Amazon Web ServicesNew Resources APIs for the AWS SDK for Java

We are launching a preview of a new, resource-style API model for the AWS SDK for Java. I will summarize the preview here, and refer you to the AWS Java Blog for full information!

The new resource-oriented APIs are designed to be easier to understand and simpler to use. It obviates much of the request-response verbosity present in the existing model and presents a view of AWS that is decidedly object-oriented. Instead of exposing all of the methods of the service as part of a single class, the resource-style API includes multiple classes, each of which represents a particular type of resource for the service. Each class includes the methods needed to interact with the resource and with related resources of other types. Code written to the new API will generally be shorter, cleaner, and easier to comprehend.

Here is the old-school way to retrieve an AWS Identity and Access Management (IAM) group using the GetGroup function:

AmazonIdentityManagement iam = new AmazonIdentityManagementClient();
iam.setRegion(Region.getRegion(Regions.US_WEST_2));

GetGroupRequest getGroupRequest = new GetGroupRequest("NeedNewKeys");
GetGroupResult getGroupResult = iam.getGroup(getGroupRequest);

And here is the new way:

IdentityManagement iam = ServiceBuilder.forService(IdentityManagement.class)
  .withRegion(Region.getRegion(Regions.US_WEST_2))
  .build();

Group needNewKeys = iam.getGroup("NeedNewKeys");

The difference between the old and the new APIs becomes even more pronounced when more complex operations are used. Compare the old-school code for marking an outdated access key (oldKey) for an IAM user as inactive:

UpdateAccessKeyRequest updateAccessKeyRequest = new UpdateAccessKeyRequest()
  .withAccessKeyId(oldKey)
  .withUserName(user.getUserName())
  .withStatus(StatusType.Inactive);
iam.updateAccessKey(updateAccessKeyRequest);

With the new, streamlined code, the intent is a lot more obvious. There's a lot less in the way of setup code and the method is invoked on the object of interest instead of on the service:

oldKey.deactivate();

The new API is being launched in preview mode with support for Amazon Elastic Compute Cloud (EC2), AWS Identity and Access Management (IAM), and Amazon Glacier. We plan to introduce resource APIs for other services and other AWS SDKs in the future.

-- Jeff;

PS - To learn more about Resource APIs, read the full post on the AWS Java Development Blog .

Shelley Powers (Burningbird)Responding to Charity Navigator's DA on the Humane Society of the United States

circus elephants on parade

Courtesy of the Boston Public Library, Leslie Jones Collection.

I was sent a link to a story and asked if it was true. The story noted that Charity Navigator, the charity watch dog group, had attached a Donor Advisory to the Humane Society of the United State's listing, specifically because of the lawsuits related to the Ringling Brothers circus.

I was astonished. A donor advisory because of a single Endangered Species Act lawsuit? Many nonprofits are involved in lawsuits as they work to achieve the goals that are part of their underlying mission. I have a hefty annual PACER (federal court document system) fee because of the documents I download for the numerous environmental and animal welfare cases I follow—and I'm only following a tiny fraction of the cases I'd really like to follow.

Was the Donor Advisory given because the animal welfare groups lost the case? I would hope not, because penalizing nonprofits for taking a chance in court would have a chilling effect on their ability to do their work.

Was the Advisory given, then, because they also entered into a settlement for attorney fees? That seems to be more likely, especially considering the hefty size of the attorney fee settlement ($15 million). However, that a single incident related to a single court case would override 60 years of history in the Charity Navigator's decision seemed both capricious and arbitrary. If civil lawsuits were not part of the arsenal of the organization, or if HSUS was in the habit of losing these cases and having to pay hefty attorney fees on a regular basis, then I think it would give most people pause before donating—but a single instance? Frankly, my first reaction was, "Well, aren't you the precious."

Charity Navigator also referenced the fact that Ringling Brothers filed a counter-lawsuit against the animal welfare organizations based on RICO—the Racketeering law. The reference to RICO does sound serious, if it weren't for the fact that because of the RICO law's overly loose design, and due to the Supreme Court's over-reliance on the "intent" of Congress when passing the law, RICO's purpose has been badly muddied over the years. Now, rather than go after the Mafia or sophisticated white-collar criminal networks, RICO has become a highly tempting tool in corporate America's tool belt, especially after the recent findings in the Chevron RICO lawsuit related to the earlier lawsuit brought by poor Ecuadorians against the oil company for environmental damage to their lands.

Regardless, neither lawsuit—the original Endangered Species Act lawsuit brought by the animal welfare groups (not including HSUS), or the RICO case—ever reached a decision on the merits. The former was dismissed because of lack of standing, and the second never went to trial. As part of the attorney fee settlement, Feld Entertainment (parent company for the circus) agreed to dismiss the RICO lawsuit. The fact that the corporation filed a complaint should be seen as irrelevant and not figure into any agency's determination of whether the organizations involved are sound or not. Not unless Charity Navigator believes that all one has to do is file a complaint in court and it's automatically taken as true.

Charity Navigator noted the reasons why the Judge dismissed the ESA case for lack of standing, though the agency's understanding of the legal documents and associated time line of all the events are equally confused and inaccurate. For one, the agency stated that Feld filed the RICO lawsuit after the ESA case was decided. Feld originally filed the RICO lawsuit in 2007 when Judge Sullivan denied the company's request to amend its answer and assert a RICO counter-claim. The new lawsuit was stayed until the ESA case was decided in 2009, and Feld amended its original complaint in 2010, when the RICO case started up again.

I wanted to pull out part of the memorandum Judge Sullivan wrote in 2007 when he rejected Feld Entertainment's request to amend their answer (leading to the RICO lawsuit). It relates to Feld's implication that the animal welfare groups were involved in a complex and corrupt scheme to pay their co-plaintiff, Tom Rider that the company lawyers claimed they didn't know about until 2006.

Finally, the Court cannot ignore the fact that defendant has been aware that plaintiff Tom Rider has been receiving payments from the plaintiff organizations for more than two years. Although defendant alleges an “elaborate cover-up” that prevented it from becoming “fully aware of the extent, mechanics, and purpose of the payment scheme until at least June 30, 2006,” Def.’s Mot. to Amend at 4, such a statement ignores the evidence in this case that was available to defendant before June 30, 2006 and does not excuse defendant’s delay from June 30 forward. Plaintiffs’ counsel admitted in open court on September 16, 2005 that the plaintiff organizations provided grants to Tom Rider to “speak out about what really happened” when he worked at the circus.

In other words, Feld's lawyers found out about the "elaborate scheme" to fund Tom Rider, because the animal welfare groups mentioned funding Tom Rider during a court hearing in 2005.

As for that funding, it is true that the animal welfare groups paid Tom Rider about $190,000 over close to ten years. However, what isn't noted is that some of that "money" wasn't money at all. Rider was given a computer, a cell phone to keep in contact with the groups, a used van so he could travel around the country speaking out about the trial and his experiences with the circus, and various other goods. The groups also provided IRS forms for years 2000 through 2006 for Rider. When I added up the income for these years, it came to $152,176.00. However, after all of Tom Rider's expenses were deducted, over the seven years he "took home" a total of $12,582, for an average of $149.78 a month. That's to pay for all of his personal expenses—including a cheap dark blue polyester suit and equally cheap white shirt and tie he wore to the trial. (Tom Rider must have stood out for the plainness of his garb when next to Feld Entertainment's $825.00 an hour DC lawyers during the trial.)

Among the small selection of oddly one-sided court documents that Charity Navigator linked, another was the Judge Sullivan decision denying the animal welfare group's motion to dismiss the RICO case. What stands out in this document is a reference to the original Judge Sullivan decision, specifically a comment about the Rider funding:

The Court further found that the ESA plaintiffs had been “less than forthcoming about the extent of the payments to Mr. Rider.”

I compare this statement with Sullivan's statement I quoted earlier, wherein Sullivan denied Feld's request to amend its complaint because of the supposed underhanded and secret funding—an assertion that Sullivan rejected in 2007. The newer constradictory 2009 statement was just one of the many inconsistencies in Judge Sullivan's decisions over the years related to these two cases.

