[standards-jig] JEP-0070 & JEP-0101

Richard Dobson richard at dobson-i.net
Thu Jun 26 22:44:33 UTC 2003

Sorry to repeat this everyone,

But I still dont see what your problem is, my protocol is a completely 
new method of doing this and is far more generally usable, it is still 
far too pointlessly complex, my method IMO is much better because it 
provides the same level security and is much much more simpler (whereas 
yours is overly complex for no real gain), for yours to be optimal you 
would have to basically just copy mine.
Ticket style systems are IMO a much better fit for single sign on IMO. 
Also your system has the problem that the webserver and jabber 
component have to be very tightly integrated and will have problems 
with scaling in web farm environments, whereas my system would be fine 
because the web server and jabber component can be completely separate, 
all they need to do is each know the correct decryption key.

I dont know why you are trying to start a war on this but these two 
solutions can co-exist fine since they each have their own advantages 
depending on the environment you are going to be using it in, and are 
IMO targeted for different markets.

Also just because you got in first with an HTTP auth mechanism doesnt 
mean yours is the right solution and that only you can work on it, the 
JSF is an open environment for protocol development there is nothing 
wrong with having competing protocols it helps make protocols better, 
which yours has already benefited from (fixing your illegal HTTP 
protocol implementation). You need to stop getting so upset and seeing 
this as some kind of personal attack, dont be so scared of different 
viewpoints or ideas about how things can be best done.

Let the best protocol win :)


On Thursday, June 26, 2003, at 06:24  pm, Matthew A. Miller wrote:

> You are STILL failing to see the point.  You SHOULD have contacted me,
> or the JEP editor SHOULD NOT have allowed this through.
> I will consider JEP-0101 to be feedback for JEP-0070, and change it
> accordingly.  If you have an issue with that, then you should have
> contacted me sooner.

More information about the Standards mailing list