Cisco To Open-Source New Messaging Protocol

Esther Schindler writes "Do you use SOAP, CORBA or EJBs? You might want to take a look at Etch, writes James Turner for CIO.com. It's language-, platform- and transport-agnostic, and Cisco is planning to release it as open source. Certainly, it offers some technical benefits: 'In addition to a simplified configuration, Etch also promises less overhead over the wire, compared to SOAP. In a testbed environment where SOAP was managing around 900 calls a second, Etch generated more than 50,000 messages in a one-way mode, and 15,000 transactions with a full round-trip, company officials stated.' And the open source part? Cisco is in the process of deciding what license to use. 'The intent is to use a less restrictive license than GPL, perhaps Apache or Mozilla. This is to allow commercial developers to incorporate Etch into products without licensing issues. A final announcement on the licensing decision will be available in the next month.'"

I'm 2 n00b

[FurtiveGlancer (1274746)]

Someone please add the tag 'suddenoutbreakofcommonsense' to cover the licensing decision.

Re:

[jhines (82154)]

I'm not fluent in the language, but there has to be a word in Yiddish for just this.

GPL

[by Anonymous Coward]

Glad to see more and more companies moving away from GPL, understanding that it will only limit the potential adoption. As a highly respected registered member of the Slashdot community, I'm posting as AC as this post will very likely be modded troll.

Re:GPL

[Shadow-isoHunt (1014539)]

You care too much about your karma - regardless of if your post is being sarcastic or not - say what you mean and mean what you say, stand behind it because we won't believe an AC anyways.

Re:

[whatever3003 (536979)]

Coward. Your priorities show a distinct lack of strength in your convictions.

Re:GPL

[superskippy (772852)]

Sorry to feed the troll, but the point of the GPL is not to increase adoption. Your absolutely right to say that other licenses will lead to greater adoption- but this is adoption by people who may take, take, take and not give back.
Besides, it sounds like LGPL is what's needed in this case, anyhow.

Re:GPL

[Teckla (630646)]

Sorry to feed the troll, but the point of the GPL is not to increase adoption. Your absolutely right to say that other licenses will lead to greater adoption- but this is adoption by people who may take, take, take and not give back.

The company I work for sells closed source software. We also use some open source software (not GPL) in the product.

We contribute back to the open source we use because it's more sensible. Adding the same features back in again and again would be counterproductive. We'd rather they get added to the open source project permanently.

We have a blanket ban on using GPL'd source, though. We can't afford to GPL our entire 20 million line software stack, which would be the result of using even a tiny bit of GPL code.

Try to understand that not everyone loves the GPL and not everyone that doesn't love the GPL is a troll.

Now it's my turn to get modded into oblivion for not being fond of the GPL. Sigh.

Re:

[Kjella (173770)]

We contribute back to the open source we use because it's more sensible.

Well, the positive side is that you're contributing something. But I'd rather say that as "We contribute back to the open source we use only when it's more sensible". That means trivial fixes, basic features and other things that doesn't threaten your business and is cheaper to "outsource" the maintenance on. Any time it's major features, more specific layers to the business you're in that could make it easier to produce a software stack like yours, most decide to pile it up on their 20 MLOC proprietary pi

Re:

[Ian Alexander (997430)]

Sorry to feed the troll, but the point of the GPL is not to increase adoption. Your absolutely right to say that other licenses will lead to greater adoption- but this is adoption by people who may take, take, take and not give back.

The company I work for sells closed source software. We also use some open source software (not GPL) in the product.

We contribute back to the open source we use because it's more sensible. Adding the same features back in again and again would be counterproductive. We'd rather they get added to the open source project permanently.

We have a blanket ban on using GPL'd source, though. We can't afford to GPL our entire 20 million line software stack, which would be the result of using even a tiny bit of GPL code.

Try to understand that not everyone loves the GPL and not everyone that doesn't love the GPL is a troll.

Now it's my turn to get modded into oblivion for not being fond of the GPL. Sigh.

Is that really so? I thought the GPL only "infected" if you had to link against the GPL'ed code. Or is your codebase that... interconnected? And what about LGPL? Inquiring minds want to know!

Re:GPL

[ruin20 (1242396)]

I've never met a GPL code developer who released his code under GPL because he was forced.

I support GPL because I believe if something is important it should be codified and that if you develop something for the community you should protect it for the community. But that doesn't mean that releasing something under an FOSS license without a "recontribute/openness" clause doesn't mean that there won't be active community development. Something built on and from sharing will always foster more sharing, it's an issue of principal.

