Funnily enough I was having a similar conversation with someone at work last week. It seems that our Intranet authenticates via an LDAP bind, and when I found this out I thought "huh?!" and went to talk to the guy responsible. Of course, I didn't really have any better answer for him because although it's very easy to say "Just use Kerberos!", I only really know the basic principles of it and not really the practice.
So, my question to you is... do you have any good pointers to a nice, simple "getting started" HOWTO for doing Kerberos auth both through PAM and from my own software? Also, I was under the impression that under Kerberos you're not supposed to share your password around, but instead present tickets; how does that work in an app that just accepts a username and password? (Like, say, a Jabber server, or login at the Linux console, or when doing HTTP auth.)
I understand your position as essentially being "Don't pave over shitty programming languages by adding another layer on top -- just design a better programming language!", in which case I agree with you wholeheartedly. If an IDE can infer/guess/generate something, why can't the compiler?
I've become interested lately in network-based backup. That is, I don't have any dedicated "backup media", but instead I just ensure that my important stuff ends up stored on the hard disks of at least two computers somewhere. Right now my solution to this is lame: I just copy the stuff about manually. This means I don't have any idea where a file can be found, there's no record of which copy is the "definitive" copy (ie, the one I should edit), and there's no automated way to restore everything. I've been hoping that someone would come along and make a tool to make this easier.
I found a half-finished thing called Brackup which looks like it was trying to go in this direction, with the extra ability to backup to things like Amazon's network storage service, and with encryption so that you can (with the appropriate amount of caution) back up to systems you don't necessarily trust with your data. Then you just need to back up the much-smaller "index file" to some removable media and store it somewhere safe.
Ideally, though, I want something that's one level above that where it just figures out itself where everything should be replicated to based on conditions like "all of my documents must be stored at at least two premises", and it'd then know that it's not sufficient to back up stuff from the desktop machine in my house to the server in my house -- it must use a host outside my LAN. It would also keep track of the amount of space allotted to backups on each machine and avoid using up too much space, warning me if it was unable to satisfy my criteria so that I can either add more targets or increase the allotted storage space.
The main thing I like about network backup is that I don't have to fumble about with physical media. All of my computers have got spare disk space, and the disks are already there and plugged in, so why screw about with DVD media or tapes? Backups need to just happen automatically in the background or I'll never bother to make them.
I think the most likely turn of events is that people won't pay any attention at all and go on using Windows 98. At least, that's what I expect most of my company's clients to do!
Indeed. I haven't had a printer for about six years now, since my cheap Canon inkjet printer ran out of ink and I binned it when I moved house. I can't say I miss it. The only times I can think of when I could have used a printer are when I needed to refer to some information away from the computer, but I find a small notepad and a pen work just fine in most of these cases. (I've been using the same notepad for the past few years, too, and I've used less than half of the sheets in it.)
WebKit is comparable to MSHTML, which is where most of the bugs and flaws attributed to Internet Explorer actually live. Safari is a front-end to WebKit, and Internet Explorer is a front-end to MSHTML.
(and MSHTML isn't really an accurate name for the component I'm talking about, but MS just calls it "Internet Explorer" -- hence "Internet Explorer is part of the OS" -- so it's the best label you can get for it really.)
Having been in situations where I (as a user) see a different filesystem to other users and to the system itself, I have to say that while it's a nice idea on paper it's very confusing in practice. For example, try using the "subst" command in NT. This creates a symbolic link in the kernel's object tree between a drive letter and a directory on some filesystem, effectively aliasing that directory onto a drive letter. However, since each session has its own view on the object tree this drive letter appears only for the user that ran subst.
This works just fine as long as you don't try to talk to a system service, since that service will be running in a separate session and won't be able to "see" your drive letter. The UI for this system service asks you to choose a file, and since the UI is running as you it allows you to pick a file from your alias path. However, the service itself is running in a separate session which either doesn't have that drive letter at all or has it pointing somewhere else entirely. Strange things happen and it can be hard to figure out exactly what's causing it.
