IT Conversation with Anne Thomas Manes. Network World named
Anne one of the 50 most powerful people in networking. Hear her
insights in the all-new IT Conversation:
- When will security and reliable messaging be part of web-services products?
- Which web-services vendors offer the best interoperability?
- Is the web-services specification process effective or a disaster?
- Will the EAI vendors survive the shift to open protocols for integration?
- Will SCO's Linux lawsuits destroy open source's GPL?
- Is C# "Java--the next generation?"
6.2 mb, 27 minutes, recorded 8/18/03]
Posted Tuesday, August 19, 2003 11:03:24
This IT Conversation with Anne contains so many valuable
insights, it's worth a more detailed summary than most. Here are
some of the things Anne has to say:
- Advanced Web Services. Anne expects to see WS-Security
implemented in software products in 6-12 months. Reliability
in the messaging layer will take more than a year.
- Interoperability. Older products don't interoperate well.
Anne recommends the products from Systinet,
The Mind Electric,
IONA, and CapeClear
because they provide the best Java/.NET interop. She says to stay
away from Apache SOAP,
which was replaced by Apache
Axis. Anne is a big fan of WS-I's
- Web-Services Protocol Development. We spoke at length
about the unusual way in web-services protocols have been developed.
As Anne pointed out, web services are all about interoperability,
so there was no way to have implementations in advance of the
standards--the traditional sequence for standards development.
We agreed that progress has been extraordinarily rapid, despite
some in the press who complain that it's taking too long.
- Scalability. I asked her about the lack of real-world
scalability testing, and Anne pointed out that we need real-world
applications before we can really understand scalability. She
specifically mentioned gigabit Ethernet and proposals for compressed
XML as technologies that will obviate some of the current inefficiencies
- The Future of EAI Vendors. Because good EAI software
includes much more than connectivity, it's fairly sticky. By way
of comparison, Anne pointed out that even though WebSphere and
Web Logic are both based on J2EE, you wouldn't likely switch from
one to the other unless you had a specific problem with your current
product or its vendor. Good EAI software is equally sticky.
- SCO's Linux Lawsuits. Anne is "very disappointed"
with the current situation. She's particularly worried that IBM
has raised the issue of the General
Public License (GPL) and that SCO is therefore challenging
GPL's validity. If the courts finds against the GPL concept, the
entire open-source community will be affected.
- Novell's Acquisition of Ximian. Novell picked up GNOME
but the latter is the more interesting. Microsoft put C# and the
Infrastructure (CLI) into the public domain. These are now
ISO/ECMA standards. Mono is an open-source Linux implementation
of CLI, which means that compiled (bytecode) versions of C#
programs can be run on Linux. Anne says that "C# is Java--The
Next Generation." If programmers are willing to develop under
Windows, C# and Mono may offer them true portability.
Posted Wednesday, August 20, 2003 12:09:17
Conversation with Paul Bausch. In the latest IT Conversation
web-application developer and co-creator of Blogger talks about
his new book from O'Reilly in which he says Amazon.com is an application.
Paul dives into Amazon.com and brings up its buried treasures. Whether
you're just a frequent book buyer, an author, publisher, bookseller,
or just want to make a few extra dollars referring traffic to Amazon,
Paul's new book has it all.
2.4 mb, 11 minutes, recorded 8/27/03]
Posted Sunday, August 31, 2003 4:00:17
Conversations on 3-6 Week Hiatus for Upgrades. As many of
you have observed, the quality of our telephone recordings leaves
something to be desired. Over the past four months we've tried a
variety of telephone "hybrids" (devices that isolate caller and
studio audio) but with little success. We finally tracked down the
problem using some fancy equipment to analyze our phone lines. We
discovered that our lines suck for the same reason we can't get
DSL: we're 22,000' from the telco central office. By the time the
audio gets to our studio, we've lost about 28dB and we've picked
up a whole lot of induced noise and hum. It's so bad that we've
had to cancel a number of interviews after recording them. Yes,
what you've heard are the good ones.
We're going to halt future recordings until we can solve the quality
problem. FYI, we're pursuing two solutions. First, we've ordered
digital phone service, based on IP telephony, from the local cable
company, Comcast. We're betting even money it will work. Our concern
is that the latency and jitter of IP telephony will wreak havoc
with our DSP-based hybrids. The hybrid manufacturers can't tell
us what to expect--they've never tried it. Plan B is to use ISDN.
We're more confident this will work, but it's also more expensive.
