- Re: Diversity and Inclusiveness in the IETF Fernando Gont
- Re: [Gendispatch] Diversity and Inclusiveness in … Fernando Gont
- Re: [Gendispatch] Diversity and Inclusiveness in … Dominique Lazanski
- Re: Diversity and Inclusiveness in the IETF Carsten Bormann
- RE: Diversity and Inclusiveness in the IETF Hannes Tschofenig
- RE: Diversity and Inclusiveness in the IETF Hannes Tschofenig
- RE: Diversity and Inclusiveness in the IETF Hannes Tschofenig
- Re: Diversity and Inclusiveness in the IETF Bron Gondwana
- Re: Diversity and Inclusiveness in the IETF Rifaat Shekh-Yusef
- Re: Diversity and Inclusiveness in the IETF Bron Gondwana
- RE: Diversity and Inclusiveness in the IETF Hannes Tschofenig
- Re: [Gendispatch] Diversity and Inclusiveness in … Stephen Farrell
- Re: Diversity and Inclusiveness in the IETF Keith Moore
- Re: [Gendispatch] Diversity and Inclusiveness in … Dan Harkins
- RE: Diversity and Inclusiveness in the IETF Roman Danyliw
- Re: Diversity and Inclusiveness in the IETF Kathleen Moriarty
- Re: Diversity and Inclusiveness in the IETF Donald Eastlake
- Re: Diversity and Inclusiveness in the IETF Fernando Gont
- Re: Diversity and Inclusiveness in the IETF Carsten Bormann
- Making headway in the IETF [was Diversity and Inc… Brian E Carpenter
- Re: Making headway in the IETF [was Diversity and… Keith Moore
- Re: Diversity and Inclusiveness in the IETF Brian E Carpenter
- Re: Diversity and Inclusiveness in the IETF Mark Nottingham
- Re: Diversity and Inclusiveness in the IETF Keith Moore
- Re: [OAUTH-WG] Diversity and Inclusiveness in the… Rifaat Shekh-Yusef
- Re: [OAUTH-WG] Diversity and Inclusiveness in the… Bron Gondwana
- Re: [Gendispatch] Diversity and Inclusiveness in … Mary Barnes
- Re: [Gendispatch] Diversity and Inclusiveness in … Bill Woodcock
- Re: Diversity and Inclusiveness in the IETF Tim Bray
- Re: [OAUTH-WG] Diversity and Inclusiveness in the… Eric Rescorla
- Re: [OAUTH-WG] Diversity and Inclusiveness in the… Bron Gondwana
- Re: Diversity and Inclusiveness in the IETF Keith Moore
- Re: Diversity and Inclusiveness in the IETF Jim Fenton
- Re: Diversity and Inclusiveness in the IETF Phillip Hallam-Baker
- Building Real Internet Platforms Mark Nottingham
- RE: Diversity and Inclusiveness in the IETF Larry Masinter
- Re: [OAUTH-WG] Diversity and Inclusiveness in the… Jim Manico
- Re: Diversity and Inclusiveness in the IETF Carsten Bormann
- We appear to still be litigating OAuth, oops Bron Gondwana
- Re: Diversity and Inclusiveness in the IETF S Moonesamy
- Re: Diversity and Inclusiveness in the IETF Keith Moore
- RE: [Gendispatch] Diversity and Inclusiveness in … Hannes Tschofenig
- RE: Diversity and Inclusiveness in the IETF Hannes Tschofenig
- RE: Diversity and Inclusiveness in the IETF Hannes Tschofenig
- RE: Diversity and Inclusiveness in the IETF Hannes Tschofenig
- Re: [Gendispatch] Diversity and Inclusiveness in … Vittorio Bertola
- coders in IETF (was: Diversity and Inclusiveness … Keith Moore
- Re: [OAUTH-WG] We appear to still be litigating O… Carsten Bormann
- RE: [Gendispatch] Diversity and Inclusiveness in … Hannes Tschofenig
- Re: [OAUTH-WG] We appear to still be litigating O… Bron Gondwana
- Re: coders in IETF (was: Diversity and Inclusiven… Bron Gondwana
- Re: [OAUTH-WG] We appear to still be litigating O… Bron Gondwana
- Re: [OAUTH-WG] We appear to still be litigating O… Neil Madden
- Re: [OAUTH-WG] We appear to still be litigating O… Aaron Parecki
- Re: [OAUTH-WG] We appear to still be litigating O… Jim Willeke
- Re: Diversity and Inclusiveness in the IETF Phillip Hallam-Baker
