Dare just posted this comment to my post on the business value of services being reach:
It seems your assumption is that everyone building distributed applications is placing them on the public Internet with the goal that every Perl kiddie and Javascript junkie should be able to call it. This is simply not true.
I work on designing web services that impact hundreds of millions of people and the least of my concerns is reach.
I am not assuming that everyone is building services that will be exposed on the Internet. I am assuming that in many companies there is not only one toolkit to use. Dare's employer, Microsoft, is probably one of the only companies where that is not true. :-)
Or is it? Reach was an issue when I was at MSDN. We were working on Web services that are consumed by Visual Studio 2005. There was some discussion about needing to encrypt data going to one of the services. We could have used HTTPS, but people were concerned that that was off-message and would be seen as not endorsing the company's strategic vision and cause an uproar and all sorts of ill-founded conclusions. That's a totally legitimate concern, something you learn when you work at MS. The obvious alternative was WS-Security, but at the time, WSE wasn't on the same support cycle as VS and couldn't be used in the client. The alternatives were to implement WS-Sec directly, which no one supported, do HTTPS despite the possible PR issues, or don't do anything that required encryption. In short, the choice is an issue of reach.
But all of that aside, reach is a relative thing. If you are building services that are only used inside your organization and your organization insists on toolkit X, then feel free to take a toolkit X specific approach to the problem. This leads to two interesting questions. First, if you're building something where reach is not an issue, why not use an existing mature distributed technology instead of a brand new one? Second, if you use the brand new one, how do you justify that to people (like management) who probably expect (as most people do) that Web services are interoperable and provide reach?
Is this an issue inside MSN? Probably not, and I'd certainly take Dare's word for it. Is it an issue in companies doing lots of legacy integration work? Absolutely.
Posted
Feb 10 2005, 09:17 AM
by
tim-ewald