But the last issue that Charity Navigator seemed to fixate on was Feld's attempt to get confidential donor lists from the animal welfare groups. I've written about this request, and my great disappointment in Judge Facciola's decision to grant the request.

Nothing will ever convince me this wasn't a bad decision, with the potential to set an extremely bad precedent. Even when the discovery was limited primarily to those people who attended a single event, it's appalling that a confidential donor lists can be given to a corporation who represents everything the donors loath and disdain—and a corporation with a particularly bad record when it comes to dealing with animal welfare groups and other people—not to mention its abysmal record when it comes to its animal acts.

The animal welfare groups settled because when you have a billionaire throwing $825.00 an hour lawyers at a case, and said billionaire doesn't care how much it costs to win, it didn't make sense to continue fighting a fight that was already stacked against them. When Judge Sullivan ruled on the ESA case, he should have recused himself in the RICO case, because to rule favorably for the animal welfare groups in the RICO case would be to say he was inherently mistaken in many of his assertions in the ESA case. When he turned the case over to the Magistrate Judge, Judge Facciola should have exercised independent thinking rather than just continue to parrot Judge Sullivan. In light of this judicial bias, and the fact that the groups would continue to spend way too much money fighting a lawsuit that the other side would deliberately stretch out as long as it possibly could, keeping up the fight was a lose-lose situation.

Top all that with the threat to the anonymity of their donors, and the groups settled. Point of fact, if they settled specifically to protect their donors, more power to them. They should be commended for doing so, not punished.

What's ironic is in my original posts on the donor list request, I noted that if the animal welfare groups had to give these lists out, it would most likely impact on their ratings in sites such as Charity Navigator. Never in my wildest dreams did I expect that Charity Navigator would give a donor advisory to the groups just because a judge ordered that the list be provided, not that they were provided. The groups had planned on appealing this ruling before they settled, and frankly, I think they had a good chance of winning the appeal. But the very fact that a no longer existing possibility of an event is enough to trigger a donor advisory leaves me to wonder how many more innocent nonprofits will be labeled with a donor advisory just because someone sent in a newspaper article about the possibility of an event?

Kenneth Feld's $825.00 an hour lead attorney, John Simpson, was recently interviewed for a legal publication. In it, he spoke about the donor list;

They didn't want a situation where I’m taking the deposition of some donor asking — if you knew they were going to take this money to pay a witness, would you have given this donation?” Simpson said. “I don’t think they wanted that kind of discovery to take place. Some people might have made the donation anyway. But most of these people would have said — no, I wouldn't have done that. And you would have been in the middle of their donor relations and potentially cutting off their donations in the future.”

In actuality, the one fund raiser that was at issue in the donor list request did specifically state that the money was for the lawsuit, and other requests for funds specifically stated the money was for Tom Rider's media campaign. In addition, there is a legitimate concern about what would happen to individuals put into an intimidating situation by a high priced, DC powerhouse attorney. Mr. Simpson has a way of asking questions in depositions, and then subsequently paraphrasing the responses so that even the most innocent and naive utterance seems dark, and dastardly. It was unfortunate that Judge Sullivan allowed his scarcely concealed disdain for Tom Rider to lead him to basically accept whatever Feld's lawyers said, even though the animal welfare groups presented solid arguments in defense.

Lastly, Charity Navigator linked an article in the Washington Examiner, as if this was further evidence of good reasoning for the donor advisory. Might as well link Fox News as a character reference for the EPA, or The Daily Caller as a reasoned source of news for President Obama.

Just because something shows up in a publication online does not make what's stated truth, or even reliable opinion. That a charity watch dog would link a publication known for its political and social bias, as some form of justification for a decision only undermines its own credibility. Yes, the HSUS and the FFA are involved in lawsuits with a couple of insurance companies regarding their liability coverage. As noted, though, it's common for insurance companies to deny claims of liability when it comes to litigation fees. Kenneth Feld, himself, is involved in a lawsuit with his insurance company about it not wanting to pay those $825.00 an hour fees for Feld's attorneys in the lawsuit with his sister.

However, there were several insurance companies involved with the groups and this court case. One way or another most, if not all, of the attorney fee settlement will be paid by one or more insurance companies.

An interesting side note about the insurance company lawsuits is the fact that the Humane Society's lawsuit is being handled in federal court, while the Fund For Animals lawsuit is being managed in the Maryland state court system. This disproves one Feld Entertainment claim that HSUS and FFA are one organization (and hence, justifying Feld's dragging HSUS into the lawsuit). The reason for the lawsuit split is that FFA is a Maryland corporation, while HSUS is not, and the insurance company was able to argue that it could move the HSUS case to the federal level because of jurisdictional diversity. Nothing more succinctly demonstrates that FFA and HSUS are not the same corporate organization. Yet HSUS has received a donor advisory for a lawsuit it was never involved in. FFA was involved in the ESA suit, but not HSUS.

There is so much to this case, too much to cover in a single writing, but I did want to touch on the major points given by Charity Navigator in its donor advisory. Will the advisory hurt an organization like HSUS? Unlikely. The Humane Society of the United States is one of the older, more established, and largest animal welfare organizations in the country. Its charity ratings to this point have been excellent. A reputable organization like the BBB lists it as an accredited charity, and one only has to do a quick search online to see that it is currently involved in many different animal welfare efforts across the country—from rescuing animals in North Carolina to defending American burros. If people donate or not to the organization it won't be because of Charity Navigator's listing, because most people wouldn't need Charity Navigator to learn more about the HSUS.

But such donor advisories could negatively impact on lesser known, smaller charities. I hope that when Charity Navigator issues such a drastic warning from this day on, it does so based on a foundation that is a little less arbitrary, and much less capricious, than the one they used for HSUS and the other animal welfare groups involved in this court case.

Amazon Web ServicesAmazon Zocalo - Now Generally Available

Amazon Zocalo has been available in a Limited Preview since early July (see my blog post, Amazon Zocalo - Document Storage and Sharing for the Enterprise to learn more). During the Limited Preview, many AWS users expressed interest in evaluating Zocalo and were admitted in to the Preview on a space-available basis.

Today we are making Amazon Zocalo generally available to all AWS customers. You can sign up today and start using Zocalo now. There's a 30-day free trial (200 GB of storage per user for up to 50 users); after that you pay $5 per user per month (see the Zocalo Pricing page for more information).

As part of this move to general availability, we are also announcing that AWS CloudTrail now records calls made to the Zocalo API. This API is currently internal, but we plan to expose it in the future. If you are interested in building applications that work with the Zocalo API, please express your interest by emailing us at zocalo-feedback@amazon.com. We are very interested in learning more about the kinds of applications that you are thinking about building.

I have become a regular user of Zocalo, and also a big fan! I generally have between 5 and 10 blog post drafts under way at any given time. I write the first draft, upload it to Zocalo, and share it with the Product Manager for initial review. We iterate on the early drafts to smooth out any kinks, and then share it with a wider audience for final review. When multiple reviewers provide feedback on the same document, Zocalo's Feedback tab lets me scan, summarize, and respond to the feedback quickly and efficiently.