- Re: [OAUTH-WG] We appear to still be litigating O… Justin Richer
- Re: [OAUTH-WG] We appear to still be litigating O… Aaron Parecki
- Re: [Gendispatch] Diversity and Inclusiveness in … Mary Barnes
- Re: coders in IETF (was: Diversity and Inclusiven… Phillip Hallam-Baker
- Re: [OAUTH-WG] We appear to still be litigating O… Tim Bray
- Re: [Gendispatch] Diversity and Inclusiveness in … Christian Huitema
- Re: [OAUTH-WG] We appear to still be litigating O… Warren Parad
- Re: [OAUTH-WG] We appear to still be litigating O… Warren Parad
- Re: [OAUTH-WG] We appear to still be litigating O… Warren Parad
- Re: [OAUTH-WG] We appear to still be litigating O… Michael Richardson
- Re: [OAUTH-WG] We appear to still be litigating O… Phillip Hunt
- Re: [Gendispatch] Diversity and Inclusiveness in … Phillip Hallam-Baker
- Re: Diversity and Inclusiveness in the IETF Michael Thomas
- RE: Diversity and Inclusiveness in the IETF Hannes Tschofenig
- Re: [Gendispatch] Diversity and Inclusiveness in … Vittorio Bertola
- Re: Diversity and Inclusiveness in the IETF Keith Moore
- Re: [Gendispatch] Diversity and Inclusiveness in … Keith Moore
- Re: [Gendispatch] Diversity and Inclusiveness in … Fernando Gont
- Re: [Gendispatch] Diversity and Inclusiveness in … Michael Thomas
- Re: [Gendispatch] Diversity and Inclusiveness in … Fernando Gont
- Re: coders in IETF (was: Diversity and Inclusiven… Christian Hopps
- Re: [Gendispatch] Diversity and Inclusiveness in … Fernando Gont
- Re: [OAUTH-WG] We appear to still be litigating O… Bron Gondwana
- Re: coders in IETF (was: Diversity and Inclusiven… Christian Huitema
- Re: [Gendispatch] Diversity and Inclusiveness in … Jen Linkova
- Academia (Re: Diversity and Inclusiveness in the … Theresa Enghardt
- Re: [Gendispatch] Academia (Re: Diversity and Inc… Fernando Gont
- Re: [Gendispatch] Diversity and Inclusiveness in … Dan Harkins
- Re: [Gendispatch] Academia (Re: Diversity and Inc… Theresa Enghardt
- Re: [Gendispatch] Academia (Re: Diversity and Inc… Christian Huitema
- Re: Diversity and Inclusiveness in the IETF S Moonesamy
- Re: [Gendispatch] Academia (Re: Diversity and Inc… Fernando Gont
- Re: [Gendispatch] Academia (Re: Diversity and Inc… Fernando Gont
- RE: [Gendispatch] Diversity and Inclusiveness in … Hannes Tschofenig
- RE: Diversity and Inclusiveness in the IETF Hannes Tschofenig
- RE: Diversity and Inclusiveness in the IETF S Moonesamy
- Re: [Gendispatch] Academia (Re: Diversity and Inc… Theresa Enghardt
- Re: [OAUTH-WG] We appear to still be litigating O… Warren Parad
- Re: [OAUTH-WG] We appear to still be litigating O… Seán Kelleher
- Re: [OAUTH-WG] We appear to still be litigating O… Seán Kelleher
- Re: [Gendispatch] Academia (Re: Diversity and Inc… Lars Eggert
- RE: [Gendispatch] Diversity and Inclusiveness in … Andrew Campling
- Re: [Gendispatch] Diversity and Inclusiveness in … Fernando Gont
- Re: [Gendispatch] Academia (Re: Diversity and Inc… Fernando Gont
- Re: [Gendispatch] Diversity and Inclusiveness in … Salz, Rich
- Re: [Gendispatch] Diversity and Inclusiveness in … Fernando Gont
- Re: [Gendispatch] Diversity and Inclusiveness in … Salz, Rich
- Re: [Gendispatch] Diversity and Inclusiveness in … Fernando Gont
- Re: [Gendispatch] Diversity and Inclusiveness in … Salz, Rich
- Re: [Gendispatch] Diversity and Inclusiveness in … Marc Petit-Huguenin
- document writing/editing tools used by IETF Keith Moore
- Re: [Gendispatch] Diversity and Inclusiveness in … Fernando Gont
- Re: [Gendispatch] Diversity and Inclusiveness in … Salz, Rich