Taking this outside the realm of the hypothetical: parts of Windows Installer run as a service, so you can't actually run MSI files from a substed drive: the service parts of Windows Installer can't "see" the substed drive to access the MSI file. Also, taking Windows Services out of the picture, several non-technical users at my company have sent me email telling me to look at T:\document.doc, where T: is a mounted volume from a server. Of course, that volume is mounted under a different letter on my computer, so I have to figure out what their idea of T is so that I can map it onto my equivilent.
The current recommended way for a Windows application to bundle DLLs is to just put them in the directory with the executable. The application's own directory is also searched when loading a DLL and takes priority over what you find in the Windows directories except for a few special cases where attackers were putting modified versions of core Windows DLLs in application directories to cause strange behavior.
This has been the case for quite a while. There's not really any reason to install your library into the System32 directory. I'll give it to you that Windows should really make it easier to keep third-party libraries separate from the core ones, but a library intended to be shared between multiple apps can easily add an entry to the PATH, at least until the path ends up too long to fit!
Hidden controls aren't really necessary, since Windows has an API specifically designed for providing information to assistive technologies. An app that draws its own controls just needs to implement the necessary discovery interfaces and a properly-written screen reader should function properly with it.
Admittedly, the hidden control solution would probably be easier for something as simple as Solitaire.
If your goal is simply to replicate data from an Exchange server in a CalDAV server, I can't help but think it'd make more sense to simply provide a proxy that talks CalDAV on one end and Exchange on the other end and translates the data direct from the source. Certainly less troublesome than constant two-way syncing, especially if that syncing is done on the client.
I write open source software. However, I am interested in quite a narrow set of projects, due to constraints on my time, my knowledge and my interests. I feel that the compensation I get from working on something that interests me is that someone else, who has different interests and skills, will write something that I need but which I don't necessarily want to write.
Compensation doesn't have to be in the form of money. Of course, this philosophy doesn't work so well for a business, but as a person I'm happy enough with this arrangement and I'd guess I'm not the only one given the large number of open source projects out there.
When I was at university (in the UK) they had in the computer science department six large computing labs. When I started, two were running SuSE Linux and four Windows. The next year, one of the Linux labs was converted to Windows. The year after that, the remaining Linux lab was converted to Windows. During the year when there was only one Linux lab, it was rarely used. I used it often because it was quiet and there was no queue for the printer.
In all my time there, there was only one class scheduled to be in that lab each week, which I was a member of. It astounded me that students would come into the class, sign in to say they had arrived, and then go and sit in the nearest Windows lab -- on the other side of the building -- just to avoid using the Linux system. This caused some upset because that lab was being used for a different class at the same time and so it got very busy. When the students were asked not to do this, they protested very loudly saying that they didn't know how to use Linux. This was ridiculous since the class pretty-much just involved researching stuff on the Web and writing a report. Once you'd figured out how to start up Firefox and either KWord or OpenOffice Writer you were golden. (It was a pretty crummy class -- it was one of the mandatory business/ethics/whatever classes that they had to have to get the degree BCS certified.)
I think the advantage that this approach has over Cedega is that the effort to get the game running will (in theory, at least) be done by the game developer rather than the end-user. They will, after making their Windows game, try to compile it against this new library. No doubt some odd things will happen, but they can patch those up a lot more quickly than they could do a complete port. The end user just gets a normal (if slightly bloated) Mac binary that works out of the box.
If I release some software that links against a completely unmodified GPLed library, should I be required to licence my software under the GPL? If all it's doing is binding (at runtime) to an already-available shared library, I'm not entirely convinced that the GPL should "infect" me in this case. Of course, if I distribute the shared library myself along with a binary distribution of my product I should be required to offer the source code of the shared library, but not of my own product which does not actually contain any code from that library.
If I was to statically link so that my executable is a derived work of the shared library, I've got no qualms with the GPL "infecting" me in that case. Things get even more tricky when you consider higher-level languages that always bind at runtime, like Java. Is saying
new org.gpledlibrary.SomeClass()
in my source file enough for me to need to distribute my software under the GPL? Should it be? Can it be, by law?
