[Spivak]

The real world problem web bundles solve is distributed caching. Right now sites have pick one or a few CDNs and have a trust relationship with them and allow them to impersonate your site.

Web bundles changes this relationship so that anyone can cache sites if it benefits them to do so. If you share a link on Twitter or Facebook or Discord or Slack they can cache the page on their servers and deliver it through the connection you already have open to them.

Web Bundles also open the door for network-local caches that don’t require MitM or trusting the cache.

[cflat]

This feels contrived. Rarely do I, as a brand or content creator, want it circulating without my control. It doesn’t make business sense.

[spankalee]

It's not without your control. You don't have to use bundles or signed exchanges. You can use bundles without signed exchanges. You can bundle only some resources, and leave plenty of things like dynamic content, comments, ads, etc. unbundled.

It's a file format, there will be lots of uses.

[Spivak]

This feels like such a weird stance. I can’t imagine someone saying something to the effect of “I don’t want my DNS records just circulating without my control.” This isn’t like AP giving CNN republishing rights, this is getting a magazine from the stand at the convenience store rather than having going to the Condé Nast corporate HQ.

Like it’s your site, exactly as it would be if it was delivered by your server just delivered by someone who already had a copy on hand rather than fetching a new one every time. This is what HTTP proxies used to do, what DNS caches and browsers still do. TLS broke web caches because TLS secured the connection instead of the content.

[jariel]

It's not weird to reject arbitrary complexity.

The most important issues is the 'lack of value' - not anything else.

Complexity compounds to imbue cost geometrically, we don't need stuff 'because', we need stuff that solves real problems.

[Spivak]

For sure, but the big value prop is better speed and less load on your own servers when your content primarily comes from Twitter, Google, IG, Facebook, Reddit, etc. Small sites can use this to not need a CDN and avoid the hug of death.

If it doesn’t come with a benefit to you then it’s all good.

[cflat]

DNS is not content.

HTTP caches were always problematic from a business perspective. Great for downloading large binaries (installs) but problematic when they don’t expire as expected, or if content needs to change for contractual reasons.

[joshuamorton]

Tell that to cloudflare.

It's not like you're forced to cache things if it doesn't work for your business case.

[Spivak]

I mean you’re the one who gets to decide how long the signature is valid for just like you can choose your TTL in DNS. And a malicious cache can’t continue to serve stale content because browsers will reject it. You get a hard guarantee that your TTL will be respected.