RE: Web RPCs Considered Harmful


As you know there are numerous "factions" with initiatives to create
"solutions" for the packaging, transport, routing and processing of data
exchanged between parties using the Internet. The great success of TCP/IP
should serve as an object lesson for what is possible when a single,
international, standard solution exists. Rather than having each of these
factions going their separate ways they should converge their energies into
building a single international solution that addresses:

- the spectrum of processing modes people desire
   (one-way - a.k.a. simplex communications, synchronous request/response -
a.k.a. RPC, asynchronous messaging)
- support for multiple transports (HTTP, SMTP, FTP)
- secure operation
- an easy to program, simple service interface (API and event notification
- scalability
- reliability
- manageability
- privacy, authentication, integrity and non-repudiation
- support for all types of data representation (XML, X12, JPEG, whatever)
- flexibility (let the implementers choose the degree to which they support
all of the functions available in the

There are some very bright people working in these various factions,
yourself, Don Box and Ken MacLeod are good examples.  There are also some
very bright people working on this "problem" within the W3C, IETF, ebXML, et
al. The sum of the parts is less than the whole; lets get everyone working
togehter to solve the "whole" problem, as quick as humanly possible.

I've been developing software since 1974 and I've lived through the Open
System Wars, a plethora of "silver bullet programming languages", the
distributed object wars, the PC revolution, the failure of OSI and the
tremendous success of TCP/IP. In each of these cases there were winners and
loosers. We are at a crossroad, if each faction proceeds down separate paths
there will be winners and loosers. If we can all agree to work together to
create a single solution then we may create the E-Commerce equivalent of

The first step is honest and open dialog with a goal to converge
resources/energies into creating a single solution. I'm convinced there is a
reasonable technical solution we could all agree on, I'm not convinced the
"politics" of the situation will allow it to occur.

Dick Brooks

-----Original Message-----
From: Dave Winer []
Sent: Saturday, May 13, 2000 11:34 AM
To: Dick Brooks; Anders W. Tell; Wesley M. Felter
Cc: Edd Dumbill;; Dick Brooks
Subject: Re: Web RPCs Considered Harmful

Dick, as a developer and service operator, I couldn't agree more.

What would be the most practical, easy and low-tech way to add a layer of
security, using current best-practices of the Internet?

Rather than seeing this a time to put the brakes on, could we get into
problem solving mode and have an answer that can easily be implemented in
conjunction with the RPC work?


Received on Saturday, 13 May 2000 14:46:48 UTC