IETF publishes URN specs as RFCs

Grok Headline matches for IETF publishes URN specs as RFCs

Liberty Alliance publishes Phase 2 specs

Liberty Alliance publishes Phase 2 specs 11/13/2003 07:47 AM
Computer Weekly Nov 13 2003 7:04AM ET

Liberty Alliance publishes updated specs
for ID management

Liberty Alliance publishes updated specs
for ID management 11/12/2003 05:43 PM
The Phase 2 Liberty Identity Federation Framework is designed to make Web services easier to deploy and ensure that they comply with laws for securing privileged user information.

Fighting RFCs with RFCs

Fighting RFCs with RFCs 06/05/2005 11:35 PM

Google's recently released Web Accelerator apparently has some scary side-effects. It's been spotted pre-loading links in password-protected applications, which can amount to clicking on every "delete this" link - bypassing even the JavaScript prompt you carefully added to give people the chance to think twice.

"Aah," I hear you cry, "but RFC 2616 clearly states that you shouldn't perform state changing operations with a GET or HEAD method!"

In particular, the convention has been established that the GET and HEAD methods SHOULD NOT have the significance of taking an action other than retrieval.

I'll see your RFC 2616 and raise you an RFC 2119:

SHOULD NOT This phrase, or the phrase "NOT RECOMMENDED" mean that there may exist valid reasons in particular circumstances when the particular behavior is acceptable or even useful, but the full implications should be understood and the case carefully weighed before implementing any behavior described with this label.

Hiding your dangerous delete links behind an authentication scheme is a perfectly acceptable compromise. Web Accelerator is B.A.D.

Update: Be sure to read the excell ent discussion brewing in the comments. Hiding behind authentication may not be as acceptable a compromise as I had first thought.

Update 2: If you haven't been following the comments, I've had a change of heart. Even in the absence of Web Accelerator, hiding behind authentication leaves your application open to some very nasty security vulnerabilities (malicious pages can piggy-back your session and cause havoc making dangerous GET calls). I still think the RFC language covers people who thought long and hard before implementing a dangerous GET, but if you haven't thought about security and accelerating caching proxies such as Web Accelerator you haven't been thinking hard enough.

Update 3: So, it turns out using POST is no defence at all against CSRF attacks. I've been learning a whole bunch of interesting stuff this evening.

Two synching format RFCs

Two synching format RFCs 01/07/2004 04:33 PM
Dare Obasanjo posted an RFC for a synching format: Synchronization of Information Aggregators using Markup (SIAM).

The idea is to synchronize subscription lists and read/unread states of items.

Another format was proposed by James Huston: Syndication Interchange File Format (SIFF).

Yes, more acronyms!

But the idea is to come up with a standard format that can be supported by lots of different newsreaders.

Patents, RFCs and Reputation

Patents, RFCs and Reputation 09/16/2004 01:55 AM
Here's a thought, which is more valuable: the Eolas Patent on browser plugins or Dave Crocker's RFC for email? Eolas recieved a half a billion settlement from Microsoft, and the original inventors probably realized a considerable reward. I'm using Eolas...

IETF News

IETF News 08/06/2004 02:57 AM
The IETF, despite the fact that it keeps the Internet running, doesn’t get much news coverage. I suspect that’s partly because its structure is pretty well 100% opaque and incomprehensible to outsiders (and it seems to not a few insiders, especially newbies like me). There’s actually no such organization as the IETF but there are (in alphabetical order) CNRI (who run the Secretariat) and Foretec and the Internet Architecture Board (IAB) and the Internet Assigned Numbers Authority (IANA) and the Internet Corporation for Assigned Names and Numbers (ICANN) and the Internet Engineering Steering Group (IESG) and the Internet Research Task Force and the Internet Society (ISOC) and the RFC Editor. Anyhow, there’s news. Big news, I think. Most of it I don’t understand and the parts that I do I may have been told in confidence. The fairly severe angst coming out of this spilled over into the Jabber channels from Thursday night’s plenary session. I think it may be as smooth and simple as the IETF trying to do the same thing more efficiently, or it could be a lot more complicated and ugly. Don’t ask me to explain it; but I think it matters.

