I feel guilty sometimes about the lull in my WS-Rants, because the forces of WS-Complexity and WS-Darkness are out there evangelizing tirelessly. But today I feel better, because there are powerful WS-dialogues out there speaking truth to confusion. Duncan Cragg has published Getting Data and Setting Data, which he says are the first two of a nine-part (!) series entitled The REST Dialogues. Quite sound and insightful, I think. But laughter is divine and the divine trumps the rational; in that spirit I recommend Pete Lacey’s The S stands for Simple, which is in a class by itself. [Update: DHH piles on.] [Update: Nelson Minar too.] [Update: and Sam Ruby]. [Update: Lacey’s follow-up, They can’t hear you, is a must-read.]
Contributions
Comment feed for ongoing:
From: Duncan Cragg (Nov 16 2006, at 15:44)
Thanks for the mention!
(just fix the surname spelling - then edit away this parenthetic para - and I'll be even happier! ;-)
I totally agree about the quality of the current dialogue competition. And it's a remarkable coincidence, too.
I find it an extremely expressive and liberating format. Whenever you feel uneasy, just get the foil/devil's advocate to express your unease. This then gives you reasoning room to address the issue.
Yes, I really do have nine chunks lined up: REST integration is worth taking time over, don't you think? Hope I don't annoy any orthodox RESTians along the way (Hi! Mark!).
Cheers!
Duncan
[link]
From: Ian Bicking (Nov 16 2006, at 22:55)
FWIW, there's lots of circles you can travel in where WS-* is just like a boogie-man, and SOAP is something you hear about but no one uses, and apparently all the evangelists either don't know we're, hear, or don't care what we think or what we use, or just don't know how to speak in a way that is meaningful to us. Probably some of all three. For this group WS-bashing is amusing and self-satisfying (we're so goddamn smart we don't even have a clue what the dumb people are doing!) -- but despite that, it's not really needed. We don't buy tools, we don't buy into stacks, and when it's self-evident that something is crap we don't use it. I think this is just how the F/OSS world works, and how it's worked all along. Except for a few weird Apache projects; I don't know what's up with those guys.
[link]
From: Pete Lacey (Nov 30 2006, at 13:20)
Thanks, Tim, for all the Google juice. I'm glad you're finding my part of the conversation worth mentioning.
Pete
[link]
From: Gunnar (Nov 30 2006, at 15:09)
Weak.
S also stands for "Security" please wake me up when the REST people actually put security mechanisms in their stuff. Then we'll see how much simpler it is. Until then this is strictly amateur hour. "Look Ma, I can throw a bunch of random unauthenticatable, unauthorizable bits across the wire! You should be proud!"
[link]
From: Pete Lacey (Dec 01 2006, at 07:35)
Gunnar: HTTP Basic or HTTP Digest or SSL (certificate-based) for authentication. SSL for encryption and digital signatures. You know, the way we've been doing things since 1995.
[link]
From: Gunnar (Dec 01 2006, at 08:44)
Yes, Pete. Genius. HTTP Basic. Why didn't I think of that? Your words (and code) are a comfort to every script kiddie on the planet. Please visit owasp.org and learn three things about web security today, m'kay?
[link]
From: Pete Lacey (Dec 01 2006, at 20:55)
Gunnar's objections addressed here: http://wanderingbarque.com/nonintersecting/2006/12/01/restful-security/
Pete
[link]