> On 5/26/06, Gregg Wonderly <[EMAIL PROTECTED]> wrote:
> > When I
> > asked "Do I really care about which protocol", I really wanted to say "should I
> > compromise my design to take advantage of a particular protocol".
>
> I can see that you're still having trouble getting past the whole
> "'protocol' = low level" thing. Data formats are protocols too; is it
> bad for a system to pick one/some of those? Of course not. For all
> systems, you have to pick protocols, preferably ones which are already
> well deployed by the audience for that system, because to do otherwise
> is to reduce the number of people able to use it. Whether that's
> transport, transfer, or data format, picking one isn't bad, it's a
> necessary for interoperation.
Perhaps you are not familar with the history of the telephone network? The
problem with the telephone network is that it was design to only use realtime,
synchronous transports such as X.25, X.75, ATM etc. When the internet came into
view, there was no equipment which could effectively provide this translation
from synchronous to the asynchrony of the internet. All the hardware, software
and systems involved in the network couldn't be reinterfaced to a new world
without massive reengineering. This is why VOIP is taking that industry by
storm. They depended on a transport technology at an extremely low level and it
was ingrained into every possible piece of these systems. No chance for
adaptation and any reasonable cost.
> > I.e. as soon
> > as I am dependent on transport/transfer, I've introduced the 9th fallacy,
> > "Everyone speaks the same transport/transfer protocol as is hard coded in the
> > application."
>
> How is that a fallacy exactly? And how can agreement on
> ever-increasing layers of a stack be bad?
The description above is one illustration. Another example is web browsers.
Todate, I've yet to see one that supports "tcp:<portno>". Thus, we have to
write servlets or CGIs to provide simple web services. Why is that? What if I
just want to send a simple document. Why do I have to have a web server to do that?
The use of a higher layer protocol has caused that to be a dependency that we
can't get past. One has to use HTTP for firewall bridging just because that's
viewed as a safe port to open. In reality, it's no safer than any other
arbitrary TCP port unless you've actually nailed down the entire network, in
both directions, for all possible addresses. Somehow people feel like HTTP is
safe, yet it continues to be a most common path of exploitation because it
allows arbitrary content through. Believe me, I greatly enjoy what I can do
with my we browser to use information and services on the web. But, I don't
find it an attractive form of "dependable" and "secure" service.
Gregg Wonderly
SPONSORED LINKS
| Computer software | Computer aided design software | Computer job |
| Soa | Service-oriented architecture |
YAHOO! GROUPS LINKS
- Visit your group "service-orientated-architecture" on the web.
- To unsubscribe from this group, send an email to:
[EMAIL PROTECTED]
- Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
