[standards-jig] JEP-0070 & JEP-0101
richard at dobson-i.net
Thu Jun 26 22:44:33 UTC 2003
Sorry to repeat this everyone,
But I still dont see what your problem is, my protocol is a completely
new method of doing this and is far more generally usable, it is still
far too pointlessly complex, my method IMO is much better because it
provides the same level security and is much much more simpler (whereas
yours is overly complex for no real gain), for yours to be optimal you
would have to basically just copy mine.
Ticket style systems are IMO a much better fit for single sign on IMO.
Also your system has the problem that the webserver and jabber
component have to be very tightly integrated and will have problems
with scaling in web farm environments, whereas my system would be fine
because the web server and jabber component can be completely separate,
all they need to do is each know the correct decryption key.
I dont know why you are trying to start a war on this but these two
solutions can co-exist fine since they each have their own advantages
depending on the environment you are going to be using it in, and are
IMO targeted for different markets.
Also just because you got in first with an HTTP auth mechanism doesnt
mean yours is the right solution and that only you can work on it, the
JSF is an open environment for protocol development there is nothing
wrong with having competing protocols it helps make protocols better,
which yours has already benefited from (fixing your illegal HTTP
protocol implementation). You need to stop getting so upset and seeing
this as some kind of personal attack, dont be so scared of different
viewpoints or ideas about how things can be best done.
Let the best protocol win :)
On Thursday, June 26, 2003, at 06:24 pm, Matthew A. Miller wrote:
> You are STILL failing to see the point. You SHOULD have contacted me,
> or the JEP editor SHOULD NOT have allowed this through.
> I will consider JEP-0101 to be feedback for JEP-0070, and change it
> accordingly. If you have an issue with that, then you should have
> contacted me sooner.
More information about the Standards