"I have a mind like a steel... uh... thingy." Patrick Logan's weblog.

Search This Blog

Saturday, November 10, 2007

More on QCon

The couple of posts about QCon so far were parts of my experiment with the email-to-the-blog capability. It's simple and it works, and I did not have to lug my laptop around the conference.

However blogging at a conference wound up with the my usual pattern: start out with some items on the first couple of sessions, then the inevitable happens. I meet people on the breaks and the conversations fill up available time, and are more interesting than anything I could blog about.

So to catch up on some thoughts...

Stefan Tilkov kept a pretty good log of the sessions he attended. He put together the agenda for Thursday's SOA/REST track. That whole day was great fun and engaging. The combination of speakers was pretty much a full complement of who you'd like to hear address the issues from any of the perspectives.

The RESTful presenters overlapped little in their content. Anyone attending (or viewing the videos after -- need a link here) should have come away with a good sense of what it means to work with HTTP rather than against it. I mentioned Steve Vinoski's introduction to REST that launched the day (and subsequent back-and-forth salvos with the WS-* folks.) Pete Lacey demo'd a RESTful expense report example using a browser, command-line scripts, Excel, and Word. Well done. He had a lot more to show -- his suite of examples would make a good hands-on tutorial.

Dan Diephouse (who really knows how to order wine, but doesn't quite know when to stop :-) talked about atompub in particular. The Q&A got into some back and forth on "batch" and other topics that kind of stretch the current atompub specification, leading me to wonder: what does anyone *mean* by "batch" -- I can think of several variations -- and why do we try to squeeze any of these activities into atompub per se? Certainly the feed format is a useful one for learning about the results of batch activity. Finding some RESTful but not necessarily atompub mechanisms useful for "batching" may make some good experiments.

Earlier in the day Sanjiva Weerawarana's session included valid explanations of the complexity of HTTP and atompub, and the effort expended getting atompub settled. My thoughts were that observation does not really speak well about the WS-* specifications. Sanjiva repeated that WS-* are mired in vendor politics, poor implementations, and that we end users should have to understand much about them. Arguments I've heard more than once before, but still make me uncomfortable. Are these supposed to put me at ease?

Well, we went out and had fun later anyway. The WSO2 folks are looking, learning, and supporting REST just like the rest of us. So to speak.

I like that atompub has not attempted to specify too much (yet), and fear things could get out of hand, but at least we have something far simpler and easy to use right now. Technical details HTTP and atompub were discussed all day because doing so is *practical*. They are fairly easy to understand even if there are devils in some of the details. There is little hope or encouragement for taking a similar approach to WS-* and best advice we are given is not to worry about them, let the implementors handle it for you, rely on the "tooling".

Which gets back to Pete's presentation: his use of Excel, Word, Firefox, and Ruby was a great demonstration of leveraging the web. The web has won, of course. Thinking back to the Inforworld SOA conference held a year and a half prior to and two blocks away from the QCon conference seems like light years ago, with vendors pushing all kinds of proprietary nonsense on the unsuspecting.

As Sanjiva joked, the new "RESTful Web Services" book is the New Testament. But REST is more of a science to WS-*'s religion. The WS-* leaders ask us application developers to take a leap of faith following their proprietary tooling. REST / HTTP is simple enough to prove to yourself with the tools at hand.

Oh and Jim Webber's presentation is not to be missed, when you can get to the video. I laughed throughout. (Paul Hammant was at QCon the day before but could not attend Thursday. What I'd give to catch Jim and Paul in the same room!)

Jim's presentation rounded out the REST / HTTP agenda -- his illustration of following a workflow via HTTP makes the whole "engines of hypermedia" or whatever you want to call it very clear.

Thanks, Stefan, for organizing a really great day. The audience discussions were great too, with Stu Charlton and others saying stuff.

Friday, November 09, 2007

Can't you just use the web?

Someone posted a link recently to an apparently interesting video. Clicking on the link, this is what I get. I'm sorry, I have to join facebook to see your interesting video?

What about just putting it on the web? Gaws.

Patrick Mueller adds in a comment...

Here's the sad part. The movie is already on the web; FaceBook doesn't actually store anything at it's site, it's all pass-through. The movie might well be at YouTube. All FaceBook does in this case is serve as a bottleneck.

Capability-Based Security and Javascript

Via Ted Leung...

Ben Laurie has posted some initial information about the Caja (Capability Javascript) project that he is leading at Google.
About a month ago I came across some information that Mark Miller is at Google working on capability-based security. Turns out he is on Ben's team. This will be useful stuff for moving web and application security forward.

