IETF Logo Mail Archive

Re: [OAUTH-WG] problem statement

Michael Thomas <mike@mtcc.com> Wed, 07 September 2011 19:25 UTC

Return-Path: <mike@mtcc.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 16EBE21F8C34 for <oauth@ietfa.amsl.com>; Wed, 7 Sep 2011 12:25:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.49
X-Spam-Level:
X-Spam-Status: No, score=-2.49 tagged_above=-999 required=5 tests=[AWL=0.109, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kXQCaD4yAi81 for <oauth@ietfa.amsl.com>; Wed, 7 Sep 2011 12:25:36 -0700 (PDT)
Received: from mtcc.com (mtcc.com [50.0.18.224]) by ietfa.amsl.com (Postfix) with ESMTP id 51C8221F8B28 for <oauth@ietf.org>; Wed, 7 Sep 2011 12:25:36 -0700 (PDT)
Received: from takifugu.mtcc.com (takifugu.mtcc.com [50.0.18.224]) (authenticated bits=0) by mtcc.com (8.14.3/8.14.3) with ESMTP id p87JRMOj003366 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO); Wed, 7 Sep 2011 12:27:23 -0700
Message-ID: <4E67C59A.10904@mtcc.com>
Date: Wed, 07 Sep 2011 12:27:22 -0700
From: Michael Thomas <mike@mtcc.com>
User-Agent: Mozilla/5.0 (X11; U; Linux i686 (x86_64); en-US; rv:1.8.1.22) Gecko/20090605 Thunderbird/2.0.0.22 Mnenhy/0.7.5.0
MIME-Version: 1.0
To: Aiden Bell <aiden449@gmail.com>
References: <4E665B25.6090709@mtcc.com> <F4839FCD-CA73-4450-AD12-E07D46BB7746@hueniverse.com> <4E6667D1.3080404@mtcc.com> <1315334677.26387.YahooMailNeo@web31809.mail.mud.yahoo.com> <4E666B65.30701@mtcc.com> <29815937-0FB9-463B-B6E4-8FCAF7B3CD8C@hueniverse.com> <4E666E73.3050502@mtcc.com> <CAMrm-MJHKTxaj1iEm_Lr=X92sOiWZcYN4F6dNqb5w5gh4OPndQ@mail.gmail.com> <4E6671FA.3090503@gmail.com> <4E667469.2040007@mtcc.com> <1315337809.3136.38.camel@ground> <4E667953.9020906@mtcc.com> <71A460EE-1E2C-4165-99A8-5A97D6E9365C@jkemp.net> <4E667E2E.7090304@mtcc.com> <80A88920-A1EF-4A1C-A97E-F99379923CFB@jkemp.net> <4E66845E.7090906@mtcc.com> <E3DEC4C8-6BB0-44EE-821A-7589F5DC6462@jkemp.net> <4E669D3C.5000900@gmail.com> <7D4DF72E-B211-4D41-B447-4CF04E9CB1D8@hueniverse.com> <4E67A710.9070505@alcatel-lucent.com> <4E67A942.1070200@mtcc.com> <90C41DD21FB7C64BB94121FBBC2E7234518A4F274E@P3PW5EX1MB01.EX1.SECURESERVER.NET> <CA+5SmTXonD3g8hqaL=Hz2bCVrW9LazUR14J5qYQ_uiiSP7f_MQ@mail.gmail.com>
In-Reply-To: <CA+5SmTXonD3g8hqaL=Hz2bCVrW9LazUR14J5qYQ_uiiSP7f_MQ@mail.gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; l=2679; t=1315423643; x=1316287643; c=relaxed/simple; s=thundersaddle.kirkwood; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=mtcc.com; i=mike@mtcc.com; z=From:=20Michael=20Thomas=20<mike@mtcc.com> |Subject:=20Re=3A=20[OAUTH-WG]=20problem=20statement |Sender:=20 |To:=20Aiden=20Bell=20<aiden449@gmail.com> |Content-Type:=20text/plain=3B=20charset=3DISO-8859-1=3B=20 format=3Dflowed |Content-Transfer-Encoding:=207bit |MIME-Version:=201.0; bh=n0ylsdmhQ1NgNo5j7iWMXLTH5P7o98HDa72pfNAd0jI=; b=acEXPpoF9A6W3BkG8eAVtWzHg/BGKqCYwDQ/By59pGplFCcDCAk4hukdgB ZpHFjvFUtaTIBJhHFUAheCQ2tpGAEwoGEMSn5/PzyEQhCFal0vm6OiLMhKD3 GGTFga5If19i60QtDTdY+eCdpYry1OaHaJXxTTpTh3VgY6Y4jXCI0=;
Authentication-Results: ; v=0.1; dkim=pass header.i=mike@mtcc.com ( sig from mtcc.com/thundersaddle.kirkwood verified; ); dkim-asp=pass header.From=mike@mtcc.com
Cc: "oauth@ietf.org" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] problem statement
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Sep 2011 19:25:37 -0000

I would ask the chairs to keep personal attacks in check.

Thank you.

Mike

On 09/07/2011 12:23 PM, Aiden Bell wrote:
> I'm gonna ditch the (lengthy) reply I was drafting and agree with the 
> below.
>
> Personally, my communication with the OAuth WG has been spot on. Warm 
> welcome, open minds
> and a very good process to getting my requirements/concerns heard and 
> pragmatic change enacted.
>
> All I saw here was foot stomping and a counter-productive approach to 
> communicating by those
> not getting their way.
>
> On 7 September 2011 20:12, Eran Hammer-Lahav <eran@hueniverse.com 
> <mailto:eran@hueniverse.com>> wrote:
>
>     Michael,
>
>     I suggest you go back and read the entire thread again:
>
>     http://www.ietf.org/mail-archive/web/oauth/current/maillist.html
>
>     I don't think you have been listening to the 11 (!) people who all
>     completely disagree with you and dismiss your suggestions (on
>     technical grounds). The one person who supported your plea didn't
>     actually make any technical contribution.
>
>     If anyone wants to make accusations about behaving like adults,
>     that should be the 11 people who tried to explain why you are
>     simply wrong and were completely ignored by you. Any perceived
>     hostility is easily justified by having to explain the same thing
>     over and over again to someone who refuses to list and insists on
>     labeling this work as lacking and insecure. We take real security
>     pretty seriously here.
>
>     You asked a question as someone "very new to thinking about this
>     problem space" and was answered by experts. The fact that you
>     refuse to accept their answers is while being , at this point,
>     your problem. You were given multiple opportunities to present an
>     alternative text and technical justification to support it, but
>     refused to do so.
>
>     You might not like my tone, but I consider making a statement like
>     this:
>
>     > In fact, you guys have convinced me that OAuth gives inferior
>     protection at
>     > considerable expense for all concerned.
>
>     an irresponsible and serious offense - the kind of baseless FUD
>     that can cause real damage to important work.
>
>     EHL
>
>     _______________________________________________
>     OAuth mailing list
>     OAuth@ietf.org <mailto:OAuth@ietf.org>
>     https://www.ietf.org/mailman/listinfo/oauth
>
>
>
>
> -- 
> ------------------------------------------------------------------
> Never send sensitive or private information via email unless it is 
> encrypted. http://www.gnupg.org

v2.23.0 | Report a Bug | By Email