Re: The ecosystem is moving

Nico Williams <> Thu, 19 May 2016 22:26 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 525AD12D1A7 for <>; Thu, 19 May 2016 15:26:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id SvkWgUkf6DGS for <>; Thu, 19 May 2016 15:26:23 -0700 (PDT)
Received: from ( []) (using TLSv1.1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 2DBB712D140 for <>; Thu, 19 May 2016 15:26:23 -0700 (PDT)
Received: from (localhost []) by (Postfix) with ESMTP id 6DFE820058D85; Thu, 19 May 2016 15:26:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed;; h=date :from:to:cc:subject:message-id:references:mime-version :content-type:in-reply-to:content-transfer-encoding; s=; bh=2vDVGlsv6s2PgySoi45Ltxs0Cjg=; b=hMFpncBmoZ7 jspHc3RYqWMX14gVOQtx3LLRRwjk6VyDgXeebAzVBtzrn7G5bzKUc23doAWjQKUL co6XcNv13MpaGV/8tvvBPXycQsDGr6XPv541BHx+Ed91a6Dms0MeEU1haeX1jttN QauJIl3OZwsnN6ISgN8Sa5NDn7iCPNfI=
Received: from localhost ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: by (Postfix) with ESMTPSA id A8AE82005CF2C; Thu, 19 May 2016 15:26:21 -0700 (PDT)
Date: Thu, 19 May 2016 17:26:20 -0500
From: Nico Williams <>
To: Stephane Bortzmeyer <>
Subject: Re: The ecosystem is moving
Message-ID: <20160519222619.GF19530@localhost>
References: <>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
In-Reply-To: <>
User-Agent: Mutt/1.5.24 (2015-08-30)
Content-Transfer-Encoding: quoted-printable
Archived-At: <>
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 19 May 2016 22:26:24 -0000

On Wed, May 11, 2016 at 02:55:53PM +0200, Stephane Bortzmeyer wrote:
> A very interesting paper (I said "intesresting", I didn't say I
> agree!) on open networks where independant nodes with independently
> developed programs interoperate thanks to standards. The author claims
> closed and centralized systemes are better, because they allow faster
> evolution (he uses security as an example).

Propietary is better if you want a walled garden, but some day you find
yourself needing to let third parties use your service/protocol and
then... you have the same problem, only now you're the authority for the
documentation and so you have more responsibility.

Walled gardens end up having to let third parties in because people end
up needing integration with other systems.  Imagine that Glapchat has
enormous success and now businesses want to integrate it (including
additional security functionality, no doubt) into their enterprise
networks.  Glapchat can say "nö", but maybe Glapchat can monetize better
if they say "yes", but they might not be interested in making the
integration investment themselves.

As you can see, you can't really avoid standardization.  You can choose
SDO venues that have the attributes that you want (e.g., pay to play),
or even create your own SDO, or act as an unofficial SDO.  But you can't
really avoid standardization unless you start as a walled garden and
stay a walled garden with no third parties in your midst.

My advice to anyone creating a protocol is to first get running code,
then think about what SDO style you want, and then what SDO, and when to
start the standardization effort.  Some have brought their protocols to
OASIS, others to IEEE, others to IETF, others have formed their own
consortia, and others follow a very informal process until it no longer
works -- these are all perfectly valid choices.  But first, get running
code, otherwise you'll get bogged down and you'll then probably blame
anyone but yourself.