Re:

[bendodge (998616)]

Then go meet the folks who made the original Cisco/Linksys WRT54G!

Re:

[daffmeister (602502)]

That's because you've only met people similar to you. It's pretty normal to mostly encounter others of a like nature.

However, there are plenty of groups out there who would quite happily take GPL code and add it to a closed source app, if the licence allowed them (and some that will do so even against the licence). Just because you haven't personally met them, doesn't mean they don't exist.

Re:

[BrainInAJar (584756)]

The issue isn't closed source apps taking GPL code, there's a real problem with open-source projects that can't take GPL code ( openbsd, opensolaris, etc )

Re:

[Cyclops (1852)]

OpenBSD doesn't want to take GPL'ed code. They can, but they don't want to.

They are perfectly fine to include it (and they do include GCC, for instance), and even link to it (but then the derived work will have to be GPL'ed and they don't want that).

And some projects have the problem in the inverse direction. Linux can't benefit from dtrace except in design principles.

Or even the fantastic ZFS.

Oh well, I guess it's all down to the same premise: if you don't want/can't use it, then stop bitching and go write

Re:

[Cyclops (1852)]

Except that giving a "BSD exception" to the GPL would make the point of the GPL kind of moot.

The GNU GPL is there to make sure every single user of GPL'ed code has the 4 software freedoms.

The BSD's only make sure for the first recipient.

I'm not claiming the first is better than the second (although I believe so), just that their purposes are different enough to make it a childish request instead of coding your own version like a real man.

Re:

[nahdude812 (88157)]

Under such a scenario, when the majority of source files in a BSD project contain a snippet of GPL code, and that project can no longer build without those GPL snippets, then the project is effectively GPL since the GPL code has become inseparable from the BSD code.

Or else the exemption allows the code to become relicensed as BSD when included in a BSD project - then I can start a "GNU/Linux/BSD" project which is simply a repackaging of regular GNU/Linux under a BSD license.

It's not the place of the GPL to

Re:

[unix_core (943019)]

If it's not going to be kept free, then what significant benefits are there of it being adopted?

Imagination

[CarpetShark (865376)]

More and more companies moving away from GPL? That's a strange conclusion, considering that it's probably had the fastest growing mindshare an uptake of any software license, ever, and that GPLv3 is proving very popular already with new projects and migrations.

There's absolutely no ethical reason to choose a less restrictive license over the GPL. The only thing the GPL restricts is the ability to restrict others. THAT is possibly a reason to avoid it, since, for example, I would like to prevent military

Re:Imagination

[Timothy Brownawell (627747)]

There's absolutely no ethical reason to choose a less restrictive license over the GPL.

That depends on who you ask.

The only thing the GPL restricts is the ability to restrict others.

Funny thing is, it isn't possible anyway to "restrict others" in that fashion without their cooperation (buying/downloading your software). It restricts the choices available to the end user by causing certain products to not exist.

Re:

[PopeRatzo (965947)]

There's absolutely no ethical reason to choose a less restrictive license over the GPL.

Now why you wanna go and bring ethics into this when people are trying to make more money than the next guy?

Don't you know it's all about growthfaster?

I bet we can name at least one company that's happy about this sudden outbreak of openness at the expense of GPL.

Re:

[kripkenstein (913150)]

Glad to see more and more companies moving away from GPL, understanding that it will only limit the potential adoption. As a highly respected registered member of the Slashdot community, I'm posting as AC as this post will very likely be modded troll.

Don't exaggerate.

Sometimes the GPL is the right license, sometimes it isn't. Sometimes it increases adoption (Linux kernel), sometimes it doesn't.

In this case, a messaging protocol, the natural license is indeed not the GPL. Better ideas are Apache, BSD, LGPL, etc.

Re:

[Timothy Brownawell (627747)]

Sometimes it increases adoption (Linux kernel), sometimes it doesn't.

How do we separate the effect of the license from the effect of the development methodology? Or in this particular case, from the old BSD/ATT disputes?

Re:

[BrainInAJar (584756)]

Sometimes it increases adoption (Linux kernel), sometimes it doesn't." Actually I'd argue that Linuxes adoption is despite the GPL, not because of it. Linux was at the right place ( free, on commodity hardware ) at the right time ( BSD being sued by AT&T , commercial UNIX licensing fees skyrocketting to a ridiculous level ) and that's it.