- Re: Diversity and Inclusiveness in the IETF Brian E Carpenter
- Re: [Gendispatch] Diversity and Inclusiveness in … Marc Petit-Huguenin
- Re: [Gendispatch] Diversity and Inclusiveness in … Eric Rescorla
- Re: [Gendispatch] Diversity and Inclusiveness in … Keith Moore
- Re: [Gendispatch] Diversity and Inclusiveness in … Fernando Gont
- Re: [Gendispatch] Academia (Re: Diversity and Inc… Brian E Carpenter
- Re: [Gendispatch] Academia (Re: Diversity and Inc… Keith Moore
- Re: [Gendispatch] Diversity and Inclusiveness in … Eric Rescorla
- Re: [Gendispatch] Diversity and Inclusiveness in … Fernando Gont
- Re: [Gendispatch] Diversity and Inclusiveness in … Brian E Carpenter
- Re: [Gendispatch] Diversity and Inclusiveness in … Salz, Rich
- Re: [Gendispatch] Diversity and Inclusiveness in … Salz, Rich
- Re: [Gendispatch] Diversity and Inclusiveness in … Fernando Gont
- Re: [Gendispatch] Diversity and Inclusiveness in … Salz, Rich
- Re: [Gendispatch] Diversity and Inclusiveness in … Keith Moore
- Re: document writing/editing tools used by IETF Phillip Hallam-Baker
- Re: document writing/editing tools used by IETF Carsten Bormann
- Re: document writing/editing tools used by IETF Joel M. Halpern
- RE: document writing/editing tools used by IETF Larry Masinter
- Re: document writing/editing tools used by IETF Phillip Hallam-Baker
- Re: document writing/editing tools used by IETF Keith Moore
- Re: document writing/editing tools used by IETF Phillip Hallam-Baker
- Re: [Gendispatch] Diversity and Inclusiveness in … Fernando Gont
- Re: Diversity and Inclusiveness in the IETF S Moonesamy
- RE: document writing/editing tools used by IETF Larry Masinter
- Re: document writing/editing tools used by IETF Carsten Bormann
- Re: [Gendispatch] Academia (Re: Diversity and Inc… Lars Eggert
- Re: document writing/editing tools used by IETF Ladislav Lhotka
- Re: [Gendispatch] Academia (Re: Diversity and Inc… Lars Eggert
- Re: document writing/editing tools used by IETF Julian Reschke
- Re: [Gendispatch] Diversity and Inclusiveness in … Lars Eggert
- Re: [Gendispatch] Diversity and Inclusiveness in … Lars Eggert
- Re: [Gendispatch] Diversity and Inclusiveness in … Fernando Gont
- Re: [Gendispatch] Diversity and Inclusiveness in … Lars Eggert
- Re: [Gendispatch] Academia (Re: Diversity and Inc… Colin Perkins
- Re: document writing/editing tools used by IETF Andrew McConachie
- Re: [Gendispatch] Diversity and Inclusiveness in … Vittorio Bertola
- Re: [Gendispatch] Diversity and Inclusiveness in … Bill Woodcock
- Re: document writing/editing tools used by IETF Behcet Sarikaya
- Re: document writing/editing tools used by IETF Carsten Bormann
- Re: [OAUTH-WG] We appear to still be litigating O… Justin Richer
- Re: document writing/editing tools used by IETF Ladislav Lhotka
- Re: document writing/editing tools used by IETF Phillip Hallam-Baker
- Re: [OAUTH-WG] We appear to still be litigating O… Tim Bray
- Re: [OAUTH-WG] We appear to still be litigating O… Aaron Parecki
- How to tell people... Was: We appear to still be … Phillip Hallam-Baker
- Re: document writing/editing tools used by IETF Keith Moore
- Re: How to tell people... Was: We appear to still… Keith Moore
- Re: document writing/editing tools used by IETF Julian Reschke
- Re: document writing/editing tools used by IETF Carsten Bormann
- RE: document writing/editing tools used by IETF STARK, BARBARA H
- Re: [OAUTH-WG] We appear to still be litigating O… Christian Huitema
- Re: [OAUTH-WG] We appear to still be litigating O… Michael Thomas
