Cisco To Open-Source New Messaging Protocol

Esther Schindler writes "Do you use SOAP, CORBA or EJBs? You might want to take a look at Etch, writes James Turner for CIO.com. It's language-, platform- and transport-agnostic, and Cisco is planning to release it as open source. Certainly, it offers some technical benefits: 'In addition to a simplified configuration, Etch also promises less overhead over the wire, compared to SOAP. In a testbed environment where SOAP was managing around 900 calls a second, Etch generated more than 50,000 messages in a one-way mode, and 15,000 transactions with a full round-trip, company officials stated.' And the open source part? Cisco is in the process of deciding what license to use. 'The intent is to use a less restrictive license than GPL, perhaps Apache or Mozilla. This is to allow commercial developers to incorporate Etch into products without licensing issues. A final announcement on the licensing decision will be available in the next month.'"

I'm 2 n00b

[FurtiveGlancer]

Someone please add the tag 'suddenoutbreakofcommonsense' to cover the licensing decision.

Re:I'm 2 n00b

[jhines]

I'm not fluent in the language, but there has to be a word in Yiddish for just this.

GPL

Glad to see more and more companies moving away from GPL, understanding that it will only limit the potential adoption. As a highly respected registered member of the Slashdot community, I'm posting as AC as this post will very likely be modded troll.

Re:GPL

[Shadow-isoHunt]

You care too much about your karma - regardless of if your post is being sarcastic or not - say what you mean and mean what you say, stand behind it because we won't believe an AC anyways.

Re:GPL

[whatever3003]

Coward. Your priorities show a distinct lack of strength in your convictions.

Re:GPL

[superskippy]

Sorry to feed the troll, but the point of the GPL is not to increase adoption. Your absolutely right to say that other licenses will lead to greater adoption- but this is adoption by people who may take, take, take and not give back.
Besides, it sounds like LGPL is what's needed in this case, anyhow.

Re:GPL

[unix_core]

If it's not going to be kept free, then what significant benefits are there of it being adopted?

Re:GPL

[Teckla]

Sorry to feed the troll, but the point of the GPL is not to increase adoption. Your absolutely right to say that other licenses will lead to greater adoption- but this is adoption by people who may take, take, take and not give back.

The company I work for sells closed source software. We also use some open source software (not GPL) in the product.

We contribute back to the open source we use because it's more sensible. Adding the same features back in again and again would be counterproductive. We'd rather they get added to the open source project permanently.

We have a blanket ban on using GPL'd source, though. We can't afford to GPL our entire 20 million line software stack, which would be the result of using even a tiny bit of GPL code.

Try to understand that not everyone loves the GPL and not everyone that doesn't love the GPL is a troll.

Now it's my turn to get modded into oblivion for not being fond of the GPL. Sigh.

Re:GPL

[ruin20]

I've never met a GPL code developer who released his code under GPL because he was forced. I support GPL because I believe if something is important it should be codified and that if you develop something for the community you should protect it for the community. But that doesn't mean that releasing something under an FOSS license without a "recontribute/openness" clause doesn't mean that there won't be active community development. Something built on and from sharing will always foster more sharing, it's an issue of principal.

Re:GPL

[Kjella]

We contribute back to the open source we use because it's more sensible. Well, the positive side is that you're contributing something. But I'd rather say that as "We contribute back to the open source we use only when it's more sensible". That means trivial fixes, basic features and other things that doesn't threaten your business and is cheaper to "outsource" the maintenance on. Any time it's major features, more specific layers to the business you're in that could make it easier to produce a software stack like yours, most decide to pile it up on their 20 MLOC proprietary pile because the cost/benefit ratio swings in favor of keeping it in-house.

Taking a huge proprietary application and adding a tiny bit of GPL is foolish, the GPL is best designed to work organically - it almost does what you need, you add the missing pieces and you have to distribute the changes with your binaries. Both suffer a bit from the "big change" problem, there's rarely anyone with incentive to do major changes, but the GPL suffers less because companies are often "forced" to release code they wouldn't have released if they didn't need to. In practise, I find that means there's a lot more GPL code I want to use - actual end-user applications that otherwise would have gone into the proprietary stack.

Try to understand that not everyone loves the GPL and not everyone that doesn't love the GPL is a troll. As a producer of proprietary software, it's no trouble understanding where your preferances lie. You get to keep all the good and important parts to yourself, you get a free toolbox and you get some others to do free (as in beer) maintenance. What's in it for me? Unless I start using anything pure BSD with source, little if anything. Maybe a bit better/cheaper software but usually the proprietary derivates will only use that to increase their margins. Does OS X being based on *BSD bring the BSDs much good, or is it just a bleak shadow with sub-percent market share? Has it reduced the prices of OS X?