Distributed computing.

[William Robinson (875390)]

Having developed many solutions using CORBA and SOAP, I welcome better solutions. Not sure though how it is going to resolve the problems we faced with CORBA and SOAP both?

SOAP could be easily integrated over current HTML based networks without need to make hole in firewall. But it was pig slow and designing stateful services was painful.

CORBA offered more technical challenges viz, complexity, version control, fault tolerance (not that a SOAP HA services is piece of cake, but I don't want anybody to go

Re:Distributed computing.

[gbjbaanb (229885)]

Both those protocols suffer from 1 problem: bloat. The reason they're bloated and inefficient is because a committee decided how and what to add to the protocol once it was initiated, and we all know how well that works out.

SOAP was a 'quick and dirty solution (by Don Box IIRC) to (apart from getting a job at MS :) ) transfer COM calls over a http tunnel instead of the usual DCE-RPC tunnel, and it worked well when you only wanted to send a request to an object. Obviously, it has to have a webserver on the other end which slows it down tremendously, and then they added support for all kinds of complex types and a large schema as well. I'm surprised it works at all after seeing the raw WSDL code!

CORBA... designed by committee to do everything including transport kitchen sinks.

Since I've been working in the industry there is a tendency for supposedly bright people to take something simple and 'make it a general purpose solution' or 'implement some framework features' which nearly always breaks it into a bloated POS far removed from the original, simple, easy to use, and effective solution.

I welcome Cisco's new protocol, I don't care if it doesn't do everything I might possibly ever want to do, as long as it does the majority of my work quickly and simply. I can work around the edge cases myself, possibly even (gosh!) redesigning the way those edge cases work.

ZeroC's ICE

[bheer (633842)]

It'll be interesting to compare Etch to ICE [zeroc.com], which is a GPL'd open-source, cross-language RPC toolkit (you can buy commerical licenses too). It's quite widely used by banks and is generally reckoned to be speedy.

Re:

[Eric^2 (33085)]

Their standard quoted price is $10K for unlimited royalty-free distribution, but they are *VERY* willing to work with you to price the product correctly for your product. Don't discount that number if you have a commercial application. Negotiating a percentage of sales opposed to writing your own communications subsystem is really a no-brainer.

He wrote this article on his PDA

[by Anonymous Coward]

looking at the width
of the column in the
article, and cio.com
wonders why nobody
visits their site
and so they have to
pimp their ad-laden
site on Slashdot in
a sure sign of des-
peration. Click next
to continue.

Um, what?

[Timothy Brownawell (627747)]

How does one "open source" a protocol? There's no source to open, just a specification.

*reads article*

Ah, it's actually a set of libraries that use a new protocol.

Re:Um, what?

[RodgerDodger (575834)]

You open-source a protocol by providing a specification with no attached IP rights, such as patents covering the protocol. A reference implementation kind of helps, too.

Re:Um, what?

[Timothy Brownawell (627747)]

Wouldn't that be "open spec" instead of "open source", with the open source reference implementation being a separate issue?

Re:

[by Anonymous Coward]

Not all open specifications are freely licensed. The MPEG specifications are open, for instance, but you need to pay a license fee to use them.

I think we really need to come up with a better term for this, or narrow the definition of an open specification.

CORBA was shit. SOAP not much better.

[by Anonymous Coward]

All of these distributed technologies have been shit. CORBA was absolutely hell to develop with. Besides the runtime performance problems, development was always a huge hassle. It rarely just worked. J

Java's RMI was slightly better. But again, the development overhead was huge. Generating proxy and stub classes becomes a chore really quickly, and debugging becomes a real challenge.

SOAP was a little bit better than CORBA and Java RMI. At least writing the object layer code is a far more reasonable task. The performance, though, was complete shit compared to Java RMI and Corba. Whatever development time you saved initially in writing the SOAP interfacing code was instead spent trying to optimize what you had so that it wouldn't perform so fucking horribly.

In some ways, I hope that Cisco can do better. But I really don't know if that's possible. It may just be the nature of the beast that these sort of technologies perform poorly, are slow to develop, and are often nothing more than a huge hassle.

Re:

[RAMMS+EIN (578166)]

I think the problem with all of these is that they consist of too much hype and too little sense. Also, a lot of them are horribly over-engineered.