The thing that always gets me about these reactions to "terrorism" is that they seem to assume that the attackers only have one available attack vector. Why would they fly planes into buildings again if they could detonate bombs in a metro railway system? Why would they detonate bombs in the metro railway system again if they could... well, I don't know, but I'm sure they could think of something.
The reason these suicide attacks have worked so well is because no-one was expecting them. They aren't going to do the same thing again. There are plenty of ways to cause distruption and terror if you've got a bomb and someone who doesn't care for their life. Instead of focusing on what they've already done, worry about what they might do next.
I recently did a "repair" install on a Windows 2000 system. The system in question had Service Pack 4 installed, but of course the repair replaced everything with original distribution files. Not quite everything, though: it seemed to leave behind a few SP4-supplied drivers and libraries so that it just bluescreened on boot. I fixed it by booting in "Safe Mode" and running the SP4 installer to re-upgrade everything. Fun times.
Blueyonder have always been quite a nice ISP, in my experience. Back in my dial-up days I had unlimited dial-up from them on a second line and I left it connected pretty-much 24/7 and they didn't seem to care. I figured this was because I got my telephone line from them as well, so it wasn't really harming them. At about that time all of the BT-based "unlimited" ISPs were using automatic cutoffs every hour or two, whereas I'd keep connections up for weeks at a time. It doesn't really suprise me that they'd be liberal about bandwidth usage too.
I guess you've probably already solved this for yourself, but for the benefit of anyone else wandering by...
The dotdeb alternative repository has more up-to-date packages aimed at those running "LAMP" servers. It has PHP 5, Apache 2 and MySQL 5 packages (amongst others) that are quickly updated in response to new releases. I use it on my rented server where I provide hosting services to some of my friends and it has worked like a charm so far atop the base Debian Sarge.
What did you manage to do with presentational HTML that you couldn't do with CSS? IE's lack of CSS table support notwithstanding, CSS is generally thought of as a superset of the capabilities of presentational HTML, so I'm curious as to what things you see as lacking in CSS.
The main reason for CSS tables is so that you can present a grid-like layout to a desktop browser while presenting a more linear, compact layout to a handheld/mobile device. More generally, though, the reason is the same as for everything in CSS: keep the presentation separate from the content so that you can change the presentation easily.
If you want to complain, complain about Internet Explorer. Mozilla, Opera and (as far as I know) Safari all support the CSS table rendering model, which can do almost everything that HTML tables can. The main thing it lacks is support for colspan and rowspan, but for your average website layout (banner across the top and one or maybe two sidebars beside the content) you can get away without using either.
Of course, Internet Explorer only supports the bare minimum of the stuff in that chapter, and even then only when applied to HTML tables. Nor does Microsoft plan to support it in the near future. Most people don't even know that CSS can do table rendering because of Microsoft's lack of support, but the truth is that for all of CSS's warts, simple table-based layouts are actually right there in the CSS2 spec and will work just fine in every modern browser except Microsoft's.
I'm not a big MySpace user, but a lot of my (adult) friends use it quite a lot for the "Music" section. By being attached to a big media company they've managed to get an official presence for almost every major label and band on that site, and they also allow unsigned/smaller bands to register themselves. My friends trawl around the music section looking for new bands, and the group of my friends that are in a band of their own use it to promote said band to fans of similar bands.
The pure social networking bit is mostly for the kids, but the music section seems to attract young adults a lot more.
Here in the UK we have a law called the Disability Discrimination Act which, amongst other things, requires company websites to be accessible to disabled users. I find that hinting at possible legal action for non-compliance with this law is a good way to get some leverage on issues such as this. I find clients are a lot more amenable to criticisms of their suggestions when you put it in terms of "this will be bad for you because..." rather than "we don't want to do that because...".
When it comes down to it, the client is paying you because you presumably know more than them about producing websites. Although they might have some ideas of there own, I've never found a client that isn't willing to compromise if you're honest about the reasons for your reservations and the potential implications of a certain decision.
