On 2019-07-04 22:13, Eric Rescorla wrote: > > > On Thu, Jul 4, 2019 at 12:21 PM Nico Williams <nico@xxxxxxxxxxxxxxxx > <mailto:nico@xxxxxxxxxxxxxxxx>> wrote: > > On Thu, Jul 04, 2019 at 08:31:47AM -0700, Eric Rescorla wrote: > > Ignoring labelling for a moment, in a number of WGs (HTTP, TLS, and > > QUIC) we have found it necessary to have full implementations and > > large-scale deployments quite early in the design process, long before > > anyone thinks that the document is done. > > I had that experience in mind. > > Except for QUIC (whose implementors and deployers understood and > expected to have to make backwards-incompatible changes / move to HTTP/2 > and /3), HTTP/2 and TLS 1.3 didn't get widespread deployment during this > process. But they did get some, and that "some deployment" was > absolutely critical to their success. > > > I don't want to nitpick about widespread, but we were seeing single > digit fractions > of Firefox connections with TLS 1.3 during this period. I would > anticipate that > QUIC will be similar. > > -Ekr > These are all success stories (TLS, QUIC...) that seem to follow the pattern of a fairly tight knit community of comitted actors who are willing to progress at roughly the same pace. I was here when MSFT suddenly announced that a particular draft of pkinit was going to get shipped in Active Directory krb and that was that. Would we have gotten further down the road of practical interop for asymmetric key authn in kerberos had we use the same pattern of work as TLS 1.3 did? Maybe we're just better at this now? I doubt it. I do know that for every success story there is a case of a WGs killed by a big actor who decides it is no longer going to play ball... some very recently. You can lead the horse to water but you can't force it to drink but to what extent is flexibility wrt the publication process enabling this behaviour? Cheers Leif