Not only do the lines cost somewhat more, the interface equipment
is also substantially more expensive. But if IP telephony doesn't
do the trick, ISDN is the direction we'll take.
Depending on our success--wish us luck!--we'll be back on the
air with new IT Conversations by the end of September.
Thanks for your patience and continued support.
Posted Sunday, August 31, 2003 5:06:18
Any Good Books Lately? With IT Conversations on hiatus
for a few weeks, I'm going to spend some time revamping its web
site and planning new shows. In particular, I want to interview
authors of the most interesting books for IT professionals.
If you've recently read (or written) a book whose author you think
I should consider for a future IT Conversation drop
me a line with the details. Even if your own book. Don't be
Posted Monday, September 01, 2003 3:10:33
Behind the Curtain at WS-I. John Hogan, news editor at
SearchWebServices.com, spoke with some of the members of WS-I's
board about what happened along to way to WS-I's new Basic
Profile 1.0. WS-I isn't a standards body. Instead, they've released
this important document that tell us which of the many standards
to use and how to combine them if we want to develop interoperable
services. From Hogan's interview:
Other examples from the WS-IBP itself include:
- "The working group dropped the idea of SOAP encoding interoperability
in favor of XML Schema as the type system for Web services."
- "Fully 44% of the [interoperability] issues we tackled, of the
200-odd issues, were around the WSDL specification," [Chris Ferris,
chairman of the Basic Profile working group and a senior software
engineer at IBM] said. The working group had to clarify WSDL and
"clean up the ambiguity aspects of it," such as how to use it
with SOAP and the Universal Description, Discovery and Integration
- Don't use DTDs or processing instructions. They're out!
- Use HTTP POSTs, not the new Extension Framework.
- IP port 80 is acceptable, although not ideal.
- The handling of HTTP status codes is explained.
- Cookies are permitted as a way to manage state, but only only
under certain circumstances. All XML Schema must be derived from
Read and use the WS-IBP. You'll be gald you did. WS-IBP is a huge help to us all. Highly recommended.
Posted Wednesday, August 20, 2003 4:02:15
Web Services Are Not Distributed Objects. This is an excellent
article by Werner Vogels to be published in IEEE Internet Computing.
Trust me...one of the best. His six misconceptions:
Regarding REST, he writes, "It is becoming quickly irrelevant for the bigger picture
of web services, given that transport independence is surpassing the
importance of the 'web'part of web services. The REST principles are
relevant for the HTTP binding, and for the web server parsing of resource
names, but are useless in the context of TCP or message queue bindings
where the HTTP verbs do not apply."
- Web services are just like distributed objects.
- Web services is RPC for the Internet.
- Web Services need HTTP.
- Web services need web servers.
- Web services are reliable because they use TCP.
- Web services debugging is impossible.
Werner writes well, too. I recommend his weblog, and I'm looking forward to his new book.
Posted Monday, September 01, 2003 3:05:20
The Madness? Jeff Schneider of Momentum Software is on a
rant about an article
in Web Services Journal written by two IBMers, John Medicke
and Thomas Pack. Jeff sees this as another in a stream of articles
telling the world that coarse-grained services are the only way
to go. He wants us to acknowledge that fine-grained services are
okay when latency is not an issue, specifically for local systems
(i.e., within a box, cluster, or LAN) or even when widely distributed
systems are linked in such a manner that latency isn't an issue.
He points out recent Microsoft WSE and IBM WebSphere enhancements
that optimize local service calls by bypassing sockets (the transport,
essentially) and even XML.
Jeff makes some good points, but not to the extent that I think Medicke and Pack are wrong. First of all, can we really use the label "web services" for local interfaces that neither use XML nor talk over a wire? I think not. They're degenerate cases. Second, Jeff refers to latency and usability as the criteria for selecting the coarseness of an interface. I accept that, so long as "usability" includes maintainability and what Medicke and Pack refer to as an "outside in" approach. I agree with the IBMers that a well-designed SOA should, for example, minimize the need for client applications to help maintain the state of the service. And the best way to do that is to move entire documents rather than create and manage a session to exchange little bits of information.
I used fine-grained interfaces all the time--probably 100x more frequently than I use those that are coarse-grained. But I don't consider the former to be web services or part of an SOA.
Posted Monday, September 01, 2003 1:56:05
The End of Systems Integrators? Erika Morphy in CIO Today
Manazine writes, "The short answer: Not likely.