IETF roiled over NAT

IETF roiled over NAT 01/26/2004 01:57 PM
If there is one topic that can get the members of the Internet Engineering Task Force worked up, such as they were once again last week, it is the topic of network address translation, or NAT. Here's a snapshot of the debates over the use of NAT as a hindrance to the implementation of IPv6, as evidenced by posts to the IETF discussion list.

IETF Shuts MARID Down

IETF Shuts MARID Down 09/22/2004 04:19 PM
Internet News Sep 22 2004 7:49PM GMT

60th IETF Notes

60th IETF Notes 08/03/2004 01:56 AM
Herewith a newbie’s first impressions from a couple of days in the IETF maelstrom...

Messaging and Presence @ IETF

Messaging and Presence @ IETF 02/19/2004 12:50 PM

After perusing the IETF's Working Group Guidelines and Procedures, I went perusing the web for charters to 'crib' from.  I came across SIMPLE and XMPP.&n bsp; These are not just interesting from a potential future IETF bretheren point of view, but also from a basic syndication and API point of view.  In particular, such protocols can avoid the scalability problems associated with a polling based architecture and can potentially navigate through gateways, firewalls and routers.

Authentication is the one area where I expect things to be different, but the uniform layout of the feed and entries are something that I don't expect to vary based on the transfer mechanism.

IETF Mulling Changes to Secure TCP

IETF Mulling Changes to Secure TCP 05/12/2004 05:31 PM
An IETF working group has recommended TCP changes to eliminate, or at least minimize, attack scenarios against the widely used data communication protocol.

The IETF, Best Practices and XML Schemas
(XML.com)

The IETF, Best Practices and XML Schemas
(XML.com) 06/17/2002 10:58 AM

IETF Approves SPF and Sender-ID

IETF Approves SPF and Sender-ID 06/24/2005 06:17 PM

The IETF, Best Practices and XML Schemas

The IETF, Best Practices and XML Schemas 06/12/2002 08:25 PM
In this week's XML-Deviant column, Leigh Dodds reports on the IETF's efforts to define best practices for the use of XML, which has fanned the flames of debate about schema languages.

IETF Draft: AtomPub Protocol

IETF Draft: AtomPub Protocol 07/15/2004 08:23 PM

IETF Atom working group

IETF Atom working group 05/06/2004 11:42 AM
"The goal for the working group is to produce a single feed format and a single editing protocol."

eMail Sender ID Standard Off to IETF

eMail Sender ID Standard Off to IETF 06/25/2004 09:57 PM
Internet.com Jun 26 2004 1:50AM GMT

IETF Working Group for Atom

IETF Working Group for Atom 05/06/2004 07:24 AM

A new IETF working group has been proposed for Atom. A draft IETF working group charter may be found here.

XML and the IETF: Making the case for
RELAX NG

XML and the IETF: Making the case for
RELAX NG 06/05/2002 05:52 AM

IETF Reportedly Rejects Sender ID

IETF Reportedly Rejects Sender ID 09/15/2004 07:33 AM

IETF Draft: AtomPub Format

IETF Draft: AtomPub Format 07/15/2004 08:23 PM

IETF Decides On SPF / Sender-ID issue

IETF Decides On SPF / Sender-ID issue 09/13/2004 11:05 AM
Slashdot Sep 13 2004 3:16PM GMT

IETF to cramp Cisco's WLAN empire?

IETF to cramp Cisco's WLAN empire? 11/17/2003 08:04 AM
The Register Nov 17 2003 7:52AM ET

IETF Shutters E-Mail Working Group

IETF Shutters E-Mail Working Group 09/22/2004 04:49 PM
The working group's masters determine the best course of action is to let Sender ID sort itself out.

