Chasing Bush - Tracking George W. Bush throughout his UK visit

IF YOU SEE GEORGE W. BUSH, EMAIL OR TEXT THE TIME AND LOCATION TO:
bush at interwebnet.org

To send a text, enter the email address, then a space, then send to:

07766 404 142

Images of protests and exclusion zones are also welcome. The public has a right to see it all.

Here's the problem. This blog and Ecademy are PHP (Mysql) systems. I need to accept some data from a client that's built in MS dotnet. The first iteration of the client used dotnet web services to talk to a dotnet server using SOAP. Now it's a while since I've played with PEAR::SOAP for PHP and that was a test client to Google's API. This time around I've got to build a server. The data's really only an array of structs with 2 or 3 elements each.

Shouldn't be hard, right? After all SOAP is a standard, and there's been lots of interop work since I was writing about this stuff all the time 2 years ago.

Wrong.

- Dotnet wants to use document/literal all the time. This turns SOAP into little more than a REST call that passes a large XML document. Did we really need SOAP for this?
- The dotnet programmers aren't aware about what's happening under the hood at all, at all. There's no disrespect here but the MS GUI has hidden all the detail to the point where asking them to change to suit me (like using RPC) is a non-starter.
- PEAR::SOAP does support document/literal but I can't find a recipe for a server.
- Documentation for all of this is minimal.
- The test client and server I built using RPC just worked. An attempt at changing this to doc/literal resulted in reams and reams of meaningless error script.

So far I've wasted 3 or 4 hours on what should be a trivial task. Aaagh! Really. This sucks.

But I have to keep at it if my dream of a PHP port of Liberty is going to happen because Liberty uses some SOAP and I just know doc/literal is going to play a part.

What the hell happened here and how did the simplicity of XMLRPC end up as the huge pile of messy contradictions that is SOAP?

So after a week of running, the "Am I connected" game has now stabilised. Here's the current stats:-
People who've been rated: 2629
People who could be rated: 2739
Votes cast so far: 10654
Voters: 269

Despite some early attempts to game the system and fill the top 25 with Ecademy women , it's settled down and the usual suspects are well up there. What's fascinating about this is that it's not at all clear what you're supposed to be ranking and a few people have asked what "Connected" means. Despite that the people who've taken part seem to know. And with 10 thousand votes the results now statistically mean something, although as I say we don't now exactly what.

If you haven't worked it out already, the faces shown are chosen at random from Ecademy people who have a photo and haven't hidden their profile. So it obviously helps your likely score if you've got a half way decent photo, you look interesting and your fifty words look interesting. After that the high scorers also appear to have a good reputation in the community as well. I'm fairly sure that Ecademy women get consistently higher scores than the men, but maybe I'm imagining that! I feel sure they deserve it anyway.

Anyway, here's a big cheer for Lesley Atkinson who's currently leading the rankings and has been in the top 3 all week. Whatever she's doing is clearly having some effect.

ps. We have had one complaint that this wasn't very business like. Well while I understand that position, it is only a bit of fun and fairly harmless. If you don't like it, you don't have to look a it. [from: JB Ecademy]

Hey, it's Microsoft Free Friday again. So which non-Microsoft application will you install on your machine today? Will it be:-
- A better Browser?
- A better Email client?
- A better Office suite?

You don't have to switch now, but you owe it to yourself to take a look at the alternatives. And what better time to do it than on Friday afternoon when you won't be doing any work anyway? [from: JB Ecademy]

what kind of social software are you?

I am a Wiki and I just deleted everything.

[from: JB Ecademy]

I'm seeking LAMP developers interested in working on an open source, Liberty compatible, LAMP based, Federated Digital ID project. If you could get involved or know people who could (on or off Ecademy), please email me or join the Hack4Ecademy club. [from: JB Ecademy]

Welcome to wallop - Please Log In. Membership to wallop is by invitation only. If you know someone who's a member of wallop, have them invite you to join!

Are you a member? Please invite me! Please? [from: JB Ecademy]

I'm desperately seeking LAMP developers interested in working on Liberty for LAMP Federated Digital ID. If you could get involved or know people who could, please email me.

Just posted this to the SourceId Users mailing list.

I'm not sure where to ask these questions so if there is a better forum, please point me at it.

The very first message archived for this list asks if there's a Liberty implementation in php, perl, python. This is my issue as well. The problem here is that the only open source toolkit I can find is SourceId, and I'm not sure if it's fair to expect you to either do this yourselves or help another project to do it.

Some background. I'm coming at this from the bottom up and so from a rather different place compared with the fairly corporate approach of Liberty. Here's some example use cases:-

1) Federated SSO implemented in a series of open source community software projects including Drupal, phpBB, *Nuke (and possibly Movable Type) These are mostly php-mysql based with some perl/python and postresql.

2) FSSO implemented in Social Networking sites like Ecademy, Ryze, Friendster, Friends-Reunited. There's a real mix of technologies here but a significant number are LAMP based.

3) FSSO with paid subscription extensions used within a cloud or family of loosely coupled social networking sites.

4) Somewhat far-out, a Personal IDP with minimal hosting requirements that very large numbers of people could run. This probably has to be perl or php with no database and simple text config files.

So all in all, Liberty in LAMP looks to me like a *good thing*.

So now I'm left with some problems. A lot of my potential targets are GPL so the SourceID license and the RSA waiver are just not going to work. Reverse engineering SourceID directly is awkward both technically and legally. Liberty doesn't appear to be setup to involve individual OSS developers. Trying to wade
through the Liberty PDF docs is *hard work*. And so on.

So if anyone can direct me to some short cuts, I'd love to hear them. Equally, I'd love to hear criticism of the idea. And of course, if you could help build something I'd *really* like to hear from you.