-- Jeff;

ProgrammableWeb: APIsTime and Date Places

Time and Date Places API can retrieve names of places geographically identified in a list. Recognized parameters include geo and lang and response elements consist of places. Developers can find examples in XML/JSON formats. This API about places can be useful for developers who want to locate information related to a country, a state, latitude and longitude. Time and Date is based in Norway. Some of the resources at no cost are clocks, countdowns and APIs. Packages with additional requests are available for purchase.
Date Updated: 2014-08-27
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsTime and Date Dialing Codes Service

With Time and Date users can access time zones, calendars, weather, the world clock and astronomy information. They can also obtain free clocks, free countdowns and APIs. Time and Date Dialing Codes Service API can be used to find out which code serves better to call a specific location. To start application development, developers can review some of the recognized parameters such as number, locinfo and geo, examples in JSON and XML and sample responses. If users are interested to work with over 100,000 requests, they can purchase a dialing code service package that includes local times, area codes and all international prefixes.
Date Updated: 2014-08-27
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsF5

F5 is an IT company that improves network security. Some of the solutions include networks functions virtualization, secure web gateway and cloud migration. Products involve platforms, modules, BIG-IP and BIG-IQ device, cloud and security. To access more information developers can visit the link iControl CodeShare, where they will have access to iControlREST and over 100 sample applications.
Date Updated: 2014-08-27
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsCenturyLink

CenturyLink is a telecommunications company that offers cloud services for business, development, SaaS and resellers. The company offers an API that supports REST based HTTP requests in XML, JSON and SOAP protocols. The goals are to display billing, data centers, network usage, upcoming events and activity log. This API may serve as a control portal and could help developers to monitor users’ activity when they work from the cloud. To start application development, the site shows a quick overview guide and an instructional video. The website also displays 3 attributes with Success, Message and StatusCode names to show the type of responses developers will receive with requests.
Date Updated: 2014-08-27
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsThe Portal to Texas History

The Portal to Texas History is a resource to learn about past events occurred in Texas. The organization offers APIs for the Corpus Cristi Museum of Science and History and invites developers to access data without a special key. They can benefit from this API if they are interested to organize databases with science and history content. In addition, developers can choose from two metadata formats, oai_dc and UNT. With this API about museums, users can organize collections, generic information and specialized material after they review some of the examples shown in the main website. Support is available via e-mail and contact form.
Date Updated: 2014-08-27
Tags: [field_primary_category], [field_secondary_categories]

Amazon Web ServicesEnhanced Throughput for Provisioned IOPS (SSD) and General Purpose (SSD) EBS Volumes

Back in the old, pre-cloud days, updating your data center to use the latest and greatest hardware was expensive, somewhat risky, and resource intensive. You would have to make the capital investment to acquire new hardware based on your usual 3 or 5 year refresh cycle, field test it, and then migrate your systems and applications. The time between "I saw this cool thing and it could benefit our work" and "we are using this cool thing and it is benefitting our work" was often measured in quarters or years. Delays or inefficiencies in this process have the potential to affect the competitive position, health, and overall viability of your organization.

As I have said before, the cloud changes this model for the better. First of all, your cloud provider has an incentive to bring the newest and most powerful technology to market on a timely basis. Second, the dynamic nature of the cloud makes it easy for you to launch, test, and measure the performance of your existing applications on the new technology without disrupting your production systems.

General Purpose (SSD) Adoption is Strong
I would like to share some interesting numbers with you that illustrate the game-changing nature of the Cloud. In mid-June we announced SSD-Backed Elastic Block Storage and made it available in all AWS Regions. We knew that our customers would find this new offering attractive but we were not quite sure (despite plenty of market research and modeling) just how popular it would turn out to be.

In less than three months, the General Purpose (SSD) EBS storage has grown to the extent that it is now one of the fastest adopted services in the history of AWS! Here are two data points:

  1. Within a few weeks of the launch, over 25% of the EBS customer base was already making use of the new General Purpose (SSD) EBS volumes in some way.
  2. Today, most of our customers are now using General Purpose (SSD) volumes to meet their need for general purpose block storage. In fact, about 90% of the newly created block storage is now on SSD volumes.
Looking at this another way, the easy and capital-free migration made possible by the cloud has allowed the vast majority of our customers to move to a new generation of storage in a little over two months. Any way you look at it, this is a rapid upgrade cycle!

Throughput Enhancement
To celebrate this huge step forward (and because we love to innovate), we are improving data transfer throughput for General Purpose (SSD) and Provisioned IOPS (SSD) volumes. Here's what's new:

  1. The maximum attainable throughput to each volume has been doubled. Each General Purpose (SSD) and Provisioned IOPS (SSD) volume can now sustain up to 128 megabytes per second of read or write traffic.
  2. An I/O request of up to 256 kilobytes is now counted as a single I/O operation (IOP). In other words, a single IOP is now up to 16 times as cost-effective and performant as before (prior this enhancement, each IOP represented at most 16 kilobytes of data transfer). If you attach multiple General Purpose (SSD) or Provisioned IOPS (SSD) volumes to a single c3.8xlarge EC2 instance you can achieve up to 800 megabytes per second of aggregate throughput per instance.
These changes will improve your I/O performance and can also dramatically reduce your storage costs. If your application has a need for 128 megabytes per second of data transfer, you can now meet this need by provisioning 500 IOPS instead of 8000 IOPS.

As I noted above, an I/O request for up to 256 kilobytes is now counted as a single I/O operation. In some cases you can configure your application or your operating environment to make large read and write requests. For example, you can configure the size of requests made by Hadoop by altering the dfs.blocksize parameter. If you are building your own applications, you can read or write large blocks.

As part of this launch we have also updated the EC2 AMIs for Microsoft Windows. The new AMIs ("2014.08.13") will use SSD volumes exclusively and have an updated PV driver for increased performance. The Microsoft Security Updates are current to August 2014, the PowerShell Tools have been updated.

This enhancement is now in effect in all AWS Regions. If you are using General Purpose (SSD) or Provisioned IOPS (SSD) volumes then you are already reaping the benefits. We expect this enhancement to improve performance on many types of I/O-intensive workloads including those which involve database loads and scans across large tables.

-- Jeff;

ProgrammableWeb: APIsBadips

Badips.com is a free abuse tracker and IP monitoring community offering a way to report and compile blocklists of bad IPs. With an API key, developers can access Badips.com through a simple HTTP request RESTful API to receive a list of bad IPs along with specific individual IP information. Developers are also open to make a POST method to add new IPs to add to the directory.
Date Updated: 2014-08-26
Tags: [field_primary_category], [field_secondary_categories]

Yahoo! UI blogWe’ve Moved to Tumblr!

As of today, look for YUI-related announcements on the Yahoo Engineering Tumblr blog as well as YUI’s official Twitter page. The YUI Blog will continue to live in its present form for several more months, albeit in read-only mode. At some point in the near future, it will be archived so that all the great content posted here over the past 8 years remains available to the frontend community.

wevemoved

Amazon Web ServicesAWS Week in Review - August 18, 2014

Let's take a quick look at what happened in AWS-land last week:

Monday, August  18
Tuesday, August 19
Wednesday, August 20
Thursday, August 21
Friday,August 22

Stay tuned for next week! In the meantime, follow me on Twitter and subscribe to the RSS feed.

-- Jeff;

ProgrammableWeb: APIsTime and Date Holidays

Time and Date Holiday Service API displays a list of observances for over 70 countries. With this API, developers can retrieve holiday name and date, type of holiday and short description of the holiday. They also can access holiday information of the states in the country that observe the holiday. This API could be useful if the goal is to integrate observations with event organization, cultural purposes and travel plans. In the site, partners can find a total of 89 countries with 2979 holidays. They can also access sample data in JSON and XML. For additional information, Time and Date features links to latest news, configuration and Holiday Services license package.
Date Updated: 2014-08-25
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsCompany Data

Company Data is a searchable site that hosts a database of over 3,400,000 records on companies based in the United Kingdom. Each company data set includes information on accounts, mortgages, key clients, important figures, filing status history, and more. The Company Data API uses open government records to source data. In order to consume the API, developers must posses an API key received only after paying a fee for API usage.
Date Updated: 2014-08-25
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsURX App Search

The RESTful URX API, currently in a private beta, promises to be an easy way to link interactions within an app via deep linking tactics to retrieve information or perform actions within other apps. URX is accepting applicants through an online email signup that can be accessed from their website.
Date Updated: 2014-08-25
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsWombat Push

Created by Spreecommerce, Wombat is an operating system for eCommerce, allowing stores to connect data with any service, aiming to bridge the gaps between various accounting, shipping, order fulfillment, inventory management, POS systems, and more. Using the Wombat API, store owners can push their product and store data to the Wombat cloud to then integrate with various eCommerce tools. The API makes simple HTTP POST requests and returns JSON responses. Spree, Magento, Shopify, and BigCommerce are examples of Wombat-supported stores.
Date Updated: 2014-08-25
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsWhatMine

