Roy Fielding posted to the apache-httpd-dev email list yesterday 27th Feb 2005:
MARC: msg 'Happy Birthday, we are 10'.
The recent Netcraft Feb 2005 Web Server Survey found Apache was used by over 40 Million hosts.
Apache is one core element of the so-called LAMP platform (Linux, Apache, MySQL/PostgreSQL, Perl/PHP/Python), a set of open source software languages and platforms that have enabled the huge growth in Internet and web-based software in the past 15 years. O'Reilly maintain a portal site for news relating to LAMP: ONLamp Portal.
Debunking SAML myths and misunderstandings discusses SAML (Security Assertion Markup Language), and some common misundersandings and myths about SAML. A good read for anyone interested in digital identity using web technologies.
Myth: SAML is an authentication authority
SAML is an authentication protocol that is used between servers. You still need something that actually performs the login for you. All SAML can say is "you have logged in." For example, when an LDAP server authenticates a user, the authentication authority is the LDAP server even though the LDAP server may be using SAML to communicate the authorization.
In a complete authentication system, you still need to write a policy decision point to decide if a user may access a Web page. Additionally, you still need to write a policy enforcement point. This is a servlet or application that receives the authorization, checks the role and authorization, and then makes an assertion. Several companies provide commercial policy decision point and policy enforcement point solutions, including IBM.
Brian Delahunty, who works with us here in the TSSG, is posting a series of articles on using Mono (the cross-platform version of .NET). Here's a link to a posting on his weblog: Introduction to Mono - A series of articles about Mono development. And here's the Introduction to Mono article.
This is a period of history that really facinates me and includes: on Europe's western shores the Christianisation of Ireland, and the subsequent Irish missions to Britain and the rest of Europe; in Britain the rise of Anglo-Saxon dominance in England and its missions to Europe; and in the east the emergence of the Byzantine Empire, in continuation of the Eastern Roman Empire, and its battles with encroaching the Persians and others. This book covers all of these issues through the lens of how the practice of Christianity in Europe developed and formalised after the fall of the Roman Empire (i.e. the Western Roman Empire).
Tom Murphy has been writing in the Irish Independent (sadly not available as an RSS feed as yet) on blogging. He has posted follow-up information his own blog PR Opinions. It's good to see blogging entering the mainsteam in Ireland. Thanks to Bernie Goldbach for the cross links. The focus of Tom's discussion is the danger of employee blogging, and the ethical dilemas that could lead to the loss of your job. Excellent stuff.
UPDATE: Checked Tom's logs and found he's been blogging since March 2002, about the same length of time as I have. Cool....
Twenty to Watch in 2005 -- Interview -- CMS Watch
I wonder if all the overlapping areas of modern ICT did a similar 20 to watch, how many names would appear in all the lists! Interesting stuff. I'll take it as 20 to read (if they blog, and quite a few of them do).
It is good to see overview articles like this one Controlling Cyber Dissidents? discussing how blogging may be part of an emerging culture of eDemocracy.
Given the news this week of the case by so-called "McLibel two" (Ms Helen Steel and Mr David Morris) two English anti-McDonalds campaigners who had been distributing leaflets criticising McDonalds in 1984, and then were hit with a heavy lawsuit under the British libel laws, and lost. They appealed their case to the European Court of Human Rights claiming that the lack of legal funds to defend themselves meant that the libels laws were being used by large Multi-National Corporations to brow-beat anyone who disagreed with them. The Strasbourg-based court ordered Britain to pay them a total of EUR 35,000 and offer them a retrial. London has three months to appeal the decision.
Putting these two unrelated things together I see the blogsphere as a place for this type of open robust debate that is needed by the world democracy. Of course the problems arise when it used to promote racism, and so on......
In this quirky reporter style blog Read/Write Web: Web 2.0 Weekly Wrap-up, 30 Jan-6 Feb 2005 a lot of very useful information is covered. It reminds me of a lot of the content of John Battelle's Search Blog but with an explicitly journalistic stance.
This posting Paul Downey: Squared Circle Poster led me back to the flickr project where people upload photographs and tag them in meaningful ways. The poster is the result of a collaborative sub-project where people agreed to upload photographs of a circle within a square, and allowed others to reuse these images for derivative works through a creative commons license. KrazyDad took these and created a number of posters including this one. What a powerful concept!
Schneier on Security: Authentication and Expiration
Here Schneier debates the idea of an ongoing relationship and mutual interst in maintaining it, versus on-line companies keep your details even if you no longer wish them to.
InfoWorld: Study: 2004 was 'turnaround' year for telecom industry: February 01, 2005: By : NETWORKING : TELECOM This article on InfoWorld highlights what a lot of us are feeling, that things are on the up again for Telcos. I hope this leads to progress in convergence and some real penetration of value-added services into the Telcos' networks.
Independent telecom analyst Jeff Kagan called the report good news for the telecom industry. "Telecom was growing until it hit a brick wall a few years ago," Kagan said in an e-mail. "By late 2004 it seemed obvious that telecom was getting hot again. I think 2004 was the turn-around year and 2005 will hit the ground running, both domestically and worldwide. Phone companies and wireless companies and cable companies are spending again and investing in their networks and getting ready for a new level of competition with each other."
