By the time you get this, I'll be in Las Vegas attempting to cover three simultaneous conferences: COMDEX, Apachecon, and Jupiter's cdXpo. Expect coverage of all three in the next edition.

• IT Conversations
  • Phil Becker: Digital ID World
  • Digital ID World (audio from the sessions)
  • Dave McComb: Business Semantics
• The Semantic Web
  • Clay Shirky
  • Tim Bray
• Web Services
  • Gartner: Web-Services Security
  • O'Neill's Reaction to Gartner
  • Who Owns Gartner? (while they're on our minds)
  • ZapThink: Rethinking Software Pricing in a Service-Oriented World
  • Kaye: The Scalability Advantages of Message Queueing
  • Mossberg: Open Source Needs Walt
• Web Hosting and Other Stuff
  • Grid Computing: Just Smoke and Mirrors?
  • Kaye: Managing the Operations Staff Challenge
  • Kaye: The Downside of Moving Up Market
  • Werbach: For My Next Treo Trick...
  • iPod Dies at Altitude
• Subscription and Contact Info

Phil Becker on Digital ID World (a new IT Conversation). After building two public companies, Phil Becker was enjoying retirement, but like all serial entrepreneurs, he was unwittingly vulnerable to new ideas. That's when he saw the light--that digital identity would be the key to unlocking and managing virtually every application of computers. With strong backgrounds in both media/communications and computer/Internet technology, Phil launched a web site, a newsletter, a trade show, and now a hardcopy magazine, all named Digital ID World.

Coming off the heels of a successful second Digital ID World conference, Phil gives his perspective on digital ID. What is it? Why is it so important? Where is it going?

In this IT Conversation, Phil explains the difference between "identity management" and "management by identity" and how digital ID has moved beyond rudimentary single sign-on (SSO) into federation across administrative and corporate boundaries. Topics in this interview include the Liberty Alliance, SAML, privacy regulation, the role of digital ID in security, and the identity of "things," not just people. Phil also looks to the future, discussing the role of trust ("it can't be built, manufactured, or bought"), and standards ("we're compressing a four- to six-year process into three years").
Posted Wednesday, November 05, 2003 10:22:55 AM

Digital ID World (Hear it for yourself.) In case you missed it (or even if you didn't) you can now hear any of the presentations from last month's conference in Denver.

Here's the panel I moderated on The Role of Identity in Securing Web Services (Jamie Lewis, Burton Group; John McDowall, Grand Central; Phil Windley, Windley Group; Atul Tulshibagwale, Trustgenix)

Listen: MP3 -- Windows Media -- Real Audio
Posted Tuesday, November 11, 2003 3:45:31 PM

Dave McComb on Business Semantics (a new IT Conversation). As anyone who's taken on a large-scale multi-party integration project will tell you, "the plumbing is the easy part." By far the greatest challenges come from reconciling semantic differences between systems and organizations. In this interview, Dave answers some of the hottest questions in today's world of semantics.

In a recent essay, author Clay Shirky challenged the veracity of the Semantic Web. Dave agrees in part, but goes on to defend the concept and its importance to solving our profusion of data and our inability to make use of it. Ever tried to use Google to search for anything written by George W. Bush rather than about him? [Dave's recommended book about the Semantic Web.]

We also discuss the quality of metadata and the challenges of tagging performed by humans. Dave compares the simplicity of the ontology of the species to an ontology for fine art, which virtually requires an idiolect.

And don't we all remember the funny-if-it-weren't-so-sad incident of the Mars Climate Orbiter, which crashed into the surface of the planet because a function written to accept data in English units was passed a metric-system value. Or was it the other way around? It's all about semantics.
Posted Tuesday, November 11, 2003 3:26:54 PM

Shirky: The Semantic Web. "First, take some well-known problem. Next, misconstrue it so that the hard part is made to seem trivial and the trivial part hard. Finally, congratulate yourself for solving the trivial part."

Another great essay from Clay Shirky. He's right on, IMO.
Posted Friday, November 07, 2003 4:59:22 PM

Bray: The Semantic Web. Tim Bray, the co-creator of XML, posted this response to Clay's essay questioning the potential success of the Semantic Web. Tim's writing is, as usual, thoughtful and with the perspective of someone who's dealt with such issues for some time. But I've worked in the metadata world as well, and I tend to side with Clay on this one.

Tim uses as an example the eXtensible Business Reporting Language (XBRL) and suggests that companies could post their financial data at URIs such as http://data.company-name.com. He writes, "There is very little information as valuable as quantitative data about the performances of businesses and markets; if a Machine-Processable (not to say Semantic) Web can't be built in this domain it can't be built anywhere."

Really? In the big scheme of things, I don't think financial data is all that important. It's also already far more structured due to existing reporting requirements than most of the other information in the collective human knowledgebase. As Shirky might say, isn't formalizing financial data the easy part of the job?