WhatMine is a resource for comprehensive information on various cryptocurrency prices and exchange rates. The WhatMine API can be accessed via simple HTTP GET requests and will return a JSON object. Developers can implement the API in order to retrieve information on a single coin. Maximum amount of API calls range from 20 to 5,000 depending on pricing plan.
Date Updated: 2014-08-25
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsCodero

Codero is a cloud hosting service and infrastructure as a service. They offer an API to help developers integrate Codero services into a cloud-based development architecture. The API can display server information, edit server login access, reset servers, and delete servers from use. All requests to the API are made over HTTP with basic HTTP authentication and returns as a jSON object.
Date Updated: 2014-08-25
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsCredly Events

Credly is a service that helps users to organize life achievements in one place. Developers who want to assess member activity through peers’ interactions could benefit from this API that is about events. The site offers parameters such as events, event members, event badges, event badge management, event badge actions and event self-actions. All categories include values, types, descriptions and a try it! button to generate responses. Credly Events aims to set conditions based on times, places and geo-coordinates. To start app development, developers can register to test API endpoints.
Date Updated: 2014-08-25
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsCredly Members

With Credly Members API, developers can access data from member profiles based on a known e-mail address. This application could have the value of immediate identification of relationships between a user, a user follower and a trusted member. The site offers the methods of member profiles, member badges, member followers and member trust. The steps to follow start with developer registration and authentication of valid information followed by API endpoints testing.
Date Updated: 2014-08-25
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsCredly Credit Management

Credly Credit is an application that can issue badges, obtain recipient information or retrieve credentials data. In this case, developers have the option to access a Badge Builder SDK to create badge visuals inside another site. Credit API could be useful to organize users and data credentials in the same place. It can be valuable for developers who work with schools, institutions or establishments where the information of large groups needs to be constantly well-ordered and updated. To create an application, users can sign in to use their own account once they have been authenticated and have tested endpoints.
Date Updated: 2014-08-25
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsCredly Social Management

With Credly Social Management, developers can manage relationships between users from groups, memberships and affiliations in other sites. Since Credly is a service that authenticates digital badges, the function Contact List of this API could be particularly beneficial to aggregate and update lists of contacts who want be identified with professional certifications. This deal helps consumers to display badges in communities and associations. Partners who intent to organize long lists of class rosters could value this API because it assists to create new directories, manage feeds and retrieve follower information. Registration is recommended to test endpoints for authentication.
Date Updated: 2014-08-25
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsCredly User Management

Credly authenticates digital badges to recognize users when they reach life accomplishments. As stated in the site, the service verifies, shares and manages credentials. This is useful for consumers who intent to showcase their work through online communities, and professional associations. For developers, partners and startups the API user management could be beneficial because they could organize users' data to predict future trends of badge recognition in additional learning environments. This API is about user management. To start application development, it is recommended to create an account and test endpoints. In the site, developers can find registration, user profile, e-mail addresses and password and organization management methods.
Date Updated: 2014-08-25
Tags: [field_primary_category], [field_secondary_categories]

Bob DuCharme (Innodata Isogen)Exploring a SPARQL endpoint

In this case, semanticweb.org.

graph of ISWC SPARQL papers

In the second edition of my book Learning SPARQL, a new chapter titled "A SPARQL Cookbook" includes a section called "Exploring the Data," which features useful queries for looking around a dataset that you know little or nothing about. I was recently wondering about the data available at the SPARQL endpoint http://data.semanticweb.org/sparql, so to explore it I put several of the queries from this section of the book to work.

An important lesson here is how easy SPARQL and RDF make it to explore a dataset that you know nothing about. If you don't know about the properties used, or whether any schema or schemas were used and how much they was used, you can just query for this information. Most hypertext links below will execute the queries they describe using semanticweb.org's SNORQL interface.

I started with what is generally my favorite query, listing which predicates are used in the data, because that's the quickest way to get a flavor for what kind of data is available. Several of the predicates that got listed immediately told me some interesting things:

  • rdfs:subClassOf shows me that there's probably some structure worth exploring.

  • dcterms:subject (and dc:subject) shows that things have probably been tagged with keywords.

  • ical properties such as dtstart shows that events are recorded.

  • FOAF properties show that there is probably information about people.

  • dcterms:title, swrc:booktitle, dc:title, src:title, and swrc:subtitle show me that works are covered.

An RDF dataset may or may not have explicit structure, and the use of rdfs:subClassOf in this data showed me that there was, so my next query asked what classes were subclasses of what classes so that I could get an overview of how much structure the dataset included. The result showed me that the ontology seemed to be mostly in the swc namespace, which turns out to be the semanticweb.com conference ontology. The site does include nice documentation for this ontology.

The use of the FOAF vocabulary showed me that there are probably people described, but if the properties foaf:name, foaf:lastName, foaf:familyName, foaf:family_name, and foaf:surname are all in there, which should I try first? A quick ego search showed foaf:family_name being used. It also showed that the URI used to represent me is http://data.semanticweb.org/person/bob-ducharme, and because they've published this data as linked data, sending a browser to that URL showed that it described me as a member of the 2010 ISWC program committee.

It also showed me to be a proud instance of the foaf:Person class, so I did a query to find out how many persons there were in all: 10,982.

Given the domain of the ontology and the reason that I was listed, I guessed that it was all about ISWC conferences, so I listed the dc:title values to see what would show up. The query took long enough that I added a LIMIT keyword to create a politer version of that query. Looking at the complete data for one work showed all kinds of interesting information, including an swrc:year value to indicate the year of this paper's conference. A list of all year values showed a range from 2001 right up to 2014, so it's nice to see that they're keeping the data up to date.

Next, I listed all papers that mention "SPARQL" in their title, with their years. After listing the number of papers with SPARQL in their title each year, I used sgvizler (which I described here last September) to create the chart of these figures shown above.

The use of dcterms:subject and dc:subject was interesting because these add some pretty classic metadata for navigating content. Listing triples that used either, I included LIMIT 100 to be polite to the server in case these properties were used a lot. They are. Doing this with dc:subject shows subjects such as "ontology alignment" and "controlled natural language" assigned to articles. Doing it with dcterms:subject showed it used more the way I might use rdf:type, indicating that something is an instance of a particular class: for example, swc:Chair and swc:Delegate each have dcterms:subject values of http://dbpedia.org/resource/Role.

My interest in taxonomies (spurred by my work with TopQuadrant's TopBraid EVN) led me to look harder at the dc:subject values. They're string values, and not instances of something like skos:Concept, so they have no hierarchical relationship or other metadata themselves. I'm guessing that this is because key phrases assigned to conference papers are more of a folksonomy, in which people can make up their own key phrases as they wish. Either some people must have been aware of other key phrases in use or some were added automatically, because, while counting how many different ones there were came up with 3,594, a query to see which were the most popular showed that "Corpus (creation, annotation, etc.)" was far and away the most used, with 506 papers having that subject.

I could go on. Call me a SPARQL geek, but I really enjoy looking around a data set like this, especially when (as the presence of the papers for ISWC 2014 shows) the data is kept up to date. For people interested in any aspect of semantic web technology, the ability to look around this particular dataset and count up which data falls into which patterns is a great resource.


Please add any comments to this Google+ post.

David MegginsonBreadcrumbs: yes or no?

In web design, Breadcrumbs are those little navigational links you see across the top of some web pages, like

Home → Canada → Ontario → Ottawa

or

Media»Music»Classical»Beethoven

<section id="good">

Good idea?

Breadcrumbs let you can see where you are in a web site’s information hierarchy, and let click to climb up to a more-abstract level. As of 2014-06-13, I use geographical breadcrumbs on OurAirports to let users climb up from looking at a specific airport to looking at the list of all airports in an administrative subdivision (e.g. province/state/governorate), country, or continent. I have haven’t changed the site design by the time you’re reading this article, you can try it out for Cairo International Airport.

I like breadcrumbs, because they reflect the way I think. I tend to organise information hierarchically, like a librarian, and breadcrumbs let me find my way around an e-commerce site (for example) without wasting time on frustrating searches. The article “Breadcrumb Navigation Examined: Best Practices & Examples” goes into great detail on different types of breadcrumbs and their benefits.