- Re: [OAUTH-WG] We appear to still be litigating O… David Waite
- Re: [OAUTH-WG] We appear to still be litigating O… Aaron Parecki
- Re: coders in IETF (was: Diversity and Inclusiven… Charles Eckel (eckelcu)
- Re: [OAUTH-WG] We appear to still be litigating O… Phillip Hallam-Baker
- Re: document writing/editing tools used by IETF Phillip Hallam-Baker
- Re: document writing/editing tools used by IETF John Levine
- Re: document writing/editing tools used by IETF Carsten Bormann
- Re: document writing/editing tools used by IETF Michael Richardson
- Re: document writing/editing tools used by IETF Phillip Hallam-Baker
- Re: document writing/editing tools used by IETF Phillip Hallam-Baker
- Re: document writing/editing tools used by IETF Carsten Bormann
- Re: document writing/editing tools used by IETF Keith Moore
- Re: document writing/editing tools used by IETF Carsten Bormann
- Re: document writing/editing tools used by IETF Brian E Carpenter
- Re: How to tell people... Was: We appear to still… Michael Richardson
- Re: How to tell people... Was: We appear to still… Phillip Hallam-Baker
- Re: document writing/editing tools used by IETF John Levine
- Re: document writing/editing tools used by IETF Keith Moore
- Re: document writing/editing tools used by IETF Michael Richardson
- Re: document writing/editing tools used by IETF Christian Huitema
- Re: document writing/editing tools used by IETF Carsten Bormann
- Re: [Gendispatch] Academia (Re: Diversity and Inc… John Wroclawski
- Re: document writing/editing tools used by IETF John Levine
- Re: [OAUTH-WG] We appear to still be litigating O… Bron Gondwana
- Re: [Gendispatch] Diversity and Inclusiveness in … Bron Gondwana
- HTML for email (was: Re: document writing/editing… Keith Moore
- Re: [OAUTH-WG] We appear to still be litigating O… Vittorio Bertola
- Re: HTML for email (was: Re: document writing/edi… Phillip Hallam-Baker
- Re: [OAUTH-WG] We appear to still be litigating O… Warren Parad
- Re: [OAUTH-WG] We appear to still be litigating O… Jeff Craig
- Re: document writing/editing tools used by IETF Behcet Sarikaya
- Re: HTML for email tom petch
- RE: HTML for email Larry Masinter
- Re: document writing/editing tools used by IETF Salz, Rich
- RE: document writing/editing tools used by IETF STARK, BARBARA H
- Re: HTML for email Keith Moore
- Re: HTML for email Benjamin Kaduk
- Re: HTML for email (was: Re: document writing/edi… Viktor Dukhovni
- Re: HTML for email Nico Williams
- Re: HTML for email Nico Williams
- Re: HTML for email Nico Williams
- Re: HTML for email Benjamin Kaduk
- Re: HTML for email Keith Moore
- Re: HTML for email Benjamin Kaduk
- Re: HTML for email Bron Gondwana
- Re: HTML for email John Levine
- RE: HTML for email Larry Masinter
- Re: HTML for email Brian E Carpenter
- Re: HTML for email Phillip Hallam-Baker
- Re: HTML for email tom petch
- Re: HTML for email tom petch
- Re: HTML for email ned+ietf
- Re: HTML for email Nick Hilliard
- Re: HTML for email Keith Moore
- Re: HTML for email ned+ietf
- Re: HTML for email tom petch
- Re: HTML for email Nick Hilliard
- Re: HTML for email Nico Williams
- Re: HTML for email tom petch
- Re: HTML for email Nico Williams
- Re: HTML for email Phillip Hallam-Baker
- Re: HTML for email Keith Moore
- RE: HTML for email Larry Masinter
- Re: HTML for email Phillip Hallam-Baker
- Re: HTML for email Keith Moore
- Re: HTML for email Phillip Hallam-Baker
- Re: HTML for email Keith Moore
- Re: [Gendispatch] Academia (Re: Diversity and Inc… Phillip Hallam-Baker
- Re: [Gendispatch] Academia (Re: Diversity and Inc… Wes Hardaker