Re: Rechartering HTTPbis from John Stevens on 2012-01-24 (ietf-http-wg@w3.org from January to March 2012)

From: John Stevens <John.Stevens@f5.com>
Date: Tue, 24 Jan 2012 20:02:42 +0000
To: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Message-ID: <3ED9E0212794FA4BBAA131556142BDFD93F1E2@SEAEMBX01.olympus.F5Net.com>

While I am all for cleaning up ambiguous language, adopting industry standard extensions and clarifying conformance requirements, I would respectfully suggest that we re-consider the meaning of HTTP (Hyper Text Transfer Protocol).

The world has long since used HTTP to do far, far more with HTTP than its original design intent. While this is a testament to the ingenuity and inventiveness of human beings, it is also the largest public demonstration of an anti-pattern I can think of. A huge industry has evolved around the process of band-aiding, adding baling wire, duct taping and out-right kluding HTTP and HTML into an application programming framework.

I must admit I've long described what has occurred as "the re-invention of X11 . . . done badly, even less securely, and with large gaping holes in it", yet even I nearly fell out of my chair laughing when I read the SPDY spec. Give the inventors their due: they either have knowledge of X11, or they were creating one of the best technical homages I've ever seen.

Expecting no support what so ever, and knowing how unlikely this is, may I (again, very respectfully) suggest that HTTPbis focus on maintenance (that it produce HTTP 1.2, not 2.0), and that a new working group be formed that actually address the concept of network transparent application programming as a real thing in its own right? While some of the components and technologies that have been developed during the great kludge of HTTP/HTML into "web applications" will almost certainly be re-usable, designing from the standpoint of actually focusing on a network transparent application programming framework might be hugely beneficial.

Along those lines, and as my first suggestion, I would like to vote for making Kerberos 5 a fundamental requirement of the system. OK, GSS if you insist, but security is job one, and single sign on would be a HUGE selling point for adoption of a new NTAPF.

OK, I'm done being silly now. We can all go back to our normal mode of operation.

John S.

"Those who do not learn history are doomed to re-invent it. Badly."

Received on Wednesday, 25 January 2012 09:59:41 UTC