</section> <section id="bad">

Bad idea?

While I love breadcrumbs, I notice that not many people use them on OurAirports. People almost never click up to see all airports in the same province or country; they really just want to look at a specific airport. Are my breadcrumbs just wasting screen space?

Back in 2008, Jared M. Spool posted an article “Design Cop-out #2: Breadcrumbs” suggesting that breadcrumbs represent a design failure:

The biggest problem is the lack of scent for the other areas of the site. If a user is in need of breadcrumbs because they are in the wrong part of the information tree, what they need most is good scent to the right part of the tree. However, the breadcrumbs only communicate the branch they’re on — not the branch they need to be on.

In 2011, Shanshan Ma wrote in “10 Ways Mobile Sites Are Different from Desktop Web Sites” that even if breadcrumbs belong on desktop web sites, they don’t belong on mobile ones:

However, breadcrumbs rarely appear on mobiles sites, and there is usually no necessity for them. Limited space is one reason breadcrumbs are uncommon on mobile sites. But the main factor is that the design of mobile sites prevents users from having to go too deep into a hierarchy to find what they are looking for.

</section> <section id="conclusion">

What do you think?

Do breadcrumbs perform an important function in modern web design, or are they just a crutch for bad design?

</section>

David MegginsonIt’s never the end of history

Link: http://alistapart.com/article/fluidgrids/

Ten years ago, circa 2004, it felt like the web had found its rut and would never get out: XML and XHTML had failed to fix the browser-incompatibility mess, the horrid Internet Explorer had achieved almost total browser-market dominance, and web designers were focussing on animated pre-rolls and big screens. Even in 2009, when the rise of mobile was impossible to ignore, Ethan Marcotte still sounded like an Isaiah shouting from the wilderness when he pleaded with us to think differently:

Instead of exploring the benefits of flexible web design, we rely on a little white lie: “minimum screen resolution.” These three words contain a powerful magic, under the cover of which we churn out fixed-width layout after fixed-width layout, perhaps revisiting a design every few years to “bump up” the width once it’s judged safe enough to do so. “Minimum screen resolution” lets us design for a contrived subset of users who see our design as god and Photoshop intended.

It turns out that we weren’t at the end of web history, but just finishing the first act. After a decade-long intermission of stagnation, things started changing even faster than they had in the optimistic early days of the mid 1990s. IE has become so irrelevant that it’s barely necessary to test against it any more (unless your audience is big industry or government office workers using obsolescent desktop computers), HTML5 and CSS3 have exploded, the Javascript ecosystem has matured, the majority of page views happen on small-screen mobile devices, and those devices ensure that most users always have the latest version of their browsers (a vain hope in 2004 or 2009).

Five years after Marcotte’s article, any so-called web designer proposing to work with a fixed “minimum screen resolution” would … and should … be fired.

Except maybe in government and big industry.


Tagged: design, web

Jeremy Keith (Adactio)Georgina Voss at dConstruct

It’s exactly two weeks until dConstruct. I AM EXCITE!!!11ELEVEN!! If you’ve already got your ticket: excellent! If not, you can still get one. It’s not too late.

There is a change to the advertised line-up…

Alas, Jen can no longer make it to Brighton. Circumstances have conspired to make trans-atlantic travel an impossibility. It’s a real shame because I was really looking forward to her talk, but these things happen (and she’s gutted too: she was really looking forward to being in Brighton for this year’s dConstruct).

But never fear. We’ve swapped out one fantastic talk for another fantastic talk. Brighton’s own Georgina Voss has very kindly stepped into the breach. She’s going to knock your socks off with her talk, Tethering the Hovercraft:

A careen through grassroots innovation, speculative design, supply chains and sexual healthcare provision, lashing down over-caffeinated flailing into the grit of socio-technical systems.

Awwww yeah!

I had the chance to see Georgina speak a few months back at Lighthouse Arts and it was terrific. She is the perfect fit for this year’s dConstruct—she really is living with the network.

It’s a shame that Jen can’t join us for this year’s dConstruct but, my goodness, what a great day it’s going to be—now with added Vossomeness!

Amazon Web ServicesAWS Pop-up Loft - Returning in the Fall!

Earlier this year we opened up the AWS Pop-up Loft for a pilot run of almost four weeks in San Francisco. During that time, many AWS developers dropped in to network, listen, learn, work, and socialize. Some developers came and enjoyed the structured, scheduled events. Others came in with their laptops, found a quiet corner, and spent some time working on their code.

During my three day stint at The Loft, I met a number of interesting entrepreneurs and spent time learning about their plans to change the world. For example, I spoke with Cosmo Mielke of infino.me to learn more about his citizen science experiment. He's working to use Big Data to understand the interaction between genetics and lifestyle in an effort to prevent diseases and prolong lives.

I am happy to announce that The Loft will reopen in the fall! Based on the feedback that we received during the pilot in June, we have fine-tuned the model to make it even more valuable for you. Here are some of the things that you will be able to do at The Loft:

  • Meet 1:1 with an AWS technical expert.
  • Learn about AWS through product sessions.
  • Gain hands-on experience through instructor-led Technical Bootcamps.
  • Sharpen your AWS skills through self-paced, hands-on labs.
  • Attend special evening events including talks with successful startups and networking opportunities (past speakers have represented Twilio, Coin, Hearsay Social, CoreOS, and Chef).

To make sure that you know about all of the goings-on at The Loft, I'd encourage you to sign up for email alerts. We'll let you know when the doors are open, and we'll send you the information that you'll need to plan your visit(s).

-- Jeff;

ProgrammableWeb: APIsTime and Date Daylight Saving Time (DST) Worldwide

With Daylight Saving Time Worldwide API, developers can manage dates, times and zone changes in multiple countries. This service is featured in Time and Date, a company based in Norway that informs users about the world clock, calendars, weather, astronomy and time zones. Particularly with this company, developers can create applications at no cost, but if the goal is to use over 10,000 requests, they could purchase a package available on the site. With this API, partners can retrieve information of recognized parameters such as year, country, lang, listplaces, and timechanges. They also can access responses and examples in JSON and XML protocols.
Date Updated: 2014-08-22
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsTime and Date Astronomy

Time and Date is a company based in Norway that offers time zones, calendars, weather, the world clock and astronomy information. This service provides free clocks, free countdowns and APIs at no cost. One of the applications featured in the site is the Astronomy API that is valuable to establish times for sun and moon, day length and moon phases. This API about astronomy could be useful for developers who work with JSON and XML formats because examples in both languages can be found on the site. Besides the samples, developers can find responses of locations and recognized parameters. Packages with additional requests available for purchase.
Date Updated: 2014-08-22
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsCycling Analytics

Cycling Analytics is a software for cyclists. With a bike, a heart rate monitor, a device and an account, cyclists can monitor performance on the road. The main value of this API could be the convenience to display data from a user oriented perspective. Developers who work with health apps, sport apps and even medical apps could benefit from this service because they will have access to laps, geographical locations and histograms. With this in mind, they could measure a user strength to improve health. This API is about analytics for cyclists. The steps to follow are available on the site, where developers can access preliminary remarks, development status, OAuth 2.0, HTTP methods, parameters, responses, examples and endpoints.
Date Updated: 2014-08-22
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsAddLingo

Localize Direct is a software as a service company that offers localization for game developers. The organization has launched AddLingo, a cloud based SaaS that could help developers to create application and games more efficiently. AddLingo API is about localization for apps and games. The API supports JSON format and requires a key for authentication. As developers explore the site, they will find the element page along with 19 child pages with classification names, required parameters and descriptions.
Date Updated: 2014-08-22
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsSpace Telescope Science Institute

The Space Telescope Science Institute features the Barbara A. Mikulski Archive for Space Telescopes. To create an application related to science, astronomy, data and telescopes developers can visit MAST Web Services, where they can find HTTP GET requests, script examples, mission searches, general search parameters, simple cone search and SOAP services. The API about science search aims to provide complete information for developers, who can explore multiple examples and can work with PHP, Python, Unix Shell and IDL languages. With this API, users could display and reorganize scientific data stored in archives. E-mail is available to start application development.
Date Updated: 2014-08-22
Tags: [field_primary_category], [field_secondary_categories]

David MegginsonHashtags and data standards

Link: Introducing HXL hashtags for humanitarian data

In my 16 years working with data standards, I’ve found that standards almost always ask for too much and end up getting little or nothing. If we asked for less, might we get more? Do data standards have to be tightly-managed and dirigiste, or could we learn from the success of hashtags and other simple, collaborative approaches?