And it is open, as you might expect.

Thursday, November 08, 2007

Quote of the day

Jim Webber to Sanjiva Weerawarana, after several expletives re: Sanjiva being an author of WSDL...

"I will hug you later... In a kind of Borat style."

Steve Vinoski's session

Steve is up in the QCon track on SOA and REST. His presentation is set up as a dialog between himself (as REST guy) with a hypothetical SOA guy. That guy's dialog is derived from actual correspondence Steve's had over the years. (He also stated that for the last 15 years he's been constrained by "buy my product" but he has no such ties today).

The session is good, a good intro to REST, but the interaction with real SOA guys in the audience is frightenly familiar to those we've all seen on the web over the years. As he said, he's taking some arrows for later REST speakers today. (Those SOA arrows are pretty weak thankfully. :-)

Lego or Negotiation

James Noble's keynote at QCon this morning. Well done performance on two theories of software around in 1968. The dominant one being software as building lego cathedrals. The other being software as accumulating small, negotiated victories. This is the one we've got and need to embrace. Hopefully there's video of the talk.

Wednesday, November 07, 2007

Made it to SFO

Meetings ended early. Got on standby flights. So much better than getting in at 11:30.

Testing with this to see if my blog-by-mail is working.

Tuesday, November 06, 2007

Global Security

From Douglas Crockford's The Department of Style...

There is one problem in JavaScript that is bigger than all of the others put together: The Global Object. All compilation units are thrown into a shared global container. This gives each unit full access to all of the other units. All units get exactly the same rights and privileges. This turns out to be a huge mistake. It is the root cause of most of the security problems in the browser...

In the long term, I want to replace JavaScript and the DOM with a smarter, safer design. In the medium term, I want to use something like Google Gears to give us vats with which we can have safe mashups. But in the short term, I recommend that you be using Firefox with No Script. Until we get things right, it seems to be the best we can do.

Understanding OpenSocial

Here's my initial, superficial, and brief, take on OpenSocial, as I understand it so far. There are several aspects to OpenSocial, the top two being that there is a Javascript, "gadgets" oriented part, and there is a server, atompub / gdata part.

The part that interests me most, and that has the wider implications in the long run, is the atompub / gdata part. Facebook can make a proprietary api "more truly open," as Mark Cuban says. But that just becomes the means for more easily having "third party" support for an OpenSocial "gateway", if you will, for Facebook.

In that same article Tim O'Reilly focuses too much (as I read it, solely) on the Javascript / "gadgets" part of OpenSocial. That's missing what will, or should, become the key to OpenSocial having a bigger impact on the web, in the long run, that either Facebook or MySpace. Combined, in my opinion.

There are all kinds of "innovation happens elsewhere" implications of the OpenSocial atompub / gdata part that overshadow "gadgetry". From the OpenSocial docs...

The OpenSocial API is a set of common APIs for building social applications on many websites. There are two ways to access the OpenSocial API: client-side using the JavaScript API and server-side using RESTful data APIs.
And so, there is no reason the OpenSocial RESTful APIs, even the Persistence API, have to be served by Google. It seems to me from these docs that Google assumes many sites will support these APIs.

DSL: Better than you think

Phil Windley writes about creating a domain-specific language...

I'm a big believer in notation. Using the right notation to describe and think about a problem is a powerful tool--one that we're too eager to give up it seems. People seem to believe that (a) all languages are pretty much the same and (b) the world has enough notations. While (a) is true in theory (they're all Turing complete, after all) the power of a notation isn't in what it can accomplish, but the ways in which it allows you to think. I'll deal with (b) in what follows.

Monday, November 05, 2007

Android and the Open Handset Alliance

Google continues their "open play" if you will, into the mobile world.

Despite all of the very interesting speculation over the last few months, we're not announcing a Gphone. However, we think what we are announcing -- the Open Handset Alliance and Android -- is more significant and ambitious than a single phone. In fact, through the joint efforts of the members of the Open Handset Alliance, we hope Android will be the foundation for many new phones and will create an entirely new mobile experience for users, with new applications and new capabilities we can’t imagine today.

Openness. Hmm. What a concept.

Blog Archive

About Me

Portland, Oregon, United States
I'm usually writing from my favorite location on the planet, the pacific northwest of the u.s. I write for myself only and unless otherwise specified my posts here should not be taken as representing an official position of my employer. Contact me at my gee mail account, username patrickdlogan.