Stating your preference for BSD because it helps proprietary development is an honest opinion. But when you take on the role of end-user, the GPL means I can use it any way I want, I have the source to modify it any way I want and as a company you can do as much proprietary in-house modifications as you want. The only thing you can't do is sell/distribute proprietary versions to *drumroll* end-users. Every OSS developer including Linus himself is probably an end-user to 100x as many projects as they develop, so we're all end-users. So when someone tries to say to end users "You shouldn't use GPL software because it's not really free." they're have either completely misunderstood, are trolling or is pushing someone else's agenda. It's extra freedom, but not extra freedom that'll do the end users any good.

Re:GPL

[daffmeister]

That's because you've only met people similar to you. It's pretty normal to mostly encounter others of a like nature.

However, there are plenty of groups out there who would quite happily take GPL code and add it to a closed source app, if the licence allowed them (and some that will do so even against the licence). Just because you haven't personally met them, doesn't mean they don't exist.

Re:GPL

[Ian+Alexander]

Sorry to feed the troll, but the point of the GPL is not to increase adoption. Your absolutely right to say that other licenses will lead to greater adoption- but this is adoption by people who may take, take, take and not give back.

The company I work for sells closed source software. We also use some open source software (not GPL) in the product.

We contribute back to the open source we use because it's more sensible. Adding the same features back in again and again would be counterproductive. We'd rather they get added to the open source project permanently.

We have a blanket ban on using GPL'd source, though. We can't afford to GPL our entire 20 million line software stack, which would be the result of using even a tiny bit of GPL code.

Try to understand that not everyone loves the GPL and not everyone that doesn't love the GPL is a troll.

Now it's my turn to get modded into oblivion for not being fond of the GPL. Sigh.

Is that really so? I thought the GPL only "infected" if you had to link against the GPL'ed code. Or is your codebase that... interconnected? And what about LGPL? Inquiring minds want to know!

Re:GPL

[Cyclops]

OpenBSD doesn't want to take GPL'ed code. They can, but they don't want to.

They are perfectly fine to include it (and they do include GCC, for instance), and even link to it (but then the derived work will have to be GPL'ed and they don't want that).

And some projects have the problem in the inverse direction. Linux can't benefit from dtrace except in design principles.

Or even the fantastic ZFS.

Oh well, I guess it's all down to the same premise: if you don't want/can't use it, then stop bitching and go write your own, spoiled brats...

Re:GPL

[Cyclops]

Except that giving a "BSD exception" to the GPL would make the point of the GPL kind of moot.

The GNU GPL is there to make sure every single user of GPL'ed code has the 4 software freedoms.

The BSD's only make sure for the first recipient.

I'm not claiming the first is better than the second (although I believe so), just that their purposes are different enough to make it a childish request instead of coding your own version like a real man.

Re:GPL

[nahdude812]

Under such a scenario, when the majority of source files in a BSD project contain a snippet of GPL code, and that project can no longer build without those GPL snippets, then the project is effectively GPL since the GPL code has become inseparable from the BSD code.

Or else the exemption allows the code to become relicensed as BSD when included in a BSD project - then I can start a "GNU/Linux/BSD" project which is simply a repackaging of regular GNU/Linux under a BSD license.

It's not the place of the GPL to provide such an exception, it's the place of project owners to provide such an exception for their project if they desire it.

FWIW, there's some awesome stuff in BSD, but personally I feel like if I'm providing my code to you, and you find it useful the least you can do is provide your changes to my code back to me so the rest of the world can benefit.

Distributed computing.

[William+Robinson]

Having developed many solutions using CORBA and SOAP, I welcome better solutions. Not sure though how it is going to resolve the problems we faced with CORBA and SOAP both?

SOAP could be easily integrated over current HTML based networks without need to make hole in firewall. But it was pig slow and designing stateful services was painful.

CORBA offered more technical challenges viz, complexity, version control, fault tolerance (not that a SOAP HA services is piece of cake, but I don't want anybody to go through torture of designing a HA CORBA server)

Re:Distributed computing.

[gbjbaanb]

Both those protocols suffer from 1 problem: bloat. The reason they're bloated and inefficient is because a committee decided how and what to add to the protocol once it was initiated, and we all know how well that works out.