"The longer answer: There are other competitive and market-development pressures that are eroding systems integrators' stranglehold on IT budgets."
Posted Saturday, August 30, 2003 9:42:58
Web Services Hackers. "The essence of this attack is to
exploit a mechanism of the XML parser in order to access resources
outside the current document," [Steve Orrin, CTO at Sanctum
Inc.], explained. "This can be used to attack the current server,
other servers, or to download data from the current or other servers."
Posted Thursday, August 28, 2003 7:57:18
Coupled--Now Available as a PDF (at a 63% Discount)
As an alternative to the hardcopy edition, you can now download
my latest book in PDF format at a substantial discount using PayPal
or BitPass. From the time you
purchase the eBook version, you have 7 days during which you can
download the content up to 10 times. The PDF files can be printed,
but the text cannot be copied or modified.
Amazon.com Review of the Week:
book provides an excellent explanation of why companies should
be looking at Web services. It approaches the topic with an
honest and straightforward description of the problem space
Web services are targeted to address and the characteristics/short
comings of those technologies as they exist today and as they
are expected to evolve. Perfect for IT decision makers who
are evaluating how/where Web services fit in their corporate
--James Snell, IBM, author Programming
Web Services with SOAP
more Amazon.com reviews.)
Companies under Attack? "The recent spate of distributed
denial of service attacks has diversified, with some attackers apparently
now targeting hosting companies." [Source: Netcraft]
Posted Friday, August 29, 2003 4:52:35
About SOBIG.f. Julian Bond has compiled a list of Frequently
Unanswered Questions about the recent SOBIG.f virus outbreak.
Posted Sunday, August 24, 2003 3:14:27
What's the Point? "eBay confirmed Thursday that it experienced
a power outage in its Web hosting facility [Qwest in Santa Clara,
CA] that resulted in the entire auction service being down for nearly
three hours." It's all about interrupted power, pipe, and ping.
If hosting services can't guarantee the juice, customers won't outsource.
[Source: The WHIR]
Posted Saturday, August 23, 2003 10:41:04
SIG (Presentation) September 9, 2003, San Francisco.
Where is today's sweet spot of web-services technologies?
I'll explore the technologies that aren't yet ready for prime
time: security, transactions, reliable asynchronous messaging,
orchestration and choreography, QoS, contracts and other business
issues, infrastructure, and the big one: industry-specific
semantics. Then I'll explain why this may not be the time
to embark on complex projects, and show you how to determine
optimum project start dates.
ID World (Conference) October 15-17, 2003, Denver,
Colorado. I'm moderating a panel entitled, The Role of
Identity in Securing Web Services Panel members include
Tony Scott (CTO, General Motors), Mark O'Neill (CTO, Vordel),
John McDowall (CTO, Grand Central Communications), Jamie Lewis
(CEO, The Burton Group), and Atul Tulshibagwale (CEO, Trustgenix).
(Conference) October 20-22, 2003, Santa Clara, California.
Web Services Opportunities in the Data Center. Web
Services are one of the hottest topics in IT, but what does
it mean for outsourcers? In this session, I'll explain the
web-services infrastructure opportunities, and provides a
roadmap for outsourcing vendors. Tuesday, October 21, 2003,
3:00pm - 4:00pm.
IT Group (Presentation) October 22, 2003, Pleasanton,
California. The Missing Pieces of Web Services. Not
all of the legitimate promises of web services can be fulfilled
today. I'll explore the dark side: security, transactions,
reliable asynchronous messaging, orchestration and choreography,
QoS, contracts and other business issues, infrastructure,
and the big one: industry-specific semantics. I'll also show
you how to plan the timing of your complex web-services projects.
Tuesday, October 22, 2003, 6:30pm.
(Conference) October 28-29, 2003, Las Vegas. What's Next
for Web Services? Web Services are an interesting proposition
for organizations and service providers. They have been labeled
as the technology that will revolutionize enterprise applications.
Enterprises are increasingly exploring web services to integrate
business applications. I'll give my views on web services,
and the available business opportunities for service providers.
Wednesday, October 29, 2003, 8:00 - 9:00 a.m.
Services Decisions. (Conference) November 3-5, 2003,
Atlanta, Georgia. I'll be presenting The Missing Pieces
of Web Services after lunch on Monday, November 3.
and Contact Info
The IT Strategy Letter is published weekly by RDS
Strategies LLC. Much -- but not all -- of the content is published
earlier in Doug Kaye's