History has shown that by letting the browser developers "write the spec" through their implementations you end up with features that are designed to suit a particular browser's architecture, with little thought to the ramifications of this on other browsers and on users of the features.
The biggest example of this is the IMG element. This was invented by the Netscape guys, and submitted for feedback. They got lots of feedback suggesting the element was broken because it did not gracefully degrade in browsers without support and lacked the ability to offer alternative content containing HTML markup. The Netscape guys then replied "Oh. Well screw you all because this is easier to implement and we're releasing it anyway." Years later, the ALT text issue is of little consequence as all browsers now render either the image or the alternative text, but with browsers starting to support new image formats like SVG it'd be nice to be able to offer an SVG image with a PNG fallback. W3C tried to propose OBJECT as a more general alternative, but it hasn't really caught on because there's already an existing "good enough" solution.
The Netscape guys are aren't the only offenders. Microsoft announced ActiveX which, by its very nature, cannot run on operating systems other than Windows or on other architectures. Their XMLHttpRequest feature was provided as an ActiveX library, meaning that when other browsers implemented it they had to adjust the implementation to work without ActiveX, making their implementations incompatible with Microsoft's "standard". Microsoft also offered VML, which is essentially an XML serialization of the graphics objects out of Microsoft Office. The Mozilla guys made XBL, which is a great idea but their initial implemention had some warts that made it hard to implement in other browsers; there's currently a group working on "XBL2" which will fix XBL to be more portable.
I think it's a good idea to have some external entity involved, acting as a mediator. The browser developers should obviously be involved, but there should still be some discussion of the implementation of each new feature to ensure that it can be implemented in a compatible manner in various browsers and to ensure that it isn't going to cause problems for web developers.
Most people only have two hands. If you end up RSI-ing your other hand too, then what do you do?
(I grew up with a left-handed, computer-owning Dad, so I actually got quite good at operating the mouse with the wrong hand. However, once I got old enough to have my own computer I quickly lost the knack, which is a shame.)
Slashdot Mirror
Funnily enough I was having a similar conversation with someone at work last week. It seems that our Intranet authenticates via an LDAP bind, and when I found this out I thought "huh?!" and went to talk to the guy responsible. Of course, I didn't really have any better answer for him because although it's very easy to say "Just use Kerberos!", I only really know the basic principles of it and not really the practice.
So, my question to you is... do you have any good pointers to a nice, simple "getting started" HOWTO for doing Kerberos auth both through PAM and from my own software? Also, I was under the impression that under Kerberos you're not supposed to share your password around, but instead present tickets; how does that work in an app that just accepts a username and password? (Like, say, a Jabber server, or login at the Linux console, or when doing HTTP auth.)
I understand your position as essentially being "Don't pave over shitty programming languages by adding another layer on top -- just design a better programming language!", in which case I agree with you wholeheartedly. If an IDE can infer/guess/generate something, why can't the compiler?
I've become interested lately in network-based backup. That is, I don't have any dedicated "backup media", but instead I just ensure that my important stuff ends up stored on the hard disks of at least two computers somewhere. Right now my solution to this is lame: I just copy the stuff about manually. This means I don't have any idea where a file can be found, there's no record of which copy is the "definitive" copy (ie, the one I should edit), and there's no automated way to restore everything. I've been hoping that someone would come along and make a tool to make this easier.
I found a half-finished thing called Brackup which looks like it was trying to go in this direction, with the extra ability to backup to things like Amazon's network storage service, and with encryption so that you can (with the appropriate amount of caution) back up to systems you don't necessarily trust with your data. Then you just need to back up the much-smaller "index file" to some removable media and store it somewhere safe.
Ideally, though, I want something that's one level above that where it just figures out itself where everything should be replicated to based on conditions like "all of my documents must be stored at at least two premises", and it'd then know that it's not sufficient to back up stuff from the desktop machine in my house to the server in my house -- it must use a host outside my LAN. It would also keep track of the amount of space allotted to backups on each machine and avoid using up too much space, warning me if it was unable to satisfy my criteria so that I can either add more targets or increase the allotted storage space.
