What features are good candidates for being dropped before adopting a "don't break userspace" (no back-incompat) policy?

Question

What features are good candidates for being dropped before adopting a "don't break userspace" (no back-incompat) policy?

Opened this issue 6 years ago · 6 comments

Inspired by tangential discussion in #116.

feature	supported by	used at (w/ links)
globbing	elf-pavlik, melvincarvalho
Websockets API	elf-pavlik,

Answer 1 · 2019-03-21T21:29:58.000Z

I think Websockets API might need to get evaluated against alternatives / complementary mechanisms like:

Server-sent Events - https://html.spec.whatwg.org/multipage/server-sent-events.html#server-sent-events
WebSub - https://www.w3.org/TR/websub/

In general having implementation based feedback for each feature would come very helpful.

Answer 2 · 2019-03-25T13:32:48.000Z

Yeah, I've been trying to ask around for use cases that can distinguish HTTP/2+SSE vs WebSockets, but there hasn't been anything very clear so far.

Answer 3 · 2019-03-25T13:49:55.000Z

One more I can think of - WebID-TLS could get limited only as one of the availaable auth method with some OPs, I haven't tested that but if somone has client cert installed in a browser and each RS tries to initiate WebID-TLS session it might cause a browser cert selection pop-up for each of those servers even if someone uses WebID-OIDC to authenticate with them. I could try testing it in next days unless someone already checked that scenario.

Answer 4 · 2019-03-25T13:57:27.000Z

I admit to like WebID-TLS, and I am hoping it can stay, and I see it as a simpler alternative for IoT devices that need to send data to Pods. So, I'm trying to think about architectures that can better support several authns side by side, as I also see several other mechanisms coming sliding in e.g. SAFE and then we have the whole DID, so I think we can't be very restrictive in that space.

Answer 5 · 2019-04-08T19:52:30.000Z

Another issue related to WebID-TLS #145 (comment)

NSS currently still allows authentication with client certificates. For that, NSS has to terminate the HTTPS connection, and NSS only does HTTP 1.1. While you can put a reverse proxy with HTTP/2 in front of NSS (which is what I do), this does break client-side certificates (or you have to find a way to forward the client certificate negotiation).

@dmitrizagidulin have you looked into Signing HTTP Messages (HTTP Signatures) since you designed WebID-OIDC. Maybe it could offer replacement of WebID-TLS?

Answer 6 · 2019-04-09T18:32:46.000Z

WebSub would be cool!
(I'm currently getting my feed wet with WebMentions)