Earlier this year, Dan Bricklin began a grass-roots effort to create a poor-man's XBRL called SMBmeta (for small/medium business metadata). As far as I can tell, it pretty much died on the vine.

I like the theory behind the Semantic Web, but I remain skeptical that it will work to the extent required to build the critical mass necessary for its success.
Posted Sunday, November 09, 2003 6:14:46 PM

Gartner: Ignore Standards for Web Services Security. "Gartner advises firms to rely on vendor-provided technology to provide security for web services-based transactions until 2006, even though it may not comply with standards." [Source: vnunet.com]

But IMO, the decision isn't that straightforward. After all, look at Google and Amazon.com, both of whom offer web services which cross organizational boundaries and use relatively little security. Okay, so these aren't business-process web services, but my point is that there are many classes of web services that can be deployed today without the need for complex proprietary security solutions. At the same time, I have to say that the Gartner report is probably about right, that it will be 2-3 years until one can find a fully standardized security stack based on WS-Security and its add-ons that is sufficient to support complex web services which cross security domains.
Posted Tuesday, November 11, 2003 4:40:16 PM

Mark O'Neill Sees It Somewhat Differently. "Gartner are not recommending that Web Services security technologies are not used. They are referring to the security pattern specifications in particular...Much of this debate seems to be rooted in a belief that you must use Web Services technologies to secure Web Services traffic. In some ways, this is like saying you must use lions and tigers to secure the entrances and exits to a zoo. It doesn't logically follow." He concludes, "So, I'm in agreement with Gartner on this one." This is just the tease. Read Mark's entire essay.
Posted Thursday, November 13, 2003 2:45:43 PM

Who Owns Gartner? And speaking of Gartner, an important article in Information Week. "Silver Lake Partners, a Silicon Valley private equity-investment firm, gained 49.4 million shares of Gartner stock, or about 38% of outstanding shares...[Silver Lake's limited partners] include more than 150 'leading technology executives from the top technology firms.' Some of the names you might recognize: Michael Dell, Larry Ellison, and Bill Gates."

Should any analyst firm accept an investment that's so closely related to the vendors on which it reports? Isn't there an inherent conflict of interest? Gates and Ellison may not share a singular view of the marketplace, but doesn't such an investment link Gartner to the major vendors as opposed to smaller vendors and the open-source community which has no $$ to invest?
Posted Sunday, November 09, 2003 9:27:29 AM

ZapThink: Rethinking Software Pricing in a Service-Oriented World. In their latest newsletter, ZapThink's analyst Ron Schmelzer presents the arguments for various software-as-service pricing models. But that's just the tip of the iceberg. I've worked with a number of ISVs who have transitioned their products to services, and pricing is the easy part. One (of many) other challenges is adopting a services mentality.

Is your company prepared to be in the services business? Do the various departments, executives, managers, and individuals understand the differences between products and services? If your company has previously delivered software or data in the form of products, it has some important changes to consider. The Internet has already altered the nature of software-product packaging and delivery, and web services will hasten that change. For example, many software products depend on an Internet connection for registration or real-time help facilities. Delivering a service requires a very different mindset than delivering a product. You might think you're delivering the same thing, but you're not.

Consider the difference between cordless phones and cellular phones. You can buy them at the same stores, but the business models and the economics behind them are quite different. Cordless phones are traditional products. You pay for them up front, take them home, and use them. If all goes well, that ends your relationship with the manufacturer, distributor, and retailer, at least as far as that phone is concerned. If the phone fails, you'll once again interact with the manufacturer or the retailer, but it's assumed by all parties that that's a rare occasion.

Cell phones are very different. The cell phone itself is almost incidental to the service; it's the service you're really buying, not the phone. You'll select a cellular phone according to its features and price, but first you'll choose a service according to its coverage, price, and other policies. You'll have an ongoing, long-term relationship with your service provider. If all goes well, your service relationship will outlast your phone, which you may well replace without switching providers.

Consider the warranty differences, too. For the cordless phone, the warranty covers just the hardware. For the cell phone, there's also a service-level agreement. It's not too sophisticated, and it certainly gives the cell-phone provider many outs--but it does give you certain remedies for dropped calls and the like.

If you're currently a software publisher, your primary commitment to the customer is that the software works as promised. The warranty you provide with your software probably only covers the media on which the software is delivered: You'll replace defective CD-ROMs. Most shrink-wrapped software is sold as-is, bugs and all.