The main thing I like about network backup is that I don't have to fumble about with physical media. All of my computers have got spare disk space, and the disks are already there and plugged in, so why screw about with DVD media or tapes? Backups need to just happen automatically in the background or I'll never bother to make them.
I think the most likely turn of events is that people won't pay any attention at all and go on using Windows 98. At least, that's what I expect most of my company's clients to do!
Indeed. I haven't had a printer for about six years now, since my cheap Canon inkjet printer ran out of ink and I binned it when I moved house. I can't say I miss it. The only times I can think of when I could have used a printer are when I needed to refer to some information away from the computer, but I find a small notepad and a pen work just fine in most of these cases. (I've been using the same notepad for the past few years, too, and I've used less than half of the sheets in it.)
WebKit is comparable to MSHTML, which is where most of the bugs and flaws attributed to Internet Explorer actually live. Safari is a front-end to WebKit, and Internet Explorer is a front-end to MSHTML.
(and MSHTML isn't really an accurate name for the component I'm talking about, but MS just calls it "Internet Explorer" -- hence "Internet Explorer is part of the OS" -- so it's the best label you can get for it really.)
Having been in situations where I (as a user) see a different filesystem to other users and to the system itself, I have to say that while it's a nice idea on paper it's very confusing in practice. For example, try using the "subst" command in NT. This creates a symbolic link in the kernel's object tree between a drive letter and a directory on some filesystem, effectively aliasing that directory onto a drive letter. However, since each session has its own view on the object tree this drive letter appears only for the user that ran subst.
This works just fine as long as you don't try to talk to a system service, since that service will be running in a separate session and won't be able to "see" your drive letter. The UI for this system service asks you to choose a file, and since the UI is running as you it allows you to pick a file from your alias path. However, the service itself is running in a separate session which either doesn't have that drive letter at all or has it pointing somewhere else entirely. Strange things happen and it can be hard to figure out exactly what's causing it.
Taking this outside the realm of the hypothetical: parts of Windows Installer run as a service, so you can't actually run MSI files from a substed drive: the service parts of Windows Installer can't "see" the substed drive to access the MSI file. Also, taking Windows Services out of the picture, several non-technical users at my company have sent me email telling me to look at T:\document.doc, where T: is a mounted volume from a server. Of course, that volume is mounted under a different letter on my computer, so I have to figure out what their idea of T is so that I can map it onto my equivilent.
The current recommended way for a Windows application to bundle DLLs is to just put them in the directory with the executable. The application's own directory is also searched when loading a DLL and takes priority over what you find in the Windows directories except for a few special cases where attackers were putting modified versions of core Windows DLLs in application directories to cause strange behavior.
This has been the case for quite a while. There's not really any reason to install your library into the System32 directory. I'll give it to you that Windows should really make it easier to keep third-party libraries separate from the core ones, but a library intended to be shared between multiple apps can easily add an entry to the PATH, at least until the path ends up too long to fit!
Hidden controls aren't really necessary, since Windows has an API specifically designed for providing information to assistive technologies. An app that draws its own controls just needs to implement the necessary discovery interfaces and a properly-written screen reader should function properly with it.
Admittedly, the hidden control solution would probably be easier for something as simple as Solitaire.
If your goal is simply to replicate data from an Exchange server in a CalDAV server, I can't help but think it'd make more sense to simply provide a proxy that talks CalDAV on one end and Exchange on the other end and translates the data direct from the source. Certainly less troublesome than constant two-way syncing, especially if that syncing is done on the client.
I write open source software. However, I am interested in quite a narrow set of projects, due to constraints on my time, my knowledge and my interests. I feel that the compensation I get from working on something that interests me is that someone else, who has different interests and skills, will write something that I need but which I don't necessarily want to write.
Compensation doesn't have to be in the form of money. Of course, this philosophy doesn't work so well for a business, but as a person I'm happy enough with this arrangement and I'd guess I'm not the only one given the large number of open source projects out there.
