Re: [webfinger] [apps-discuss] Mail client configuration via WebFinger
"Paul E. Jones" <paulej@packetizer.com> Tue, 09 February 2016 01:02 UTC
Return-Path: <paulej@packetizer.com>
X-Original-To: webfinger@ietfa.amsl.com
Delivered-To: webfinger@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D6CF91B3EB9 for <webfinger@ietfa.amsl.com>; Mon, 8 Feb 2016 17:02:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.003
X-Spam-Level:
X-Spam-Status: No, score=-2.003 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id R8zNaOUV9OfS for <webfinger@ietfa.amsl.com>; Mon, 8 Feb 2016 17:02:55 -0800 (PST)
Received: from dublin.packetizer.com (dublin.packetizer.com [75.101.130.125]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 739C01B3EBE for <webfinger@ietf.org>; Mon, 8 Feb 2016 17:02:55 -0800 (PST)
Received: from [192.168.1.20] (cpe-098-122-181-215.nc.res.rr.com [98.122.181.215] (may be forged)) (authenticated bits=0) by dublin.packetizer.com (8.15.2/8.15.2) with ESMTPSA id u1912okd009094 (version=TLSv1 cipher=ECDHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 8 Feb 2016 20:02:51 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=packetizer.com; s=dublin; t=1454979771; bh=tSbFHKzlbqYt/JcwybXkHEDQVjVF45GjaUPV88/kmRM=; h=From:To:Subject:Date:In-Reply-To:Reply-To; b=cl3ExZSSdQO1vwRBA3XX6wQGgkcDiRDVCbmurX1N3f85dRhq2LkiTi78YnhsJ+mnR 3NYHL0OW67b9qzBIBo2zhrgaj9nexJWSvdRH3wVV57c8dHxtuXLfo5qFBLMX/E3aSQ oSw/GhllOnZ3X3SRPAgm1cniWdzXpnsYwkWcCOAc=
From: "Paul E. Jones" <paulej@packetizer.com>
To: Marten Gajda <marten@dmfs.org>, webfinger@ietf.org
Date: Tue, 09 Feb 2016 01:03:21 +0000
Message-Id: <em2bd7d4a9-56c3-466d-824b-35bcc0137d0e@sydney>
In-Reply-To: <56B91CC2.7080809@dmfs.org>
User-Agent: eM_Client/6.0.24316.0
Mime-Version: 1.0
Content-Type: text/plain; format="flowed"; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.5.14 (dublin.packetizer.com [10.109.150.103]); Mon, 08 Feb 2016 20:02:51 -0500 (EST)
Archived-At: <http://mailarchive.ietf.org/arch/msg/webfinger/_6H_H7NMbpjz0EyxPTFttyomB6A>
Subject: Re: [webfinger] [apps-discuss] Mail client configuration via WebFinger
X-BeenThere: webfinger@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: "Paul E. Jones" <paulej@packetizer.com>
List-Id: Discussion of the Webfinger protocol proposal in the Applications Area <webfinger.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/webfinger>, <mailto:webfinger-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/webfinger/>
List-Post: <mailto:webfinger@ietf.org>
List-Help: <mailto:webfinger-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/webfinger>, <mailto:webfinger-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Feb 2016 01:02:58 -0000
Marten, Thanks for the encouraging words; it sounds like you understand the problem that needs to be solved. I always felt the server side was the trivial part. As you said, it's possible to set up a simple WebFinger server with a static file (or sets of files), an .htaccess file, etc. I use a server that pulls data from a database, myself. Importantly, though, the WebFinger protocol is very simple (and I have to thank a number of folks who forced that simplicity), so I see the server side as being far less of a barrier. Hosting providers, for example, could very quickly and easily support this server-side. The clients are the challenge. As others have noted, this requires code changes in the clients and deployment of the clients. I'm encouraged that you're working on client code. :) Having an RFC is going to be an extremely important step to actually seeing this problem solved. That said, I did not want to spend time on something that would be met with total rejection. It sounds like there is at least enough interest to start a meaningful dialog, so I'll try to put together a draft soon and we can go from there. If you're interested to collaborate on that, you're certainly welcome. Paul ------ Original Message ------ From: "Marten Gajda" <marten@dmfs.org> To: webfinger@ietf.org Sent: 2/8/2016 5:54:58 PM Subject: Re: [webfinger] [apps-discuss] Mail client configuration via WebFinger >Hi Paul, > >as a client developer I'm very interested in this topic. We've actually >implemented draft-daboo-aggregated-service-discovery-03 and there is at >least one groupware server product which also supports it. > >While working on our implementation we've identified a few minor issues >with the latest draft and we've already discussed them with Cyrus. I >think most of these issues are solved easily. > >Though, the major issue has not been addressed yet. It's the issue >mentioned by Stephen. Under certain conditions a client might have to >ask the user upfront to authenticate, which may disclose the user's >credentials to the wrong service. > >We didn't release this feature in our generic CalDAV/CardDAV clients, >mostly due to that issue. > >Anyway, I think it really starts with the server developers. >Implementing the current spec is not that much work on the server side. >In many cases the server configuration document could just be a static >file and setting up a simple WebFinger end point is not that hard >either. Actually, for our corporate server we've just created a few >static files and some redirect magic in our .htaccess file to provide >the WebFinger