Post AXxoGP8HR5m2BCYsca by corycarson@infosec.exchange
 (DIR) More posts by corycarson@infosec.exchange
 (DIR) Post #AXxoGN9GoRNS1h0dt2 by slightlyoff@toot.cafe
       2023-07-22T00:11:33Z
       
       0 likes, 0 repeats
       
       Don't know who needs to hear this, but assuming bad faith regarding standards proposals just because you don't like someone's employer is basically never going to have the effect you hope.
       
 (DIR) Post #AXxoGNti1mWYLijjGq by slightlyoff@toot.cafe
       2023-07-22T00:12:40Z
       
       0 likes, 0 repeats
       
       *Particularly* in the early design phase, lots of ideas are bad! And that's OK! API design requires a journey through a problem space, and the best way to redirect this sort of thing isn't to extrapolate to worst-case scenario, it's to ask that folks show their work and demonstrate value.
       
 (DIR) Post #AXxoGOWLi7QsHYoaUy by slightlyoff@toot.cafe
       2023-07-22T00:16:07Z
       
       0 likes, 0 repeats
       
       We should all want a world where design discussions are low-stakes and collaborative. The alternative is groupthink and go-fever, and we know how that turns out (*cough* AppCache *cough*). Processes need to favour iteration and learning, rather than adversarial mudslinging.There will be plenty of time and space to stone late-stage work before it does harm, I promise. Just don't bring that energy to design-phase incubations and early Explainers.
       
 (DIR) Post #AXxoGP8HR5m2BCYsca by corycarson@infosec.exchange
       2023-07-22T02:57:19Z
       
       1 likes, 0 repeats
       
       @slightlyoff I'm not shooting from the hip.I was previously a voting member of the W3C WebAppSec working group, when I worked for an earlier employer.I saw this before with Content Security Policy, where it was proposed that CSP would apply against the user to limit what they could do in their browser. This was counter to what CSP was, is - protecting the user by limiting further what a loaded page could do.That's the crux of Web Environment Integrity. The aim of that proposal is boldly on it's face to change browsers from User Agents (of User Agent string fame!) to Agents working against the User. That is why the proposal earns the reaction.
       
 (DIR) Post #AXxoGPxKNIbgjWReBk by ondra@social.unextro.net
       2023-07-22T20:33:12Z
       
       0 likes, 0 repeats
       
       @corycarson Ha. "Turning user agents into double agents!" Me just 3 days ago... https://social.unextro.net/@ondra/110739117652060780
       
 (DIR) Post #AY6sjP0LHAeZNxF33Y by slightlyoff@toot.cafe
       2023-07-22T06:55:05Z
       
       0 likes, 0 repeats
       
       @Seirdy Because the process is being misrepresented by folks who have some axe to grind. The space to make mistakes involves ensuring that, yes, the message is delivered. But also that the space for iteration is preserved. Do you imagine a line of endless automatons with horrible ideas in hand? Or people who want to do good in the world, learning one mistake at a time like the rest of us mortals?
       
 (DIR) Post #AY6sjPrW5TBi2s7VwG by Silicanus@the.asbestos.cafe
       2023-07-27T05:35:34.602454Z
       
       0 likes, 0 repeats
       
       @slightlyoff wait is this about that web drm thing lol
       
 (DIR) Post #AY6sjQ8X4Cnate56Se by slightlyoff@toot.cafe
       2023-07-22T06:57:31Z
       
       0 likes, 0 repeats
       
       @Seirdy I don't make people do this work in public for their own benefit, I've forced openness over many years to get better results than what the old world of smoke filled rooms yielded. So we need to focus on constructive iteration, or we'll get worse.