When I was at university (in the UK) they had in the computer science department six large computing labs. When I started, two were running SuSE Linux and four Windows. The next year, one of the Linux labs was converted to Windows. The year after that, the remaining Linux lab was converted to Windows. During the year when there was only one Linux lab, it was rarely used. I used it often because it was quiet and there was no queue for the printer.
In all my time there, there was only one class scheduled to be in that lab each week, which I was a member of. It astounded me that students would come into the class, sign in to say they had arrived, and then go and sit in the nearest Windows lab -- on the other side of the building -- just to avoid using the Linux system. This caused some upset because that lab was being used for a different class at the same time and so it got very busy. When the students were asked not to do this, they protested very loudly saying that they didn't know how to use Linux. This was ridiculous since the class pretty-much just involved researching stuff on the Web and writing a report. Once you'd figured out how to start up Firefox and either KWord or OpenOffice Writer you were golden. (It was a pretty crummy class -- it was one of the mandatory business/ethics/whatever classes that they had to have to get the degree BCS certified.)
I think the advantage that this approach has over Cedega is that the effort to get the game running will (in theory, at least) be done by the game developer rather than the end-user. They will, after making their Windows game, try to compile it against this new library. No doubt some odd things will happen, but they can patch those up a lot more quickly than they could do a complete port. The end user just gets a normal (if slightly bloated) Mac binary that works out of the box.
If I release some software that links against a completely unmodified GPLed library, should I be required to licence my software under the GPL? If all it's doing is binding (at runtime) to an already-available shared library, I'm not entirely convinced that the GPL should "infect" me in this case. Of course, if I distribute the shared library myself along with a binary distribution of my product I should be required to offer the source code of the shared library, but not of my own product which does not actually contain any code from that library.
If I was to statically link so that my executable is a derived work of the shared library, I've got no qualms with the GPL "infecting" me in that case. Things get even more tricky when you consider higher-level languages that always bind at runtime, like Java. Is saying
in my source file enough for me to need to distribute my software under the GPL? Should it be? Can it be, by law?The thing that always gets me about these reactions to "terrorism" is that they seem to assume that the attackers only have one available attack vector. Why would they fly planes into buildings again if they could detonate bombs in a metro railway system? Why would they detonate bombs in the metro railway system again if they could... well, I don't know, but I'm sure they could think of something.
The reason these suicide attacks have worked so well is because no-one was expecting them. They aren't going to do the same thing again. There are plenty of ways to cause distruption and terror if you've got a bomb and someone who doesn't care for their life. Instead of focusing on what they've already done, worry about what they might do next.
I recently did a "repair" install on a Windows 2000 system. The system in question had Service Pack 4 installed, but of course the repair replaced everything with original distribution files. Not quite everything, though: it seemed to leave behind a few SP4-supplied drivers and libraries so that it just bluescreened on boot. I fixed it by booting in "Safe Mode" and running the SP4 installer to re-upgrade everything. Fun times.
Blueyonder have always been quite a nice ISP, in my experience. Back in my dial-up days I had unlimited dial-up from them on a second line and I left it connected pretty-much 24/7 and they didn't seem to care. I figured this was because I got my telephone line from them as well, so it wasn't really harming them. At about that time all of the BT-based "unlimited" ISPs were using automatic cutoffs every hour or two, whereas I'd keep connections up for weeks at a time. It doesn't really suprise me that they'd be liberal about bandwidth usage too.
I guess you've probably already solved this for yourself, but for the benefit of anyone else wandering by...
The dotdeb alternative repository has more up-to-date packages aimed at those running "LAMP" servers. It has PHP 5, Apache 2 and MySQL 5 packages (amongst others) that are quickly updated in response to new releases. I use it on my rented server where I provide hosting services to some of my friends and it has worked like a charm so far atop the base Debian Sarge.
What did you manage to do with presentational HTML that you couldn't do with CSS? IE's lack of CSS table support notwithstanding, CSS is generally thought of as a superset of the capabilities of presentational HTML, so I'm curious as to what things you see as lacking in CSS.