Hack 4 Ecademy is a meeting place for people interested in hacking together code and services that extend Ecademy in interesting ways. I'm sure you understand that this is "Hack" as in create clever code rather than "Crack" as in break into machines illegally.

Some of the projects I have in mind are LAMP based and probably open source while some could be any technology. So don't feel that a particular technology is necessary or even that it involves code.

I can't promise any direct reward for work done, but you'll certainly gain reputation! I'm hoping that it will spark work that helps you as much as it helps Ecademy. Some of this is along the lines of "This ought to exist, and if it did then Ecademy could do that". If you can gain benefit from that while at the same time helping Ecademy that would be great for everyone.

So if you can write php or perl, or can offer some cheap or free hosting, or want to build a commercial dotnet based system that exploits Ecademy data, or can produce flash or html documentation, or whatever, then please join in.
[from: JB Ecademy]

Welcome to wallop - Please Log In [from: JB Ecademy]

In a box on the left, you'll find a small form that launches a hotspot search on )(JiWire. I've been pretty impressed with the depth and accuracy of this system. Hope you like it. Though right now the UK Postcode search seems a little flaky. [from: JB Wifi]

This article Habits of Online Adults - InfoSeeker News - Microdoc News is mainly about what people do on line. But it ends up being a description of how email is no longer used. Such has email become a black-hole of disuse that we could not conduct our survey through email this year. ... Eveyone has their "hotmail", "yahoo" or other email address, but more than 58% of our respondents no longer check their email address. Of the 450 respondents who use the Internet more than five times a week, 53% of them no longer remember their email address.

If this is generally true, then we may have to seriously re-consider how we go about communicating with people online. When we build websites we routinely (as in Ecademy) use email to verify that there's a real person on the end of the request and not a bot. I should check to see how many people we're losing because they never get their password.

I'm still absolutely convinced that the killer app of the Internet is one-to-one communication. If that's not going to happen via email then how is it going to happen? And as someone who is fairly addicted to email and has been using it since before the web, I find this really sad that we've collectively managed to destroy it's usefulness. [from: JB Ecademy]

Next time you're reading or commenting on a weblog entry, click on the [G] and [F] below it, just after the number of [comments].

G does a Google search for the blog title. F does a search on Feedster for the same thing. You might need to adjust the search a little on Feedster but it's a useful resource if you're looking for recent web entries somewhat similar to this one. [from: JB Ecademy]

Take a look at this. Before you ask, it's a bit of harmless fun that doesn't mean anything much.

From a privacy angle, we do store your votes, but I won't ever show your vote to the person you're rating.

And do give me some feedback. Maybe there's some real value hidden in there? [from: JB Ecademy]

The Buttafly Guide to Interpreting (network site) Photos Actually about Friendster of course, but works equally well for other network sites such as Ecademy, Ryze or Yafro. [from: JB Ecademy]

My particular interest in SSO is mainly with Drupal and Drupal based systems. I've been puzzling over how to extend Drupal's existing Distributed Auth[1] to make it more general and available in other systems.

I believe there are two or three approaches here.
1) Top down, BigCo, Industrial strength. Passport, Liberty, SAML, WS-*, PingID
2) Federated signon, profile sharing between known websites. PingID(maybe), Universal.
3) Bottom up distributed auth between unknown websites. Drupal, SEA.

I have a real problem with 1) I can't understand the specs. Even though it's supposed to be open standards it keeps drifting into proprietary land. Ref implementations are typically Java and DotNet ignoring LAMP. Some (possibly all) of the standards are encumbered by Patents. The possible saving grace is that
Jabber and Andre Durand are involved in PingID and SourceId is at least open source.

2) and 3) Look like good starting points. I prefer the philosophy of 3) because it doesn't require prior agreement between participating websites. Which then opens up the possibility of people running their own authentication server (like running their own Movable type install). However both Universal and Drupal/SEA need to do some major work on the authentication process. Passing plain text ID+Password around is too primitive. it should be possible to use some of the patterns from 1) in architecting this.

So I'm up for helping to build a bottom up solution and getting it implemented in lots of different broadly social networking software. Things like Drupal, Nuke, phpBB, MT, etc.

[1]http://drupal.org/node/view/312 Note that Drupal already has code to authenticate and use an ID+Password pair located on Blogger, Delphi, Drupal, Jabber, LDAP, Livejournal, Manila, Yahoo. There are patches for returning a User Profile and creating a local user record from some of these. There's some good
starting points in there.

Another one for the blogroll and RSS aggregator. Telepocalypse Some very interesting discussions going on here. [from: JB Ecademy]

Wow! No cigarettes for 6 weeks and I'm still more or less sane.

Just saw that SourceID supports SAML 1.1 (via Jeremy Allaire, via Marc Canter). I wrote a rant today about this whole area. The gist is that I'm sure this announcement is significant, but I can't work out why or how I can play too. I would absolutely love to see some support for LAMP instead of just Java and DotNet. And I'd love to see someone explain SAML (Liberty, PingId etc etc) in words of one syllable.

Then I read this. RSA Security has identified four patents which they believe could be relevant to implementing certain operational modes of the OASIS Security Assertion Markup Language (“SAML”) specifications. To obtain a royalty-free license to the RSA Patents to make, use and sell products conforming to the SAML specifications, a customer or partner must sign RSA's Patent License Agreement. Well I guess that's that. I cannot and will not support this sort of bollox! So if Passport is out because it's proprietary. And SAML (and hence Liberty and PingId) is out because RSA think they might have some patent hold over it, where does that leave us?

We really can't let a bunch of scary corporates have control over something as important as Mydentity.