XAuth critiques

Phillip Hallam-Baker hallam at gmail.com
Tue Jun 8 12:42:29 UTC 2010 

On Tue, Jun 8, 2010 at 4:19 AM, John Panzer <jpanzer at google.com> wrote:
> On Mon, Jun 7, 2010 at 9:19 PM, Phillip Hallam-Baker <hallam at gmail.com>
> wrote:
>>
>> As often happens in these debates, we have a proposal that has an
>> acknowledged issue that we are being told isn't an issue because the
>> developers don't see it as an issue.
>>
>
> Actually, what's happening is that people are re-raising objections that
> were discussed back in April and ignoring the answers that were given then.
>  It's fine to disagree with the answers, but it's polite to acknowledge that
> answers have been given and, ideally, attempt to refute them instead of
> pretending the answers don't exist.

No, that is the exact answer I always get.

And given my experience in national politics, including being one of
the convention delegates who voted to found a major political party
now in government in the UK, you are full of it.

The claim 'this question has already been answered at a different
time' is a classic tactic in agenda denial. When the politician is in
office it is too soon to answer the awkward question, when they are no
longer in office it would serve no purpose to look back at the past.
There will never be a time to answer the question because the only
possible answer is indefensible.


>>
>> I really take offense when I raise an issue and someone says 'that
>> does not matter to anyone' or 'that issue has been dealt with'. The
>> one issue that I have never found it difficult to get the industry to
>> agree on is the necessity of ensuring that no party gains a
>> proprietary leverage in a communication protocol.
>
> Please read the blog posts.  It's very difficult to even discover what
> different people consider to be "the problem".  Shouting "privacy!" doesn't
> actually move the discussion forward.

Please read my book where I explain exactly what is wrong with your blog posts.

This is another bogus form of argument called recourse to bogus
authority. Instead of making the argument you claim that it is already
won, a claim that is implicit in the notion that anyone who reads your
blog posts will accept your argument.

You are defending your proposal in this forum, not your blog. If you
can't provide a succinct exposition of your argument it is probably
not a good one.


There are three possible outcomes

1) Proposal is introduced and later modified to avoid lock-in
2) Proposal is introduced and proves impossible to modify once deployed
3) Proposal is rejected

The problem with (1) is that my experience of HTTP is that it is
almost impossible to change a scheme once deployed.

(3) is not the worst case outcome for most people. The best strategy
for people who take lock in and control issues seriously is to attempt
a veto before critical mass is achieved.



-- 
Website: http://hallambaker.com/

More information about the specs mailing list