IETF Logo Mail Archive

Re: [OAUTH-WG] Web Finger vs. Simple Web Discovery (SWD)

Igor Faynberg <igor.faynberg@alcatel-lucent.com> Thu, 12 April 2012 17:33 UTC

Return-Path: <igor.faynberg@alcatel-lucent.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C2A0821F8692 for <oauth@ietfa.amsl.com>; Thu, 12 Apr 2012 10:33:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8lkI8h8dqLTj for <oauth@ietfa.amsl.com>; Thu, 12 Apr 2012 10:33:56 -0700 (PDT)
Received: from ihemail4.lucent.com (ihemail4.lucent.com [135.245.0.39]) by ietfa.amsl.com (Postfix) with ESMTP id BF7AB21F8661 for <oauth@ietf.org>; Thu, 12 Apr 2012 10:33:56 -0700 (PDT)
Received: from usnavsmail1.ndc.alcatel-lucent.com (usnavsmail1.ndc.alcatel-lucent.com [135.3.39.9]) by ihemail4.lucent.com (8.13.8/IER-o) with ESMTP id q3CHXsuF024554 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for <oauth@ietf.org>; Thu, 12 Apr 2012 12:33:54 -0500 (CDT)
Received: from umail.lucent.com (umail-ce2.ndc.lucent.com [135.3.40.63]) by usnavsmail1.ndc.alcatel-lucent.com (8.14.3/8.14.3/GMO) with ESMTP id q3CHXsEf012728 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for <oauth@ietf.org>; Thu, 12 Apr 2012 12:33:54 -0500
Received: from [135.222.232.147] (USMUYN0L055118.mh.lucent.com [135.222.232.147]) by umail.lucent.com (8.13.8/TPES) with ESMTP id q3CHXrQ3008637; Thu, 12 Apr 2012 12:33:53 -0500 (CDT)
Message-ID: <4F871201.1000103@alcatel-lucent.com>
Date: Thu, 12 Apr 2012 13:33:53 -0400
From: Igor Faynberg <igor.faynberg@alcatel-lucent.com>
Organization: Alcatel-Lucent
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.18) Gecko/20110616 Thunderbird/3.1.11
MIME-Version: 1.0
To: oauth@ietf.org
References: <423611CD-8496-4F89-8994-3F837582EB21@gmx.net> <4F86C437.3000006@cs.tcd.ie>
In-Reply-To: <4F86C437.3000006@cs.tcd.ie>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Scanned-By: MIMEDefang 2.57 on 135.245.2.39
X-Scanned-By: MIMEDefang 2.64 on 135.3.39.9
Subject: Re: [OAUTH-WG] Web Finger vs. Simple Web Discovery (SWD)
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: igor.faynberg@alcatel-lucent.com
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Apr 2012 17:33:58 -0000

To me this looks like more than the same problem being solved--it 
appears to be the same protocol... I wonder if, the representation 
issues were put aside (i.e., left to the API specification), the common 
part is what can be adopted.

Igor

On 4/12/2012 8:01 AM, Stephen Farrell wrote:
>
>
> On 04/12/2012 12:00 PM, Hannes Tschofenig wrote:
> > Hi all,
> >
> > those who had attended the last IETF meeting may have noticed the 
> ongoing activity in the 'Applications Area Working Group' regarding 
> Web Finger.
> > We had our discussion regarding Simple Web Discovery (SWD) as part 
> of the re-chartering process.
> >
> > Here are the two specifications:
> > http://tools.ietf.org/html/draft-jones-appsawg-webfinger-03
> > http://tools.ietf.org/html/draft-jones-simple-web-discovery-02
> >
> > Now, the questions that seems to be hanging around are
> >
> >   1) Aren't these two mechanisms solving pretty much the same problem?
> >   2) Do we need to have two standards for the same functionality?
> >   3) Do you guys have a position or comments regarding either one of 
> them?
> >
> > Ciao
> > Hannes
> >
> > PS: Please also let me know if your view is: "I don't really know 
> what all this is about and the documents actually don't provide enough 
> requirements to make a reasonable judgement about the solution space."
> >
>
> So just as a data-point. We (the IETF, but including
> me personally;-) mucked up badly on this some years
> ago in the PKI space - we standardised both CMP (rfc
> 2510) and CMC (rfc 2797) as two ways to do the same
> thing, after a protracted battle between factions
> supporting one or the other. We even made sure they
> had as much common syntax as possible. (CRMF, rfc
> 2511)
>
> Result: neither fully adopted, lots of people still
> do proprietary stuff, neither can be killed off
> (despite attempts), both need to be maintained (CMP
> is now RFC 4210, CMC, 5272, CRMF, 4211), and IMO
> partly as a result of us screwing up for what seemed
> like good reasons at the time, PKI administration
> stuff has never gotten beyond horrible-to-do.
>
> All-in-all, a really bad outcome which is still
> a PITA a dozen years later.
>
> As OAuth AD I will need *serious* convincing that
> there is a need to provide two ways to do the same
> thing. I doubt it'll be possible to convince me,
> in fact, so if you wanna try, you'll need to start
> by saying that they are not in fact two ways to do
> the same thing:-)
>
> S.
>
> PS: This discussion needs to also involve the Apps
> area, so I've cc'd that list.
>
>>
>>
>>
>> _______________________________________________
>> OAuth mailing list
>> OAuth@ietf.org
>> https://www.ietf.org/mailman/listinfo/oauth
>>
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth

v2.23.0 | Report a Bug | By Email