Regulatory compliance like Sarbanes Oxley is another huge factor. And VC's having large capital pools make it easy for companies to stay private vastly longer without needing to raise funding from the public.
It's very unfortunate for the public markets, as basic only VC's and PE get access to high growth young companies. Now most of the growth is squeezed out by the VC's and the public gets just the tail end of mature companies.
A lack of IPOs makes the startup life much less attractive than sitting around at a post-IPO company, which also means a harder time growing the startups the VCs are investing in
I guess it also likely not helpful to the VCs to have the public market having real opinions about the valuation that the fees are presumably based on, unless the company is a clear runaway success
The problem is not XML by itself. XML adds a considerable amount of complexity to JSON[1] and when writing security-oriented software complexity matters quite a bit[2]. But this is still a level of complexity that can be managed. Most other XML-based protocols aren't as bad as SAML.
No, the main problem with SAML is that it relies on XML Signatures (XMLDSig). And the main problem with XML Signatures is that the signature needs to be embedded inside the XML it's signing, instead of being attached to it, like every other signature standard on the planet.
[1] The added complexity is not just attributes and namespace, but also entities, DTD and processing instructions. If you want even the most basic type checking, XML schema becomes mandatory. This is important, since JSON doesn't need a schema for handling basic types, and in fact OAuth 2.0 and Open ID Connect do not rely on JSON Schema at all.
> If you want even the most basic type checking, XML schema becomes mandatory. This is important, since JSON doesn't need a schema for handling basic types
Huh?
> the main problem with SAML is that it relies on XML Signatures (XMLDSig). And the main problem with XML Signatures is that the signature needs to be embedded inside the XML it's signing, instead of being attached to it, like every other signature standard on the planet.
You are correct that is the hardest part of SAML, but to be clear, there's a SignatureValue element that is separate from SignedInfo.
And you can use a library to sign. I don't see many implementing their own JWT signatures either.
General question when running a single member LLC: how do you determine how much to take as salary versus business profit, and how does that affect your taxes?
I'm guessing tax liability is mostly a wash, as if you are taxed as an S-Corp, you pass through the profit into personal income and pay income tax on that.
That’s very much a talk to your CPA question - because it speaks to audit risk. The IRS wants to see you pay yourself a fair salary so you are paying the appropriate payroll taxes, social security, medicare, etc. The problem is “fair” is somewhat subjective and depends on the profitability of the business as well. I’m sorry this isn’t a clear answer, but it’s just not a clear matter. Seek advice and ask “how would you defend this stance in an audit”.
There is no difference in a single member LLC. All profits from the LLC pass though as income which is ultimately taxed at the same rate as salary (including SSI, Medicare, etc).
As opposed to the current system, where people without much money can't risk suing a company with deep pockets because they don't have the money for a lawyer.
If you have a solid case any good lawyer will take the case for a share of what you win - they won't win all such cases, but they have enough confidence in winning most that they can afford to accept a cases will be done without getting paid. However if there is loser pays lawyers cannot do this unless they either take a much larger share for the winnings (thus making it not worth anyone's time) so they can cover the lawyer fees when they lose a case they thought was obvious, or they need to warn potential clients there is risk they have to pay a lot of money on a loss.
Either way loser pays makes it more risky for a poor person to sue.
Money obviously is a factor in any case. But, if you hire a lawyer, you at least have control of the costs. "Loser pays" means you pay for the company's Big Law outside counsel if you lose.
It could just be capped at the lower of what the two legal teams charge. Both should have to submit their bills to the court, whichever charged less is the cap on what the loser has to pay for the other party's legal fees. That way each party is at most on the hook for twice what they paid their own legal team, assuming no other damages or penalties.
This is gameable (for instance by disclosing millions of unrelated pages of content during discovery). All you really need is for the judge to look at how much each legal team charged for what and make a ruling on what's reasonable for the loser to pay and what isn't.
> This is a huge burden on the electrical grids, and Tesla or EV's get to hand that problem to someone else.
They don't exactly get to push it onto someone else. Large loads like this come with demand charges. In some areas, they might be $5/KW, in others I've heard of >$10. A single megacharger would be $5-10k on top of the actual energy used.
It is high enough that I'd expect them to start thinking about battery buffers at charging sites to mitigate the cost.
That already happens at a smaller scale, with things like Freewire.
See the chart halfway down here:
https://blog.thermoworks.com/coming-heat-effects-muscle-fibe...