IETF leaders urge detente with rivals

IETF leaders urge detente with rivals 03/14/2005 06:27 PM
The IETF is scrambling to retain its position as the Internet's premier standards setting body in the face of declining participation, increased competition from other standards bodies and overall network industry consolidation.

XML and the IETF: Making the case for
RELAX NG (xmlhack)

XML and the IETF: Making the case for
RELAX NG (xmlhack) 06/05/2002 01:41 PM

IETF eyes 'Net emergency communications

IETF eyes 'Net emergency communications 03/25/2005 06:32 AM
Latest management news.

IETF Working Group Guidelines and
Procedures

IETF Working Group Guidelines and
Procedures 03/09/2004 01:47 AM
The next meeting of the IETF is scheduled for August 1-6, 2004 in San Diego, CA, USA.  Excerpts from RFC2418. ...

Eric Miller wants Atom to be developed
in W3C instead of IETF.

Eric Miller wants Atom to be developed
in W3C instead of IETF. 05/13/2004 08:01 PM
Eric Miller wants Atom to be developed in W3C instead of IETF. This sounds reasonable except for the risk that the W3C would screw up Atom by tying it into the Semantic Web. Danny Ayers adds that "The W3C get things done", but that doesn't count if the resulting specs are unimplementable.

Microsoft Submits Email Caller ID to the
IETF

Microsoft Submits Email Caller ID to the
IETF 05/21/2004 05:38 PM

Yahoo Submits DomainKeys Draft To IETF

Yahoo Submits DomainKeys Draft To IETF 05/19/2004 10:22 AM

IETF = XMPP (Jabber) is the official
open standard

IETF = XMPP (Jabber) is the official
open standard 02/10/2004 02:47 AM
IETF Approves Jabber XMPP. Jabber Inc. announced today that the IETF has approved the XMPP protocol as a standard for instant messaging and presence. The standardization effort has been led by the Jabber Software Foundation [JSF], an independent group, who have been working with... [Get Real]

IETF Shuts Down Anti-Spam Working Group

IETF Shuts Down Anti-Spam Working Group 09/22/2004 04:36 PM
Contentious discussions in group boded ill for consensus on a standard

Alternate News Feed Supporters Stick
with IETF

Alternate News Feed Supporters Stick
with IETF 07/16/2004 06:56 PM
Backers of Atom, a rival XML syndication format to RSS, decide against a switch to the W3C as the IETF gives its blessing to start Web standards work.

IETF deals Microsoft's e-mail proposal a
setback

IETF deals Microsoft's e-mail proposal a
setback 09/14/2004 02:32 PM
A proposed technology for identifying the source of e-mail messages suffered a blow last week when a group within the Internet Engineering Task Force (IETF) established to study the proposal sent it back for more work, citing concerns over vague intellectual property claims made by Microsoft Corp. covering some of the technology.

IETF deals setback to Microsoft antispam
effort

IETF deals setback to Microsoft antispam
effort 09/14/2004 04:40 PM
A working group within the Internet Engineering Task Force voted not to proceed with an antispam technology standards proposal submitted by Microsoft because of concerns about intellectual property claims that the company is making.

IETF Draft on Transmission Control
Protocol security considerations

IETF Draft on Transmission Control
Protocol security considerations 04/21/2004 01:06 PM
Thor Larholm (Apr 20 2004)

IETF knocks back Microsoft anti-spam
plan

IETF knocks back Microsoft anti-spam
plan 09/15/2004 09:54 AM
vnunet.com Sep 15 2004 1:54PM GMT

IETF starts work group instant messaging
protocol (E-Business Standards Today)

IETF starts work group instant messaging
protocol (E-Business Standards Today) 11/13/2002 01:02 PM

Grok Description matches for IETF publishes URN specs as RFCs
GrokA matches for IETF publishes URN specs as RFCs

IETF publishes URN specs as RFCs

The following phrases have been identified by the grok system as matching this entry: