W3C home > Mailing lists > Public > public-xg-webid@w3.org > April 2011

RE: ftp scheme

From: peter williams <home_pw@msn.com>
Date: Tue, 19 Apr 2011 10:49:12 -0700
Message-ID: <SNT143-ds8EE4587E96D2ED283D13A92900@phx.gbl>
CC: "'WebID XG'" <public-xg-webid@w3.org>
Ok I give up. It's a niche play. I need to focus on what should be special
here (eventually): the webid trust model. This is where I really trusting
Henry, to get that part right. Protocols can wait, till market pressure
forces commodization.


As it stands there are 4 tracks and choices for today's adopting parties.

1. the X.509 cert chains (ubiquitous, and standardized; already multi
vendor; military grade assurances, when society is ready to tackle the
horrid politics)

2. the chains of STS, doing backwards chaining using ws-trust (commodity in
windows, some older support Java from Oracle; just getting major adoption;
yet to hit the horrid politics stage, though its got good defenses against
the "Passport attack from Sun" - just as SUN dies an economic death.)

3. chains of websso assertions (the old SAML story, finally going
mainstream, with some backwards chaining evident, now that bridging is
coming to the fore, based on the maturing of the "home realm concept")

4. webid - based on overlay graphs of URIs supported by https
channel/tunnel. This was most interesting as there was to be a confluence of
interests between web proxy/firewall folks (responsible for the solving the
"spying" social politics), the graph folks building overlays on fixed
naming/keying space, built from any observer vantage point (the RDF/semweb
interest group), and the SSL tunneling folks (so several SSL tunnels can be
composed when supporting trust models, which reflects a long term military
need on projecting the inbound handshake from the offloading firewall to the
resource server).

-----Original Message-----
From: public-xg-webid-request@w3.org [mailto:public-xg-webid-request@w3.org]
On Behalf Of Henry Story
Sent: Tuesday, April 19, 2011 10:04 AM
To: peter williams
Cc: jeff@sayremedia.com; nathan@webr3.org; 'Mo McRoberts'; 'WebID XG'
Subject: Re: ftp scheme

On 19 Apr 2011, at 18:49, peter williams wrote:

> I like ftp mostly because its inoffensive. Give it to most URI 
> resolvers in a server lib , it will work as a transport for files. It 
> not ftp I like, its that for little effort it proves 
> multi-protocol'ness readiness - and an attitude of ensuring that brand 
> new webid will work for 5+ years of legacy web (too). It helps show 
> the limits of current conceptions. If the limits are drawn too tight 
> (for almost any reason, including time resources), you know where a 
> movement is on the adoption curve. Its still pitching the revolution, 
> often - which only appeals to folks interested in the leading tail of the
adoption curve.

yes, I like ftp for the same reasons. 

At the very least it can help us work out how to write the spec. I'll add it
to the list of issues. My feeling is that write now  people are
concentrating on getting ready for California and Berlin. 

Of course if someone comes up and provides a really good extra reason to
support it then that bumps up priorities.

> -----Original Message-----
> From: public-xg-webid-request@w3.org 
> [mailto:public-xg-webid-request@w3.org]
> On Behalf Of Jeff Sayre
> Sent: Tuesday, April 19, 2011 9:23 AM
> To: nathan@webr3.org
> Cc: jeff@sayremedia.com; Mo McRoberts; Henry Story; WebID XG
> Subject: Re: ftp scheme
> Okay, with just two others besides myself chiming in, I can see that 
> we are already wasting time debating this issue. So, unlike with 
> political elections, I can change my vote.
> I rescind my +1 and will go back to a neutral state.
> Focus is what is key. Adding more to our plate has become a distraction.
> Frankly, I'm beginning to get overwhelmed with email overload again.
> The most pressing WebID IG issue, as far as I'm concerned, is 
> finishing the Position Paper for the upcoming W3C's Identity in the 
> Browser workshop ( http://www.w3.org/2011/identity-ws/ ). The 
> submittal deadline is this Friday.
> How many of you have taken the time to read over our position paper?
> https://docs.google.com/document/d/1L-PhczWNSciUIRCfsK92wRbxJEU1kKSwUc
> xFSz3D
> Au0/edit?hl=en&authkey=CJv5nPIJ#
> Jeff
>> Jeff Sayre wrote:
>>>> On 19 Apr 2011, at 16:08, Henry Story wrote:
>>>>> If people are for that please +1 and I'll add it as an issue.  
>>>>> When done we can have a vote to open it too, the idea being to 
>>>>> look at the spec and see how it needs to be rewritten for ftp (and 
>>>>> hence made generic enough for other existing or yet to be URI 
>>>>> schemes)
>>>> While it's not a terrible proof-of-concept, and this isn't quite 
>>>> what you asked, it'd get a -1 from me as anything beyond a *pure
>>>> proof-of-concept*
>>>> places a hugely disproportionate burden on server implementors 
>>>> further on down the line.
>>>> M.
>>> That may be an issue, but Henry was asking a simpler question (which 
>>> it seems you acknowledged as well). I agreed that it should be added 
>>> as an issue, that it should be brought up for a vote. That is all.
>>> Of course we need to stay narrowly focused at this time, working on 
>>> our simple proof of concepts and test implementations. We cannot 
>>> focus on every issue at the same time. Focus requires paying 
>>> attention to just a few details.
>>> So, if this issue is going to distract us from our focus, then we 
>>> should pass. But, if it is something that people feel should be 
>>> added as an issue for a vote and later consideration, then I'm for 
>>> it as it is one of the simpler non-HTTP schemes to address with WebID.
>> huge -1 from me, http(s):// is fine, mailto: would be nice and 
>> perhaps if we really wanna scrape the barrel with something people 
>> actually still use, ldaps. Speaking of schemes for webids here.
>> saying that, I'll happily give a huge +1 to showing webid working 
>> with other transfer protocols like ftp and websockets, pop3 over ssl, 
>> scp, *+ssh - but that's a very different issue.
>> and finally, if we really really want to look to support any uri at 
>> all with any scheme, then spend some time thinking about directory / 
>> profile lookup services instead, one solution to cover them all.
>> cheers,
>> nathan

Social Web Architect
Received on Tuesday, 19 April 2011 17:51:09 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:39:44 UTC