Category Archives: Thoughts on the World

Please forgive me if this sounds like a rant, but I’m very annoyed. Someone who should know better has without warning changed a public interface, with the inevitable effect that dependent systems, in particular my blog, have broken. The offender? The mighty Microsoft.

Regular readers will know that I’ve highlighted several articles published in Microsoft’s Architecture Journal. A week ago I went to post a note on another article, to find that all my previous hyperlinks were broken. Thanks to my regular correspondents Richard Veryard and Arnon Rotem-Gal-Oz I discovered that the cause is an internal reorganisation within Microsoft, and there is a new web location for the journal, although it wouldn’t surprise me if that changes again. (To add insult to injury, the new URLs are very cryptic, and don’t paste easily into my blog!)

Now if you follow Microsoft’s advice when building systems, interfaces should be immutable. Otherwise you just don’t know what will break. The Microsoft advice is to never change an existing interface – if you need a different one, create a new interface, or at least a different version. And maintain the old one as long as dependent systems need it.

Microsoft are actually very good (not perfect, but quite good) at following this rule in their software systems. But they don’t seem to understand that the same rule should apply to that big public interface called the website. There are, of course, perfectly good strategies which would avoid this problem.

First, don’t try to reflect internal structural changes in the MSDN website. Doing so is like changing a system’s interface just because the implementation has been updated – the opposite of good practice. The public interface should be independent of implementation details.

Second, if you must create a new interface, keep the old one working. In systems, you can usually wrap the new interface to mimic the old. The same is true for a website. A set of auto-redirect pages at the old addresses, and I would never have even noticed the change.

Unfortunately Microsoft have done neither of these. And they seem to have a corporate blindness to the fact that documents are interfaces too. MS SharePoint is based on a web idiom, in which documents are identified by their position in a hierarchy. Re-arrange the hierarchy, and any external references or cross-references suddenly break.

Professional-quality document management systems don’t do this. They identify and control documents via a unique, immutable key into the underlying repository, and the primary document access via this key is guaranteed. Of course, you also want to show the document in a hierarchical structure, but any such entry is just a pointer to the underlying document. And if you want to change the hierarchy, or expose the same underlying document at multiple places in multiple hierarchies, it’s easy to do. The world of blogging has a similar concept, with “permalinks” which (should) survive a reorganisation.

Memo to Microsoft: links are interfaces too!

Does anybody know if Microsoft have killed off their Architecture Journal?
I was just about to write a post linking to it, and I find the content has been moved to an archive area and all the links have changed. Please send me a comment if you know!

Update

Thanks to my regular corrspondents Richard Veryard and Arnon Rotem-Gal-Oz I’ve managed to track down what’s happened. The journal is now at http://www.microsoft.com/architecture/default.aspx?pid=journal

This “broken interface” breaks so many architecture rules it deserves a separate post, so I’ve written one!

Microsoft have just published an excellent paper by Kim Cameron discussing the characteristics of an “identity metasystem” which must evolve if we are to have proper trust in the Internet and interactions which take place through it.

The paper is also available from the Identity Blog.

The paper’s thrust is that we need to develop a unifying set of identity-related technologies, but that these must observe certain key “laws”, and must accomodate varying technologies and requirements, much as unifying APIs provide access to a variety of hardware technologies.

I started thinking about the most common form of digital identify at the moment, the email address. It can be used in accordance with many of the laws. I can (usually) control when I release it. I can have different identities in different contexts, and choose which one to disclose. The identity is verifiable (to a limited extent) – someone can send me mail to check my address is valid. A variety of service providers and technologies are supported.

The big problem with email, of course, is that I can’t usually verify that email is from the claimed sender. For example, my spam whitelist admits email apparently from microsoft.com, but some of these emails are offers of dodgy mortgages and promises of increased manhood, obviusly not from the claimed source!

As a result, I wonder whether there is a missing “law of identity”. I need to be able to verify a claimed identity by methods I trust. I’d express the law something like “A party must be able to validate any identity claim, particularly its ownership, by reference (directly or indirectly) to resources he or she trusts.” This is implied in the current laws, but might be important enough to promote to a law in its own right.