stuff. > >On the client side it's more work, because it affects the account setup >flow a lot. But it surely is worth the efforts if more services support >it. > >However, before even the server developers can start, it requires an >RFC. So lets start to think about how to solve the authentication >issue. > >cheers > >Marten > > >Am 08.02.2016 um 20:00 schrieb Paul E. Jones: >>Cyrus, >> >>>Right now it is not clear to me that an ASCOT-like solution would be >>>adopted given the use of device management. Before embarking on this >>>we need to take a careful look at whether any solution is likely to >>>be adopted (with the biggest burden likely being on clients/OS >>>vendors to support it). Given the device management solutions already >>>out there, I suspect there would be little value to m,ost of those >>>folks to actually support ASCOT. >> >>I completely agree that we should try to get a sense of the likelihood >>of success. >> >>Within the enterprise -- especially the larger ones -- you are >>entirely correct that device management systems provide a good >>solution for most of the employees. However, I interact with a lot >>of smaller businesses that do not use such systems. Many of them have >>a web hosting company host their domains and do not have IT staff to >>help them on a daily basis. I'm skeptical that a device management >>system would help that class of users, so arming hosting providers >>with tools they can deploy to their customers would help, I think. >> >>There are also a number of individuals who have their own domains, >>many hosted on the many, many web hosting providers out there. Same >>issue for most of them. >> >>So, I think there is a market need. I suspect if we were to create a >>solution, hosting providers were to deploy it, and client developers >>were to support it, people would use it. However, that's a string of >>"ifs". I think it starts with the client developers. If there were >>people interested to solve the problem, I think the rest falls into >>place. >> >>All that said, if client developers are uninterested, there's little >>point working to solve this problem. >> >>>As an alternative, the IETF might want to take a more serious look at >>>the overall device management solutions, and see if there might be >>>scope for standards in that area. That would allow us to build off >>>something that is already deployed (in a number of proprietary >>>solutions) but is today solving the problem of account setup. >> >>I think your suggestion is worthwhile independent of whether we solve >>the problem for smaller businesses and individual users of hosted >>domains. It would good if the same solution or would address those >>needs of smaller businesses and individuals, but if it didn't, it's >>still a step forward. >> >>Paul >> >>_______________________________________________ >>webfinger mailing list >>webfinger@ietf.org >>https://www.ietf.org/mailman/listinfo/webfinger > >-- Marten Gajda >CEO > >dmfs GmbH >Schandauer Straße 34 >01309 Dresden >GERMANY > >phone: +49 177 4427167 >email: marten@dmfs.org > >Managing Director: Marten Gajda >Registered address: Dresden >Registered No.: AG Dresden HRB 34881 >VAT Reg. No.: DE303248743 > >_______________________________________________ >webfinger mailing list >webfinger@ietf.org >https://www.ietf.org/mailman/listinfo/webfinger
- Re: [webfinger] [apps-discuss] Mail client config… Dave Cridland
- Re: [webfinger] [apps-discuss] Mail client config… Paul E. Jones
- [webfinger] Mail client configuration via WebFing… Paul E. Jones
- Re: [webfinger] [apps-discuss] Mail client config… Cyrus Daboo
- Re: [webfinger] [apps-discuss] Mail client config… Paul E. Jones
- Re: [webfinger] [apps-discuss] Mail client config… Stephen Farrell
- Re: [webfinger] [apps-discuss] Mail client config… Paul E. Jones
- Re: [webfinger] [apps-discuss] Mail client config… Marten Gajda
- Re: [webfinger] [apps-discuss] Mail client config… Paul E. Jones
- Re: [webfinger] [apps-discuss] Mail client config… Paul E. Jones
- Re: [webfinger] [apps-discuss] Mail client config… Marten Gajda
- Re: [webfinger] [apps-discuss] Mail client config… Mikael Nordfeldth
- Re: [webfinger] [apps-discuss] Mail client config… Paul E. Jones
- Re: [webfinger] [apps-discuss] Mail client config… Eric Mill
- Re: [webfinger] [apps-discuss] Mail client config… Paul E. Jones
- Re: [webfinger] [apps-discuss] Mail client config… Marten Gajda
- Re: [webfinger] [apps-discuss] Mail client config… Paul E. Jones
- Re: [webfinger] [apps-discuss] Mail client config… Marten Gajda
- Re: [webfinger] [apps-discuss] Mail client config… Paul E. Jones
- Re: [webfinger] [apps-discuss] Mail client config… Marten Gajda
- Re: [webfinger] [apps-discuss] Mail client config… John Levine
- Re: [webfinger] [apps-discuss] Mail client config… Paul E. Jones
- Re: [webfinger] [apps-discuss] Mail client config… Marten Gajda
- Re: [webfinger] [apps-discuss] Mail client config… Marten Gajda
- Re: [webfinger] [apps-discuss] Mail client config… Paul E. Jones
- Re: [webfinger] [apps-discuss] Mail client config… Marten Gajda
- Re: [webfinger] [apps-discuss] Mail client config… George Fletcher
- Re: [webfinger] [apps-discuss] Mail client config… Marten Gajda
- Re: [webfinger] [apps-discuss] Mail client config… Marten Gajda