The main reason for CSS tables is so that you can present a grid-like layout to a desktop browser while presenting a more linear, compact layout to a handheld/mobile device. More generally, though, the reason is the same as for everything in CSS: keep the presentation separate from the content so that you can change the presentation easily.
If you want to complain, complain about Internet Explorer. Mozilla, Opera and (as far as I know) Safari all support the CSS table rendering model, which can do almost everything that HTML tables can. The main thing it lacks is support for colspan and rowspan, but for your average website layout (banner across the top and one or maybe two sidebars beside the content) you can get away without using either.
Of course, Internet Explorer only supports the bare minimum of the stuff in that chapter, and even then only when applied to HTML tables. Nor does Microsoft plan to support it in the near future. Most people don't even know that CSS can do table rendering because of Microsoft's lack of support, but the truth is that for all of CSS's warts, simple table-based layouts are actually right there in the CSS2 spec and will work just fine in every modern browser except Microsoft's.
I'm not a big MySpace user, but a lot of my (adult) friends use it quite a lot for the "Music" section. By being attached to a big media company they've managed to get an official presence for almost every major label and band on that site, and they also allow unsigned/smaller bands to register themselves. My friends trawl around the music section looking for new bands, and the group of my friends that are in a band of their own use it to promote said band to fans of similar bands.
The pure social networking bit is mostly for the kids, but the music section seems to attract young adults a lot more.
Here in the UK we have a law called the Disability Discrimination Act which, amongst other things, requires company websites to be accessible to disabled users. I find that hinting at possible legal action for non-compliance with this law is a good way to get some leverage on issues such as this. I find clients are a lot more amenable to criticisms of their suggestions when you put it in terms of "this will be bad for you because..." rather than "we don't want to do that because...".
When it comes down to it, the client is paying you because you presumably know more than them about producing websites. Although they might have some ideas of there own, I've never found a client that isn't willing to compromise if you're honest about the reasons for your reservations and the potential implications of a certain decision.
History has shown that by letting the browser developers "write the spec" through their implementations you end up with features that are designed to suit a particular browser's architecture, with little thought to the ramifications of this on other browsers and on users of the features.
The biggest example of this is the IMG element. This was invented by the Netscape guys, and submitted for feedback. They got lots of feedback suggesting the element was broken because it did not gracefully degrade in browsers without support and lacked the ability to offer alternative content containing HTML markup. The Netscape guys then replied "Oh. Well screw you all because this is easier to implement and we're releasing it anyway." Years later, the ALT text issue is of little consequence as all browsers now render either the image or the alternative text, but with browsers starting to support new image formats like SVG it'd be nice to be able to offer an SVG image with a PNG fallback. W3C tried to propose OBJECT as a more general alternative, but it hasn't really caught on because there's already an existing "good enough" solution.
The Netscape guys are aren't the only offenders. Microsoft announced ActiveX which, by its very nature, cannot run on operating systems other than Windows or on other architectures. Their XMLHttpRequest feature was provided as an ActiveX library, meaning that when other browsers implemented it they had to adjust the implementation to work without ActiveX, making their implementations incompatible with Microsoft's "standard". Microsoft also offered VML, which is essentially an XML serialization of the graphics objects out of Microsoft Office. The Mozilla guys made XBL, which is a great idea but their initial implemention had some warts that made it hard to implement in other browsers; there's currently a group working on "XBL2" which will fix XBL to be more portable.
I think it's a good idea to have some external entity involved, acting as a mediator. The browser developers should obviously be involved, but there should still be some discussion of the implementation of each new feature to ensure that it can be implemented in a compatible manner in various browsers and to ensure that it isn't going to cause problems for web developers.
Most people only have two hands. If you end up RSI-ing your other hand too, then what do you do?
(I grew up with a left-handed, computer-owning Dad, so I actually got quite good at operating the mouse with the wrong hand. However, once I got old enough to have my own computer I quickly lost the knack, which is a shame.)