On 11/27/20 7:56 AM, Warren Kumari wrote:
On Thu, Nov 26, 2020 at 3:34 PM Michael Thomas <mike@xxxxxxxx> wrote:
I know there are a whole lot of things that Google is doing for
configuration, casting of urls (cf chromecast), etc which use
proprietary protocols. Lots of other vendors are inventing the same or
similar wheels. Can anybody tell me why these haven't been standardized?
Is it politics? It sure is a PITA to not be able to send a URL to Apple
Device or cast from Firefox onto my chromecast. I assume that this
tangle applies for every other ecosystem like Apple and Amazon.
Does anybody know the history and/or why we suffer this mess? I mean,
the base level mechanisms seem pretty well understood.
Hi there,
So, there are a number of things at play here.
Firstly is that there many of the things which you are probably
viewing as "protocols" are more APIs/formats. In many cases these APIs
are very narrowly focused, quite specific (and so there isn't really
interoperability), and change frequently as new features are added,
etc. Keeping an IETF standard updated every time the API changes would
limit how quickly features can be added.
There is clearly an over the wire(less) protocol going on between my
chrome browser and my chromecast which sends a URL (I assume) and some
mechanism for authentication as needed so the chromecast pull up the
content (chromecast does not dogleg through your device, unlike
AppleTV). Or some such voodoo. It's probably the same/similar for
sending a URL to another google browser. They also seem to have a
VNC-like protocol which is used for screen sharing. For all I know it is
just repackaged VNC.
One bad thing about it being a closed protocol is that I have no idea
whether whatever voodoo their using to allow my chromecast to have
access to various streaming services is secure and safe. The larger
issue is that there are probably a dozen or more companies all doing
similar things with varying degrees of security competence.
One of the best things that IETF has brought in the last 20 years is
eyeballs with security clue to protocols whose authors have much less
clue, and especially in the beginning none at all. So now we're giving
all of these household items access to intimate details of our lives
where we don't even know whether they are properly secured. The one
lasting lesson of the LinkedIn unsalted password debacle is that even
really big companies can do really stupid things, and with network
protocols it's even worse.
But the bottom line of all of this is that it's a mess, and all of their
squabbling and posturing are making the user experience terrible.
Mike