SOAP was a 'quick and dirty solution (by Don Box IIRC) to (apart from getting a job at MS :) ) transfer COM calls over a http tunnel instead of the usual DCE-RPC tunnel, and it worked well when you only wanted to send a request to an object. Obviously, it has to have a webserver on the other end which slows it down tremendously, and then they added support for all kinds of complex types and a large schema as well. I'm surprised it works at all after seeing the raw WSDL code!

CORBA... designed by committee to do everything including transport kitchen sinks.

Since I've been working in the industry there is a tendency for supposedly bright people to take something simple and 'make it a general purpose solution' or 'implement some framework features' which nearly always breaks it into a bloated POS far removed from the original, simple, easy to use, and effective solution.

I welcome Cisco's new protocol, I don't care if it doesn't do everything I might possibly ever want to do, as long as it does the majority of my work quickly and simply. I can work around the edge cases myself, possibly even (gosh!) redesigning the way those edge cases work.

ZeroC's ICE

[bheer]

It'll be interesting to compare Etch to ICE, which is a GPL'd open-source, cross-language RPC toolkit (you can buy commerical licenses too). It's quite widely used by banks and is generally reckoned to be speedy.

Re:ZeroC's ICE

[eric2hill]

Their standard quoted price is $10K for unlimited royalty-free distribution, but they are *VERY* willing to work with you to price the product correctly for your product. Don't discount that number if you have a commercial application. Negotiating a percentage of sales opposed to writing your own communications subsystem is really a no-brainer.

He wrote this article on his PDA

looking at the width
of the column in the
article, and cio.com
wonders why nobody
visits their site
and so they have to
pimp their ad-laden
site on Slashdot in
a sure sign of des-
peration. Click next
to continue.

Um, what?

[Timothy+Brownawell]

How does one "open source" a protocol? There's no source to open, just a specification.

*reads article*

Ah, it's actually a set of libraries that use a new protocol.

Re:Um, what?

[RodgerDodger]

You open-source a protocol by providing a specification with no attached IP rights, such as patents covering the protocol. A reference implementation kind of helps, too.

Re:Um, what?

[Timothy+Brownawell]

Wouldn't that be "open spec" instead of "open source", with the open source reference implementation being a separate issue?

Re:Um, what?

Not all open specifications are freely licensed. The MPEG specifications are open, for instance, but you need to pay a license fee to use them.

I think we really need to come up with a better term for this, or narrow the definition of an open specification.

CORBA was shit. SOAP not much better.

All of these distributed technologies have been shit. CORBA was absolutely hell to develop with. Besides the runtime performance problems, development was always a huge hassle. It rarely just worked. J

Java's RMI was slightly better. But again, the development overhead was huge. Generating proxy and stub classes becomes a chore really quickly, and debugging becomes a real challenge.

SOAP was a little bit better than CORBA and Java RMI. At least writing the object layer code is a far more reasonable task. The performance, though, was complete shit compared to Java RMI and Corba. Whatever development time you saved initially in writing the SOAP interfacing code was instead spent trying to optimize what you had so that it wouldn't perform so fucking horribly.

In some ways, I hope that Cisco can do better. But I really don't know if that's possible. It may just be the nature of the beast that these sort of technologies perform poorly, are slow to develop, and are often nothing more than a huge hassle.

Re:CORBA was shit. SOAP not much better.

[RAMMS+EIN]

I think the problem with all of these is that they consist of too much hype and too little sense. Also, a lot of them are horribly over-engineered.

Taking SOAP as an example, because that's the one I know best. What you need is some way to communicate data to another party. What you get is something that does that, but in about the most verbose and latency-sensitive way imaginable. Yes, it's standards-based, which is a Good Thing, and it's human-readable, which is also advantageous.

On the other hand, the standard is apparently complex enough that various implementations implement distinct subsets...meaning interoperability is hit and miss. And seriously...HTTP and XML? Horribly inefficient.

All I know about Java RMI is that it was a horrible pain to get everything set up right so that it would work...and even then, of course, it's _Java_ RMI, so I'm not sure it's the best choice if you don't want to prescribe a particular platform or object model.

What I think all these have in common is that they try to automagically solve a problem that can hardly be solved automagically. The premise, as far as I understand, of protocols like this is that they will let you exchange objects from your program with programs on remote machines, without you having to do any work on it. But, in practice, it's hard to decide how to go about that without specific knowledge of how these objects will be used. Specifically, objects tend to be part of a graph...which parts of the graph do you send over the wire? And then there's all the actually hard problems related to distributed programming...