ObjectWeb has announcd that the open-source application server JOnAS is now J2EE 1.4 certified, following 9 months of testing work. JOnAS was the first open source project to be awarded a scholarship under Sun's non-profit, open source friendly license terms. JOnAS joins JBoss as the only two certified open source appserver alternatives to commercial servers.
JOnAS is a platform integrating original code with best of breed components from ObjectWeb and other open-source communities: Carol, HOWL, Ishmael, Jeremie, Jonathan, Joram, JORM, JOTM, Medor, Monolog, Perseus and Speedo from ObjectWeb; Axis, EWS, Jakarta Commons, Struts, Tomcat, Velocity, WSDL4J, XMLBeans from Apache; HsqlDB, JacORB, JGroups, Mx4J, P6Spy, XDoclet and XJavaDoc from the open-source community at large.
ObjectWeb is an international consortium of academia, corporate and individual members hosted and represented by INRIA, the French National Institute for Research in Computer Science and Control. ObjectWeb licenses the J2EE CTS under Sun's license terms friendly to non-profit and open source projects. JOnAS was the first open-source project to be awarded such a scholarship by the Technology Compatibility Kit (TCK) Review Board (Apache Software Foundation, Doug Lea, professor of Computer Science, State University of New York at Oswego, and Sun Microsystems) in September 2003.
INRIA and Sun then worked several months to put in place the proper legal framework that would allow the ObjectWeb community of members to certify JOnAS' compliance. The certification process itself started in April 2004.
I have been involved in some EU project proposals with ObjectWeb and I have been very impressed by their professional open source ethos. Getting this certification is a recognition of a lot of work by a hard working team. Well done!
"Walled garden" is the term that industry uses for online communities that capture users inside a Web that is anything but world-wide. The services inside the walled garden are the ones the service provider chooses and they almost always involve increased revenue for the service provider. When I was at Excite@Home, we had a project to build set-top boxes for our cable partners that included a cable modem, but kept subscribers who didn't sign on for broadband services inside a walled garden of for-pay services. The idea of walled gardens is far from dead. You live with them everyday on your cell phone. I hardly ever use the network services on my ATT cell phone because it's all about shoving ringtones and wallpaper down my throat rather than letting me easily get to the information that I need.
In the Sept 16 issue of the Gillmor Gang (see www.gillmorgang.com), Ray Ozzie, of Notes and Groove fame, talks about how hard it is to create collaborative environments for portable devices. As noted by Ozzie, the operating systems on portable devices are too fractured and the interactions too limited to support network effects. By network effects, Ozzie is referring to the phenomenon that we frequently notice with social systems where the network of users grows geometrically because of user interaction. The applications being built for mobile devices are mostly used for personal productivity, not collaboration. The problem is that each mobile provider is trying to capture customers and create lock-in for their network instead of maximizing utility for users.
It looks like the criminal mind is very similar to the rest of our minds judging by this list of common Thinking Errors criminologists have identified in criminals.
In fact it looks like this activity is funded by the UK Computing Research Committee, a cross professional body BCS/IEE/CPHC expert panel, with support from EPSRC and NeSC.
The process seems to have been going on for a number of years centred around the following committees, and involving some conferences to discuss progress:
GC0: Steering (Initial membership) Wendy Hall (Southampton, Chair), Robin Milner (Cambridge), Karen Sparck-Jones (Cambridge)
GC1: In Vivo--In Silico
Andrew Bangham (East Anglia), Luca Cardelli (Microsoft),
Ronan Sleep (East Anglia)
GC2: Science for the Global Ubiquitous Computer
Marta Kwiatkowska (Birmingham), Robin Milner (Cambridge),
Vladimiro Sassone (Sussex)
GC3: Memories for Life
Andrew Fitzgibbon (Oxford), Wendy Hall (Southampton),
Ian Horrocks (Manchester), Ehud Reiter (Aberdeen), Nigel Shadbolt (Southampton)
GC4: Scalable Ubiquitous Computing Systems
Dan Chalmers (Sussex), Jon Crowcroft (Cambridge),
Morris Sloman (Imperial)
GC5: The Architecture of Brain and Mind
Mike Denham (Plymouth), Steve Furber (Manchester),
Mark Lee (Aberystwyth), Murray Shanahan (Imperial),
Aaron Sloman (Birmingham)
GC6: Dependable Systems Evolution
Cliff Jones (Newcastle), Peter O'Hearn (Queen Mary),
Jim Woodcock (York)
GC7: Journeys in Nonclassical Computation
Samson Abramsky (Oxford), Andrew Adamatzky (W. of England),
Susan Stepney (York), Jon Timmis (Kent)
This is a good overview of basic research challenges in the Computer Science space, with some overlap into other disciplines.
Bernie asks about IrishEyes: Mapping Irish Bloggers. Personally, I've signed up to the GeoURL, (though the service is currently down). This means that there is metadata on my home page giving my co-ordinates:
meta name="ICBM" content="52.2068,-7.4236"
Yesterday I was a guest speaker at the Mobile Solutions Forum in Dublin. It was an interesting mix of enterprise IT providers, telecommunications operators, Irish software houses and businesses with a common interest in mobile solutions. Thanks to PC Cubed for organising the event.