The blog post linked above describes the approach we’re taking in the multi-agency Humanitarian Exchange Language (HXL) initiative to help improve data-sharing during humanitarian crises — please take a look and let us know what you think. You can also visit our HXL Showcase site to see interactive examples of how you can analyse and visualise examples of real humanitarian datasets with HXL tags added (the public-domain source code is available on GitHub).


Amazon Web ServicesDISA Authorizes AWS as First Commercial Cloud Approved for Sensitive Workloads

I am happy to be able to announce that AWS has achieved the first DoD Provisional Authorization under the DoD Cloud Security Model's at security impact levels 3-5! AWS previously received a DoD Provisional Authorization for security impact levels 1-2. This new Authorization covers AWS GovCloud (US) and DoD customers can now move forward with their deployments of applications processing controlled and for official use only unclassified information. As part of the Level 3-5 Authorization, our partners and DoD customers will be able to implement a wide range of DoD requirements necessary to protect their data at these levels, including AWS Direct Connect routing to the DoD's network, comprehensive computer network defense coverage, and Common Access Card (CAC) integration.

In March, AWS announced its compliance with security impact levels 1-2 for all AWS Regions in the US, demonstrating adherence to hundreds of controls. With this authorization, we have provided a means for DoD customers deploy applications at levels 3-5. DoD customers with prospective Level 3-5 applications should contact the ECSB to begin the deployment process.

With today's announcement, DoD agencies can leverage the AWS Provisional Authorization for security impact levels 1-2 and AWS GovCloud.s Provisional Authorization at levels 3-5 to evaluate AWS for their unclassified applications and workloads, achieve their own authorizations to use AWS, and transition DoD workloads into the AWS environment. DoD components and federal contractors can immediately request DoD compliance support by submitting a FedRAMP/DoD Compliance Support Request and begin to moving through the authorization process to achieve a DoD ATO for Levels 1-5 with AWS.

-- Jeff;

Anne van Kesteren (Opera)registerProtocolHandler() & registerContentHandler()

At Mozilla we are looking at making more parts of the web platform pluggable by web applications so I had a look at the current state of registerProtocolHandler() and friends. The goal behind this feature is to make mailto URLs play nice with Yahoo! Mail, Gmail, etc. Or in other words, it makes navigation extensible.

The state of this feature is rather poor. It is only supported by Chromium and Gecko. Chromium also supports unregisterProtocolHandler(). Neither Gecko nor Chromium support isProtocolHandlerRegistered().

Perhaps if we implement the missing methods and improve the user interface around it this will see somewhat wider adoption. However, to make the interface really work we would have to have built-in knowledge about each URL scheme. As users really have no concept of that. Firefox uses “Add title (domain) as an application for scheme links?” which even for mailto is probably confusing. Chrome seems a little better, using “Allow domain to open all type links?” For the mailto scheme it uses email as type.

(There is also registerContentHandler() which is for making the bit pluggable where your browser has no idea what to do with the resource it just retrieved. This is only supported by Gecko and only for feed-related MIME types.)

If you have any great user interface ideas let me know! I thought I would share the above since I could not find a decent summary anywhere else.

ProgrammableWeb: APIsAnyMeeting

The AnyMeeting API offers clients access to a scalable business videoconferencing solution. Developers can access the AnyMeeting API to share data and programmatically interface with presentation and communication modes. The conferencing platform is made available for integration with web, video, and phone. Through the AnyMeeting API, partners gain access to screensharing, multi-party video sharing, phone based conferencing, webinars, and recording features.
Date Updated: 2014-08-21
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIscloudXLS

The cloudXLS API accepts a CSV file and converts into an XLS or XLSX spreadsheet. It can also receive an XLS or XLSX file to be reformatted into an existing spreadsheet. Templates exist for creating more sophisticated spreadsheets that generate graphical components. Default responses come in JSON with a URL for direct download.
Date Updated: 2014-08-21
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsBoomerang.io

The Boomerang.io API makes setting up reminders for webhooks very easy. Developers can use the Boomerang.io API service to set notifications to trigger webhooks to then perform additional events. 100 Boomerang requests per month is free, and fees are applied for higher volume rates.
Date Updated: 2014-08-21
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsSheetlabs

Sheetlabs is an API creation, documentation, and hosting service that allows the creation of easy to implement APIs. Using Sheetlabs, users can upload spreadsheets in CSV, XLS or XLSX formats or input via Google spreadsheets to create APIs accessible via JSON protocols. With customizable returns, the APIs are easy to implement and integrate into a variety of languages. Their sample API "ACME / getDomain" returns a list of the 100 oldest registered web domains. When making a request to Sheetlabs, the account username and password are used as access tokens.
Date Updated: 2014-08-21
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsRibbon BIN List

The BIN List API by Ribbon is a Bank Identification Number (BIN) lookup service. The API accepts a simple HTTP request with the last 6 digits of a credit or debit card and returns information on the baking institution associated with the card. The BIN lookup service can also assist in distinguishing between debit and credit, tracking international payees, and processing verification. The BIN List API is hosted by Ribbon, a mobile to mobile payment provider.
Date Updated: 2014-08-21
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsVibe

Vibe API is a simple service that accepts an email as an input and will return rich data on a user. The returned information is sourced from many open databases and includes location data, past job experience, recent social activity and links to accounts, an automated short biography, and more. The app also returns meta classifications on interests and tastes to give a general personality overview. Developers can visit the documentation page to find out how to register for an API key. The service is currently in beta mode with a limited number of signups.
Date Updated: 2014-08-21
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsPhantomJs Cloud

With PhantomJs Cloud, users can collect visualized data from a Javascript website. The main value to use PhantomJs Cloud API may be the variety of formats to render webpages such as HTML, PDF, JPEG, PNG or JSON. Developers who work with large amounts of data and multiple sites can benefit from this API that requires a key to confirm user access. The API is about screen-scrape. Some of the resources featured in the website include endpoints, parameters, responses, requests, demos and models. PhantomJs Cloud is a SaaS at no cost for up to 10,000 pages a day. To connect with support, developers can give feedback or ask for help in the website. In the community forum, they can ask questions and request new features.
Date Updated: 2014-08-21
Tags: [field_primary_category], [field_secondary_categories]

Amazon Web ServicesNew SSL Features for Amazon CloudFront - Session Tickets, OCSP Stapling, Perfect Forward Secrecy

You probably know that you can use Amazon CloudFront to distribute your content to users around the world with a high degree of security, low latency and high data transfer speed. CloudFront supports the use of secure HTTPS connections from the origin to the edge and from the edge to the client; if you enable this option data travels from the origin to your end users in a secure, encrypted form.

Today we are making some additional improvements to the performance and security of CloudFront's SSL implementation. These features are enabled automatically and work with the default CloudFront SSL certificate as well as custom (SNI and Dedicated IP) SSL certificates.

Performance Enhancements
We have improved the performance of SSL connections with the use of Session Tickets and OCSP Stapling. Both of these features are built in to the SSL protocol and you don't have to make any code or configuration changes in order to use them. In other words, you (and your users) are already benefitting from these improvements.

SSL Session Tickets - As part of the SSL handshake process, the client and the server exchange multiple packets as part of a negotiation ritual that results in agreement to use a particular encryption model (cipher) and certificate. This process entails multiple round trips and a fair amount of computation on both ends which adds some latency to the connection process. This process has to be repeated if the connection is broken. To avoid some of this rigmarole while keeping the connection secure, CloudFront now implements SSL Session Tickets. After the negotiation is complete, the SSL server creates an encrypted session ticket and returns it to the client. Later, the client can present this ticket to the server as an alternative to a full negotiation when resuming or restarting a connection. The ticket reminds the server of what they have already agreed to as part of an earlier SSL handshake.