But like cellular-phone providers, web-services providers promise to deliver value on an ongoing basis. The relationships (and the revenue streams) are continuous. If you don't continue to meet and anticipate the customer's needs as they change over time, you'll run the risk of losing that customer. Consider these differences carefully as you shift to a services-oriented distribution model. The implications are both subtle and significant. [excerpted from Loosely Coupled--The Missing Pieces of Web Services]
Posted Thursday, November 06, 2003 7:07:25 PM

Kaye: The Scalability Advantages of Message Queueing. "While most discussions of asynchronous messaging focus on its ability to deliver improvements in reliability and loose coupling, few delve into the scalability benefits delivered by message queuing. investigates the scalability advantages of asynchronous messaging through the use of message queuing." [Source: WebServices.org; another excerpt from Loosely Coupled]
Posted Friday, November 07, 2003 10:38:01 AM

Mossberg: Open Source Needs Walt. What will it take for open-source software to be accepted for use America's corporate desktops? Perhaps one criterion is the approval of Wall Street Journal columnist Walter Mossberg. When Walt writes, people listen--corporate decision makers in particular.

In his November 13, 2003, (print version) column, Walt reviewed StarOffice 7 and OpenOffice 1.1, comparing both to Microsoft Office. He focused on ease of use and file-format compatibility. In both cases he found the open-source solutions notably weaker than their Microsoft equivalents. although improved over earlier releases. Walt also suggested that the open-source programs reflected their geeky heritage.

When open-source desktop applications get the Walt Mossberg seal of approval--that's when they'll really take off.
Posted Friday, November 14, 2003 9:46:18 AM

Loosely Coupled--Now Available as a PDF (at a 63% Discount)

Entire book: US$14.95 Major parts (4 total): US$5.95 each Individual chapters (21 total): US$1.95 each

As an alternative to the hardcopy edition, you can now download my latest book in PDF format at a substantial discount using PayPal or BitPass. From the time you purchase the eBook version, you have 7 days during which you can download the content up to 10 times. The PDF files can be printed, but the text cannot be copied or modified.

Amazon.com Review of the Week:

Grid Computing: Just Smoke and Mirrors? 21% of those surveyed think so. [Source: ServerWatch.com]
Posted Friday, October 31, 2003 7:30:45 PM

Managing the Operations Staff Challenge. "As your headcount increases, operations becomes a specialty, and you'll face your first challenge...There's always some friction between the proactive and reactive groups." My October column for The Web Host Industry Review.
Posted Monday, November 10, 2003 11:02:06 AM

The Downside of Moving Up Market. My November 2003 column for The Web Hosting Industry Review Monthly, in which I describe the risks of pursuing, closing, and keeping those larger-than-normal accounts. The lessons apply to more than just the web-hosting business.
Posted Monday, November 03, 2003 5:13:38 PM

Werbach: For My Next Treo Trick... Thanks to Kevin Werbach for posting his success using his Handspring Treo 600 to listen to Shoutcast streams over Sprint PCS. I downloaded Pocket Tunes for Palm OS, and it works like a charm. I find, however, that only streams of 32kbps or slower work reliably without buffer underflows. Still, most Shoutcast stations sound pretty good at 32kbps.

I've had my Treo 600 for about three weeks, and it's every bit as good as I'd hoped. I only wish it included a voice recorder for making notes. Apparently there's no API to the microphone that would even allow a third party to do this. And if there was such an API, someone could turn this into a WiFi SIP phone, too! Wouldn't that be cool?
Posted Friday, November 14, 2003 8:21:39 PM

iPod Dies at Altitude. I've been using my 15gb iPod to supply music in my unpressurized airplane. Two weeks ago, I decided to fly high, returning to the S.F. Bay Area from Las Vegas. At FL190 (~19,000'), my iPod got weird. I could feel the disk seeking, and the display kept resetting. Upon landing, it started up and worked fine. I checked the iPod web site and saw that the unit's max altitude is 10,000' (3,000 meters).

Fellow pilot Stephen Pierce wrote: "My job is dealing with large numbers of spinning metal (disk drives). Disk drives are *not* sealed containers. They have special filters and will equalize pressure. When you take a hard drive up high, the inside pressure will reduce.

"Hard drives work by levitating a head a very small distance from the media; unlike floppy or tape, where the media actually touches the head. The distance between the rotating media and the head is regulated using a very small wing on the head. The head literally 'flys' above the media.

"When the pressure inside the drive is reduced, the wing will need a higher angle of attack, until finally the wing stalls, and the head impacts the media. The term in the industry for this behavior is called a 'head crash'. Very apropos, no?

"In old hard drives, repeated head crashes will cause a data block to be unreadable. Modern drives compensate by relocating data from a bad block to special hidden blocks preallocated for that purpose. So, I'm not surprised that your ipod worked after a head crash; the data was reallocated at some point when the drive started working again.

"Also, a head crash will occur when you stop spinning the disk drive. In older media, this would result in a 'soft crash', usually without damage to data. Older computer users will remember programs that would 'park' your hard drive for shipment. Parking heads moves them to a position where the head will land on a 'soft', non-media spot. All modern drives 'auto-park' heads using the rotational inertia once the power is cut."
Posted Friday, October 31, 2003 3:24:52 PM