As for the protocols, I've always thought it shouldn't be that hard. Lisp has this thing where you can read and write Lisp objects. Write it out and read it back in and you'll get an equal object. This is incredibly useful for many things, including debugging, but also makes it easy to envision a protocol for distributed computing - especially when you consider that Lisp programs also consist of Lisp objects.

On the other hand, Lisp's read-write protocol isn't the most efficient as far as parsing and transmission are concerned. So something could be gained there. And not all objects can be read back in - for some it would even be a Bad Thing if they could. And none of the harder problems (like which parts of the graph to send) have been addressed yet. On the gripping hand, I honestly feel it's already better than SOAP.

For the rest, I think the trick is to keep things simple. Think of what you want to send. Encode that using some simple, efficient encoding, and send it. Don't shoot for automagic, Just Works exchange of arbitrary program objects. Think about what you really need to send and send only that.

Oh, and don't draw in layers and layers of frameworks, please.

Cisco, Please use the LGPLv3 license.

[NZheretic]

Releasing the implementation library under a LGPL license will still allow for the functionality to be incorporated ( via dynamic linking ) into any proprietary product. The LGPL will insure the availability of the source code and downstream legal reuse rights of Cisco's implementation to downstream recipients.

The LGPL is the only license that will insure that at least that Cisco's implementation of the protocol can not be easily extended in an inoperative manner.

Given the timespan that Cisco expects the protocol to be in use, version 3 of the LGPL is the best option.

Re:Cisco, Please use the LGPLv3 license.

[Richard_at_work]

Sod the libraries, license them however you wish - give us full and unfettered access to the specifications so those of us that wish to produce a BSD licensed or Public Domain set of libraries can do so. Don't assume that any license you choose for the libraries today will be good enough for everyone tomorrow.

Ice?

[IamTheRealMike]

Other than license, how does this compare to ZeroCs Iceï¼Y Does anybody know? I've played with Ice before and it's very well done, although I remain to be convinced of the value of remote object references in a distributed system.

Imagination

[CarpetShark]

More and more companies moving away from GPL? That's a strange conclusion, considering that it's probably had the fastest growing mindshare an uptake of any software license, ever, and that GPLv3 is proving very popular already with new projects and migrations.

There's absolutely no ethical reason to choose a less restrictive license over the GPL. The only thing the GPL restricts is the ability to restrict others. THAT is possibly a reason to avoid it, since, for example, I would like to prevent military types from using things I worked on, but avoiding the GPL because you want corporations to have the ability to use public works it in works they then keep from the public is a VERY strange notion.

Re:Imagination

[Timothy+Brownawell]

There's absolutely no ethical reason to choose a less restrictive license over the GPL. That depends on who you ask.

The only thing the GPL restricts is the ability to restrict others. Funny thing is, it isn't possible anyway to "restrict others" in that fashion without their cooperation (buying/downloading your software). It restricts the choices available to the end user by causing certain products to not exist.

Re:Microsoft's Kerberos

[Richard_at_work]

So? That's called 'Freedom'. I'd rather have too much of it than too little.

Re:Microsoft's Kerberos

[Timothy+Brownawell]

"Here's the spec, do whatever you want with it, but you can only use our name for it if you pass this huge test suite."

Re:Less overhead, more messages - but ..

[K.+S.+Kyosuke]

Might be, but you are totally off-topic here. This article is about doing this ober network, which has nothing to do with Instant Messaging, save for the fact that some information transfer is involved. IIRC, there are things like XEP-0072, that allow for application data messaging over XMPP, but these are also not exactly of interest to most Jabber users, and if they require server extensions, well, you'll be out of luck with using "popular services" }the public ones?] to transfer such data.

Re:Microsoft's Kerberos

[Froqen]

A test suite wouldn't have helped. Win2k worked just fine with normal kerberos as a client and as a server. The problem was that if you wanted to deal with domain based groups you needed an extension, something that MSFT wasn't intrested in letting people have for free.

Re:This is an improvement?

[AlXtreme]

Most people just don't RTFA, but you skipped a percentage of the words in the summary too !
"In a testbed environment where SOAP was managing around 900 calls a second, Etch generated more than 50,000 messages in a one-way mode, and 15,000 transactions with a full round-trip"

Flaming the GP isn't correct in this case, the summary is ambiguous. There is a difference between managing calls and generating messages, as a single call can generate multiple messages.

A correct summary would have been to compare the amount of calls a second both SOAP and Etch can handle, or the amount of messages/transactions required for a fixed number of calls. But I think the PR-drone that wrote up the article did so knowingly to put SOAP in a bad light.

Or are you simply being sarcastic? If so: WOOOOOSH!