OCSP Stapling - An SSL certificate must be validated before it can be used. The certificate authority (CA) for the certificate must be consulted in order to ensure that the certificate is legitimate and that it has not been revoked. In the absence of support for OCSP Stapling, the client (e.g. a web browser) will take care of this interaction with the CA, once again at the cost of some round trips and the associated latency they bring. CloudFront now implements OCSP Stapling. This approach moves the burden of domain name resolution (to locate the CA) and certificate validation over to CloudFront, where the results can be cached and then attached (stapled, hence the name) to one of the packets in the SSL handshake. The clients no longer need to handle the domain name resolution or certificate validation and benefits from the work done on the server.

Security Enhancements
We have added support for Perfect Forward Secrecy and newer SSL ciphers.

Perfect Forward Secrecy - This feature creates a new private key for each SSL session. In the event that a private key for a session was discovered, it could be used only to decode that session and no other, past or future.

Newer Ciphers - CloudFront now supports a set of advanced RSA-AES ciphers. The server and the client agree on a cipher automatically as part of the SSL handshake process.

Available Now
These new features are available now at no extra charge and you may already be using them today! See the CloudFront Pricing page for more information.

-- Jeff;

Jeremy Keith (Adactio)Security for all

Throughout the Brighton Digital Festival, Lighthouse Arts will be exhibiting a project from Julian Oliver and Danja Vasiliev called Newstweek. If you’re in town for dConstruct—and you should be—you ought to stop by and check it out.

It’s a mischievous little hardware hack intended for use in places with public WiFi. If you’ve got a Newstweek device, you can alter the content of web pages like, say, BBC News. Cheeky!

<iframe height="180" src="http://www.youtube.com/embed/-Oig5BTGhcc" width="320"></iframe>

There’s one catch though. Newstweek works on http:// domains, not https://. This is exactly the scenario that Jake has been talking about:

SSL is also useful to ensure the data you’re receiving hasn’t been tampered with. It’s not just for user->server stuff

eg, when you visit http://www.theguardian.com/uk , you don’t really know it hasn’t been modified to tell a different story

There’s another good reason for switching to TLS. It would make life harder for GCHQ and the NSA—not impossible, but harder. It’s not a panacea, but it would help make our collectively-held network more secure, as per RFC 7258 from the Internet Engineering Task Force:

Pervasive monitoring is a technical attack that should be mitigated in the design of IETF protocols, where possible.

I’m all for using https:// instead of http:// but there’s a problem. It’s bloody difficult!

If you’re a sysadmin type that lives in the command line, then it’s probably not difficult at all. But for the rest of us mere mortals who just want to publish something on the web, it’s intimidatingly daunting.

Tim Bray says:

It’ll cost you <$100/yr plus a half-hour of server reconfiguration. I don’t see any excuse not to.

…but then, he also thought that anyone who can’t make a syndication feed that’s well-formed XML is an incompetent fool (whereas I ended up creating an entire service to save people from having to make RSS feeds by hand).

Google are now making SSL a ranking factor in their search results, which is their prerogative. If it results in worse search results, other search engines are available. But I don’t think it will have significant impact. Jake again:

if two pages have equal ranking except one is served securely, which do you think should appear first in results?

Ashe Dryden disagrees:

Google will be promoting SSL sites above those without, effectively doing the exact same thing we’re upset about the lack of net neutrality.

I don’t think that’s quite fair: if Google were an ISP slowing down http:// requests, that would be extremely worrying, but tweaking its already-opaque search algorithm isn’t quite the same.

Mind you, I do like this suggestion:

I think if Google is going to penalize you for not having SSL they should become a CA and issue free certs.

I’m more concerned by the discussions at Chrome and Mozilla about flagging up http:// connections as unsafe. While the approach is technically correct, I fear it could have the opposite of its intended effect. With so many sites still served over http://, users would be bombarded with constant messages of unsafe connections. Before long they would develop security blindness in much the same way that we’ve all developed banner-ad blindness.

My main issue—apart from the fact that I personally don’t have the necessary smarts to enable TLS—is related to what Ashe is concerned about:

Businesses and individuals who both know about and can afford to have SSL in place will be ranked above those who don’t/can’t.

I strongly believe that anyone should be able to publish on the web. That’s one of the reasons why I don’t share my fellow developers’ zeal for moving everything to JavaScript; I want anybody—not just programmers—to be able to share what they know. Hence my preference for simpler declarative languages like HTML and CSS (and my belief that they should remain simple and learnable).

It’s already too damn complex to register a domain and host a website. Adding one more roadblock isn’t going to help that situation. Just ask Drew and Rachel what it’s like trying to just make sure that their customers have a version of PHP from this decade.

I want a secure web. I’d really like the web to be https:// only. But until we get there, I really don’t like the thought of the web being divided into the haves and have-nots.

Still…

There is an enormous opportunity here, as John pointed out on a recent episode of The Web Ahead. Getting TLS set up is a pain point for a lot of people, not just me. Where there’s pain, there’s an opportunity to provide a service that removes the pain. Services like Squarespace are already taking the pain out of setting up a website. I’d like to see somebody provide a TLS valet service.

(And before you rush to tell me about the super-easy SSL-setup tutorial you know about, please stop and think about whether it’s actually more like this.)

I’m looking forward to switching my website over to https:// but I’m not going to do it until the potential pain level drops.

For all of you budding entrepreneurs looking for the next big thing to “disrupt”, please consider making your money not from the gold rush itself, but from providing the shovels.

ProgrammableWeb: APIsOmega Ricochet

RacoWireless offers a collection of communication management tools with their DevCloud and Omega Management Suite. The platform is designed to increase interoperability between IoT devices with RESTful API integration. The RacoWireless Omega Management Suite & DevCloud processes are handled by the Omega Richochet API, enabling the ability for device management and acces to rich device data and statistics through SOAP protocols.
Date Updated: 2014-08-20
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsUber

Using the Uber API, developers can integrate the power of Uber into 3rd party applications. Calls to the API can be made to request information on available car types, driver location expressed in geo-coordinates, time estimates, estimated prices (including currency conversion when applicable), as well as user account history and activity. The Uber API documentation describes deep linking techniques to programmatically launch the native app from iOS or Android, or the Uber mobile site from mobile web. The API comes with a detailed style guide and asset package for implementing licensed brandings. The Uber API Affiliate program grants cash and issues Uber credits for new user onboarding through a 3rd party app.
Date Updated: 2014-08-20
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsProduct Hunt

Product Hunt is a service that helps a user discover new apps, tech creations, hardware, and even job listings. Their website allows a user to login to add products and use an upvote system to rank products and showcase new trends. Their API, currently in sign-up phase, will allow developers to access their data on file to create 3rd party applications and web services. As release is TBA, this profile is pending further updates.
Date Updated: 2014-08-20
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsInteractive Chart

Markit on Demand's Interactive Chart API is for displaying the historical value of a company’s stock. The response contains end-of-day historical price information for companies traded on the BATS Exchange in the U.S. The response can include datasets containing open-high-low-close (OHLC) values, volume, Simple Moving Average (SMA), labeling helpers, coordinates and more.
Date Updated: 2014-08-20
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsStock Quote

Markit on Demand's Stock Quote API is useful for finding the current value of a company’s stock. The response of this API contains price information for companies traded on the BATS Exchange in the United States. The result set includes BATS’ most current trading price of the share, the volume of that company’s stock, the change and change percent since the previous day’s close, and more.
Date Updated: 2014-08-20
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsCompany Lookup

Markit on Demand's Company Lookup API is used for finding the stock ticker or symbol a company’s stock is traded with. The API response includes the company’s symbol, its full name, and the exchange it’s traded on.
Date Updated: 2014-08-20
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsIntention Analysis

Intention Analysis allows users to identify inquiries, expressions of immediate needs, complaints or frustration in social media messages. It allows users to filter out marketing messages from Twitter and identify only messages of value to B2B sales and marketing teams.
Date Updated: 2014-08-20
Tags: [field_primary_category], [field_secondary_categories]

Anne van Kesteren (Opera)DOM: attributes sadness

I have been reinstating “features” related to attribute handling in DOM. We thought we could get rid of them, but usage counters from Chrome and compatibility data from Gecko showed we could not. This is very sad so I thought I would share the pain.

