[OAUTH-WG] Re: DNS Handles

Phillip Hallam-Baker <phill@hallambaker.com> Tue, 21 January 2025 19:35 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2237AC1F8AA0 for <oauth@ietfa.amsl.com>; Tue, 21 Jan 2025 11:35:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.651
X-Spam-Level:
X-Spam-Status: No, score=-1.651 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.001, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9xkJupndpt8x for <oauth@ietfa.amsl.com>; Tue, 21 Jan 2025 11:35:36 -0800 (PST)
Received: from mail-qt1-f181.google.com (mail-qt1-f181.google.com [209.85.160.181]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6874AC1F58B1 for <oauth@ietf.org>; Tue, 21 Jan 2025 11:35:36 -0800 (PST)
Received: by mail-qt1-f181.google.com with SMTP id d75a77b69052e-467a17055e6so68545271cf.3 for <oauth@ietf.org>; Tue, 21 Jan 2025 11:35:36 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737488135; x=1738092935; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=3zewCDr5RL6apGStudRkU4gtF2yHnsXdLQ6WyA9l2yo=; b=J5zj36KJlKYYW2P71QIwztxqvN0g5KBbRVZ2xujV9wunGbf7fJ9UuE/kKJN4PwfAzc +F7BhL40gHWEyDIA18RwtIUMqIwwo6P0I++tmPj6rnaAU15Y4yVIQJEbVx9EsOOdSdoQ uiDaAHgiwiS1YW7S9OgGusp9x5lF4PgXz14eLKZzIUZxg/5/Ior0Sd54oG/fQXS39PTM dFZ8QDBbdRwrEh2NxfoJYAN61/eH9i1bafOTatm5LXbRUuSecfQcra981jRACbEQx1aK cc3JeIsgQMt/zGfzDx2CtTM47M+05G7n7cNSjj0pc5y7ErmQBneToADvz7Q1S1IQ+fDn ITjw==
X-Forwarded-Encrypted: i=1; AJvYcCViGKz1M5w02UNWP8Ytry7Oqk3OHc0c3KdGUJCg8EOuGqnte8SDc08OhBw1To3HIQiyy6xQGw==@ietf.org
X-Gm-Message-State: AOJu0Yx/JO4AEwUOUUB6jrzTfBOld+fLUwFR2HxWyv95XJX5r5Sbrqhh a+hljNfP+vTqbruVdCb2jv7o3vJhxYorxnAuL8UsFiPhBaysZmlZx7VUgKxiwvE+LpyFBpIYI/f 0p41vobtSu50/XhDz1AHm15qxpZw=
X-Gm-Gg: ASbGncueOcyP8nj3WtkKkYv6jVuppBLZSb+3On7TXFryv/tTMYeCXzXhJVMnt9e2WoA jPC0WNgW0SjJ3pOdKyOxrwV9iFves/bekt67g+teMG9mgiFXBCHCL
X-Google-Smtp-Source: AGHT+IHaZbfM3ad+5Ty5FHEBcIC+qP9Gq3FE50eInHGZRuAZDj6dqw/A+eWmkWGegAXGv7wzeyHyCqg/fTWxblHu+aU=
X-Received: by 2002:a05:622a:28e:b0:467:81f0:6d63 with SMTP id d75a77b69052e-46e12a3fae5mr260781561cf.17.1737488135385; Tue, 21 Jan 2025 11:35:35 -0800 (PST)
MIME-Version: 1.0
References: <CAMm+Lwgykk+B2UspfXBcLipFiTifNBf-WG-DeXPpWT39syqqVg@mail.gmail.com> <CAD9ie-tYsCODGfNTBDZgr46s4O4B9-u79jR=G10y4sN5HBiKgQ@mail.gmail.com> <CAMm+Lwje3G7EPkapFfVksbNtPN11LOs7Gj3Jj09uuFyvAb4FRQ@mail.gmail.com> <CAJot-L06J-T7vK2FJY4JGFQj4Zu=xFyNnKpnNM2SktCpOuTDKw@mail.gmail.com>
In-Reply-To: <CAJot-L06J-T7vK2FJY4JGFQj4Zu=xFyNnKpnNM2SktCpOuTDKw@mail.gmail.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Tue, 21 Jan 2025 14:35:24 -0500
X-Gm-Features: AbW1kvaH3tpm8wSSOkfosRNC2nONjTuhq4Smne5ssCMVfJPi8QzyTGNY9gSUxm4
Message-ID: <CAMm+Lwg+OizX_+bW7gkFqE3S6OGdF=h=7hpMSgnREWiqawiA5g@mail.gmail.com>
To: Warren Parad <wparad@rhosys.ch>
Content-Type: multipart/alternative; boundary="0000000000001c7902062c3c7b8b"
Message-ID-Hash: DJPZNSCR4F4OAMRN4NHZNO5IU3PSQIEF
X-Message-ID-Hash: DJPZNSCR4F4OAMRN4NHZNO5IU3PSQIEF
X-MailFrom: hallam@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-oauth.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Dick.Hardt@gmail.com, oauth@ietf.org
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [OAUTH-WG] Re: DNS Handles
List-Id: OAUTH WG <oauth.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/heGdng3hUzP8zFZjPmO6lcWxFlM>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Owner: <mailto:oauth-owner@ietf.org>
List-Post: <mailto:oauth@ietf.org>
List-Subscribe: <mailto:oauth-join@ietf.org>
List-Unsubscribe: <mailto:oauth-leave@ietf.org>

On Tue, Jan 21, 2025 at 2:20 PM Warren Parad <wparad@rhosys.ch> wrote:

> I think you are still describing exactly what OAuth does, also FedCM helps
> a lot there, and I hate to say it but if this is the argument:
>

That is exactly what I am saying: OAuth solved the problem a decade ago and
nobody noticed.

The challenge now is to get people to notice and get the wider web to
realize that there is a better approach.

Back in 1992, Tim Berners-Lee submitted a paper on the World Wide Web to
the Hypertext conference. It was rejected because there was 'nothing new'.
In 1993, they asked him to give the conference keynote.

The 'innovation' in the Web was limited to removing search and referential
transparency from the document server. What that means is you can find
stuff and the links don't break. Ted Nelson considered those features
absolutely essential but they were an enormous burden on the services.


As someone who wants to allow people to comment on my personal blog, using
OAuth with DNS handles removes a huge amount of overhead:

* Registering usernames and passwords.
* Verifying passwords.
* Verifying recovery email addresses.
* Account recovery.

This approach is a win for users and a win for Web site maintainers. The
only thing lacking is a base of authentication service providers that are
willing to give users control.