Re: [dev] seif opinions?
I personally feel that Hixie's Laws of the Web (I'm trademarking that since I just thought of it) #3 & #4 are mishandled but as a result of the experiences of the early web. I remember the early "mobile" web (Palm Treo 650 & BB World Edition in 2004-2009). They weren't as bad as many people made them out to be. Especially if sites focused on content over media. I never did any WAP/WML browsing [0][1] but I guess that was good for Asia & Europe for a little while (?). My answer to #3 is to not worry about it. Vendors & developers naturally respond and improve the experience (usually by removing stuff). MIME/Content types are then important and fallback rendering should be something useable. Must use "IE Edge v. 50+" is a cop out especially if no fallback mode is provided. I'll go somewhere else to get that content, thank you! I remember the early web (95-97) having dozens of plugins available to do different things. And they were shitty (slow, broken, etc). And super insecure (and the matter was compounded by the insecurity of Windows). They required too much of the browser's context and the plugin's context to be shared. Eventually the web down-selected to a few (Java & Flash). My answer to #4 is to have something like sandboxed plugins which act more file extension handlers. I really hate that my browser decides to render a PDF for me instead of downloading it. Browsers have become more complex than OSes and that's not good. Let a native app handle it. [0] https://en.wikipedia.org/wiki/Wireless_Application_Protocol [1] https://en.wikipedia.org/wiki/Wireless_Markup_Language On Mon, Sep 26, 2016 at 11:49 PM, Martin Kühnewrote: > So, what about the impact of #3 and #4 on the code size of modern browsers. > That means it should be easier to understand (and implement) than DOM. > Or is there an even harder problem? > > cheers! > mar77i >
Re: [dev] seif opinions?
So, what about the impact of #3 and #4 on the code size of modern browsers. That means it should be easier to understand (and implement) than DOM. Or is there an even harder problem? cheers! mar77i
Re: [dev] seif opinions?
This is interesting. Thanks for sharing. However, as welcome as alternatives to the current PKI system must be at this point, replacing HTTPS and the rest of what we call "the web" with nodejs, Qt, and JSON has got to be some sort of sick joke. Talk about having only a hammer... Mr. Crockford needs to get out of the house more. Sat, Sep 24, 2016 at 10:44:33PM -0700, Louis Santillan: > Has anybody considered seif [0][1]? > > I disagree with the choice of nodejs & Qt, and the idea of capturing > entropy from microphone and camera are interesting but gameable. I > think the overall concept is viable. > > [0] (Repo) http://www.seif.place > [1] (Talk) https://www.oreilly.com/ideas/the-seif-project >
Re: [dev] seif opinions?
> On Sep 25, 2016, at 9:29 AM, Nick Warnewrote: > > On Sun, 25 Sep 2016 09:23:11 -0700 > Louis Santillan wrote: > > >> infrastructure player (like a bank {PayPal}... > > Paypal isn't a bank. > It operates multiple banks. It depends on the legal definition of where it is operating. It even now owns the bank that issues credit for PayPal Credit, so it is more than one type of bank. And they are certainly an infrastructure player, and is exactly the appropriate type of company for this example. > Nick > -- > "Gosh that takes me back... or is it forward? That's the trouble with > time travel, you never can tell." >-- Doctor Who "Androids of Tara" >
Re: [dev] seif opinions?
On Sun, 25 Sep 2016 09:23:11 -0700 Louis Santillanwrote: > infrastructure player (like a bank {PayPal}... Paypal isn't a bank. Nick -- "Gosh that takes me back... or is it forward? That's the trouble with time travel, you never can tell." -- Doctor Who "Androids of Tara"
Re: [dev] seif opinions?
On Sun, Sep 25, 2016 at 1:47 AM, Hiltjo Posthumawrote: > On Sat, Sep 24, 2016 at 10:44:33PM -0700, Louis Santillan wrote: >> Has anybody considered seif [0][1]? >> >> I disagree with the choice of nodejs & Qt, and the idea of capturing >> entropy from microphone and camera are interesting but gameable. I >> think the overall concept is viable. >> >> [0] (Repo) http://www.seif.place >> [1] (Talk) https://www.oreilly.com/ideas/the-seif-project >> > > Can you give a (brief) background information what the project does? Sorry, not brief. The talks, the code [0][1] and the lone protocol document [2] say it best. A little what like the HTTPSSH [3] Sylvain was describing but prescriptive as to the technology stack. Instead of HTTP or HTTPS (which is HTTP+TLS these days), replace the negotiation of the HTTP protocol with a PKI style 2 packet handshake over TCP that are in the form of JSON messages. All future (also encrypted JSON message) commands & responses are then processed using nodejs client/servers. Instead using a markup + stylesheets (or SVG or VRML or XForm or etc or W3C crap standard) as the presentation layer, specify & utilize Qt. Lastly, to support eventual replacement of the web (instead of wholesale replacement) create & support an open browser plugin so that seif clients/servers can be ed & utilized in the current set of web infrastructure. A new browser/client/mobile app is also supportable if a large infrastructure player (like a bank {PayPal} or healthcare provider or etc) can provide value through it. The specification is so far very high level and client/server examples are relatively new. I would have leaned towards extending a gopher protocol like solution. What I like: * Use of the PKI-style handshake for secure communication without CA infrstructure * Non-use of HTML/CSS * The use of JSON as command response language (almost anything is an improvement over HTTP though) * Use of an actual GUI command set What I dislike: * The specification of nodejs * The specification of Qt (I would have been ok even a new GUI lib but understand that this is compromise of what's available) * The invasive & prescriptive use of hardware for entropy collection * The lack of unencrypted fallback for human readable messages & debugging * The lack of a document mode (or text mode) vs. application mode [0] https://github.com/paypal/seifnode [1] https://github.com/paypal/seif-protocol/blob/master/examples/ [2] https://raw.githubusercontent.com/paypal/seif-protocol/master/doc/seifhandshake.html [3] http://lists.suckless.org/dev/1609/30541.html
Re: [dev] seif opinions?
On Sat, Sep 24, 2016 at 10:44:33PM -0700, Louis Santillan wrote: > Has anybody considered seif [0][1]? > > I disagree with the choice of nodejs & Qt, and the idea of capturing > entropy from microphone and camera are interesting but gameable. I > think the overall concept is viable. > > [0] (Repo) http://www.seif.place > [1] (Talk) https://www.oreilly.com/ideas/the-seif-project > Can you give a (brief) background information what the project does? -- Kind regards, Hiltjo
[dev] seif opinions?
Has anybody considered seif [0][1]? I disagree with the choice of nodejs & Qt, and the idea of capturing entropy from microphone and camera are interesting but gameable. I think the overall concept is viable. [0] (Repo) http://www.seif.place [1] (Talk) https://www.oreilly.com/ideas/the-seif-project