A simple design for attributes would consist of each having a name and a value (both strings) and a simple map-like API on every element would be sufficient to deal with them. The getAttribute(name), setAttribute(name, value), and removeAttribute(name) methods. As well as a way to iterate through the names and values.

However, back in the day getAttribute(name) was required to return the empty string rather than null for a missing attribute, so hasAttribute(name) also exists. Fixing the specification to make getAttribute() return null was highly controversial back then. I even misguidedly ranted against developers who were making use of this feature as it prevented Opera from becoming standards compliant. “Please leave your sense of logic at the door, thanks!” was not a popular phrase back then.

Unfortunately namespaced attributes are a thing. And instead of simply adding a namespace field to our existing name and value, a namespace, namespace prefix, and local name field were added. Indeed, the local name is not necessarily equal to the name of an attribute. The idea was to have some kind of modality where before namespace and after namespace attributes would not really interact. That never happened of course. To deal with namespaces we have getAttributeNS(namespace, localName), setAttributeNS(namespace, name, value) (indeed, name, not localName, so bad), removeAttributeNS(namespace, localName), and hasAttributeNS(namespace, localName).

The real kicker is that the first four methods ignore the namespace fields, but can create attributes you cannot access with the *NS methods. There is no universal attribute API, though if you stay clear from namespaces everywhere you are probably mostly fine (except perhaps with SVG and such).

This was still too simple. There is also attributes which returns a NamedNodeMap (only used for attributes these days). And hasAttributes() which can tell you whether that map is empty or not. These two used to be on all nodes (to limit the amount of casting in Java), but we are moving them to element since that is where they make sense. NamedNodeMap contains a collection of zero or more Attr objects so you can inspect their individual fields. The map has a length property, an item(index) method, and is implemented with some kind of JavaScript proxy so attributes.name works, as well as attributes[0]. Good times. Attr objects also allow manipulation of an attribute's value. Due to mutation observers this requires an element field on attributes to point back to the element the attribute belongs to. Namespace prefix also used to be mutable field, but fortunately this was poorly implemented and recently killed.

The real reason attributes are so complicated, and more complicated still, ignoring namespaces for the moment, are DTDs. The SGML crowd was not brave enough to cut the lifeline when they did XML. Then XML got popular enough to end up in browsers and the DOM. This meant that attributes cannot contain just text, but also entity references. And therefore attributes became a type of node. Entity references were really never implemented and we managed to remove that cruft from the platform fortunately. However, attributes are still a type of node.

The last things we are investigating is whether attributes can stop having child nodes and perhaps stop being a node altogether. Meanwhile, we had to add createAttribute(localName) on document, getAttributeNode(name), setAttributeNode(attr), and removeAttributeNode(attr) on element, and getNamedItem(name), setNamedItem(attr), and removeNamedItem(name) on NamedNodeMap back as sites use these. Oh wait, and all their *NS counterparts of course, bar removeAttributeNodeNS().

Added together, we have twenty-five methods to deal with attributes rather than three. And attributes require six internal fields rather than two. And this is assuming we can get rid of child nodes and attributes being nodes, both semi-implemented today.

Amazon Web ServicesAmazon SNS Update - Large Topics and MPNS Authenticated Mode

Amazon Simple Notification Service (SNS) is a fast and flexible push messaging service. You can easily send messages to Apple, Google, Fire OS and Windows devices, including Android devices in China (via Baidu Cloud Push).

Today we are enhancing SNS with support for large topics (more than 10,000 subscribers) and authenticated delivery to MPNS (Microsoft Push Notification Service).

Large Topics
SNS offers two publish modes. First, you can push messages directly to specific mobile devices. Second, you can create an SNS topic, provide your customers with a mechanism to allow them to subscribe to the topic, and then publish messages to the topic with a single API call. This mode is great for broadcasting breaking news, announcing flash deals, and announcing in-game events or new features. You can combine customers from different platforms in the same topic and you can send a specific payload to each platform (for example, one for iOS and another for Android), again in a single call. Suppose you have created the following topic:

With the ARN for the topic (arn:aws:sns:us-west-2:xxxxxxxxxxxx:amazon-sns) in hand, here's how you publish a message to all of the subscribers:

$result = $client->publish(array(
    'TopicArn' => 'arn:aws:sns:us-west-2:xxxxxxxxxxxx:amazon-sns',
    // Message is required
    'Message' => 'Hello Subscribers',
    'Subject' => 'Hello'
));

Today we are lifting the limit of 10,000 subscriptions per SNS topic; you can now create as many as you need and no longer need to partition large subscription lists across multiple topics. This has been a frequent request from AWS customers that use SNS to build news and media sharing applications.

There is an administrative limit of 10 million subscriptions per topic, but we'll happily raise it if you expect to have more subscribers for a single topic. Fill out the Contact Us form, select SNS, and we'll take good care of you!

Authenticated Delivery to MPNS
Microsoft Push Notification Service (MPNS) is the push notification relay service for Windows Phone devices prior to Windows 8.1. SNS now supports authenticated delivery to MPNS. In this mode, MPNS does not enforce any limitations on the number of notifications that can be sent to a channel in any given day (per the documentation on Windows Phone Push Mode, there's a daily limit of 500 unauthenticated push notifications per channel).

If you require this functionality for devices that run Windows 8.1 and above, please consider using Amazon SNS for Windows Notification Service (WNS).

-- Jeff;

ProgrammableWeb: APIsSimilarWeb Website Referrals

SimilarWeb Referrals API could be useful for developers who want to obtain the 10 main websites that will redirect activity to the principal domain in XML or JSON formats. This API can be valuable if developers have wondered which domains are redirecting traffic to a website, especially because it could predict a successful web stream. To start app creation, developers can visit SimilarWeb where they can find endpoints, parameters and examples along with contact information to access an API key.
Date Updated: 2014-08-19
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsSimilarWeb Website Traffic

To obtain a projected number of web visitors, developers can access SimilarWeb’s Traffic API which will display results in XML or JSON. This API is about traffic and it is valuable to monitor visitors' flow. From the amount of data to the number of visitors, this API could help developers to keep track of last month’s movement. With this API, developers could create an application not only to display usage, but also to improve future SEO strategies through web content and web placement. In the site, developers can find resources, support and features to create a successful application.
Date Updated: 2014-08-19
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsSimilarWeb Website Engagement

The Engagement API could be beneficial for developers who want to obtain 3 web engagement results when they access a website. Because this API is about engagement, developers could create applications with improved functionality and accessibility. The results will display in either XML or JSON. The metrics provided are average page views, average time on site, and bounce rate. API Key is needed. This API is about engagement and it is valuable to monitor device patterns. Developers can contact SimilarWeb via e-mail to have a better understanding about app creation practices.
Date Updated: 2014-08-19
Tags: [field_primary_category], [field_secondary_categories]

ProgrammableWeb: APIsSimilarWeb Website Search Keywords

SimilarWeb offers website and application analytics. The Search Keywords API could be useful for developers who want to obtain 3 keyword search results when they access a website. This API is about keyword search and it is valuable to measure search results for users who visit webpages from multiple mobile devices. To develop an app, developers can visit the site where they can find endpoints, parameters and examples.
Date Updated: 2014-08-19
Tags: [field_primary_category], [field_secondary_categories]

Norman Walsh (Sun)Upgrade complete

<article class="essay" id="content" lang="en">

All systems back to normal? Well, no, probably not. There's tremendous room for error...

All systems back to normal? Well, no, probably not. There's tremendous room for error when doing this sort of thing. I upgraded the hardware (new drives), the OS (Ubuntu 14) with all the numerous upgrades that implies, and MarkLogic (6 to 7).

But most things seem to be working.

Please report the errors of my ways as you encounter them.

#post  #downtime

This page was generated automatically from a post on Google+.

</article>

Footnotes

Updated: .  Michael(tm) Smith <mike@w3.org>