Taking SOAP as an example, because that's the one I know best. What you need is some way to communicate data to another party. What you get is something that does that, but in about the most verbose and latency-sensitive way imaginable. Yes, it's standards-based, which is a Good Thing, and it's human-readable, which is also advantageous.

On the other hand, the sta

Hurrah!

[superskippy (772852)]

Just what the world needs! Another remote procedure protocol!
Maybe Unix RPC, Corba, XML-RPC, SOAP, DCOM, DCOP and XPCOM were not enough already?
Seriously, the problem in this space is that:

1. Rather than working together on one RPC protocol that might not be 100% suitable for all uses, people just get the hump and start their own. Hello? These things are supposed to be interoperable! How does starting thousands of incompatible protocols achieve this?
2. Some of the above protocols only work well under certain

Cisco, Please use the LGPLv3 license.

[NZheretic (23872)]

Releasing the implementation library under a LGPL license will still allow for the functionality to be incorporated ( via dynamic linking ) into any proprietary product. The LGPL will insure the availability of the source code and downstream legal reuse rights of Cisco's implementation to downstream recipients.

The LGPL is the only license that will insure that at least that Cisco's implementation of the protocol can not be easily extended in an inoperative manner.

Given the timespan that Cisco expects the protocol to be in use, version 3 of the LGPL is the best option.

Re:Cisco, Please use the LGPLv3 license.

[Richard_at_work (517087)]

Sod the libraries, license them however you wish - give us full and unfettered access to the specifications so those of us that wish to produce a BSD licensed or Public Domain set of libraries can do so. Don't assume that any license you choose for the libraries today will be good enough for everyone tomorrow.

Microsoft's Kerberos

[NZheretic (23872)]

A purely public domain release of the specs will just lead to a repeat of the history of Kerberos. See Kerberos, PACs And Microsoft's Dirty Tricks [slashdot.org], along with almost every other protocol that Microsoft chooses to "extend" in an inoperable manner and lock out via both trade secret and incompatible patent licensing schemes.

Re:

[Richard_at_work (517087)]

So? That's called 'Freedom'. I'd rather have too much of it than too little.

Re:

[Timothy Brownawell (627747)]

"Here's the spec, do whatever you want with it, but you can only use our name for it if you pass this huge test suite."

Re:

[Froqen (36822)]

A test suite wouldn't have helped. Win2k worked just fine with normal kerberos as a client and as a server [microsoft.com]. The problem was that if you wanted to deal with domain based groups you needed an extension, something that MSFT wasn't intrested in letting people have for free.

Ice?

[IamTheRealMike (537420)]

Other than license, how does this compare to ZeroCs Iceï¼Y Does anybody know? I've played with Ice before and it's very well done, although I remain to be convinced of the value of remote object references in a distributed system.

This is an improvement?

[Pedrito (94783)]

Can someone explain how 900 calls generating 50,000 messages/15,000 transactions is better than what SOAP does? I'm not terribly familiar with how SOAP works, so please excuse my ignorance, but it seems to me that 2 messages per synchronous call and 1 for an async call would not only be ideal, but fairly straight-forward.

Re:

[smoker2 (750216)]

Way to go !
Most people just don't RTFA, but you skipped a percentage of the words in the summary too !
"In a testbed environment where SOAP was managing around 900 calls a second, Etch generated more than 50,000 messages in a one-way mode, and 15,000 transactions with a full round-trip"
15000 > 900
Now do you see ?

Re:This is an improvement?

[AlXtreme (223728)]

Most people just don't RTFA, but you skipped a percentage of the words in the summary too !
"In a testbed environment where SOAP was managing around 900 calls a second, Etch generated more than 50,000 messages in a one-way mode, and 15,000 transactions with a full round-trip"

Flaming the GP isn't correct in this case, the summary is ambiguous. There is a difference between managing calls and generating messages, as a single call can generate multiple messages.

A correct summary would have been to compare the amount of calls a second both SOAP and Etch can handle, or the amount of messages/transactions required for a fixed number of calls. But I think the PR-drone that wrote up the article did so knowingly to put SOAP in a bad light.

Or are you simply being sarcastic? If so: WOOOOOSH!

Re:

[Pedrito (94783)]

Now do you see ?

Actually, yes I do. It was, I suppose, the way it was worded, that made it confusing for me.

My mis-interpretation was that where SOAP was making 900 calls, etch was generating 50,000 messages or 15,000 transactions from those 900 calls. The comparison, unless you really understand the mechanics underneath and what transactions vs. messages vs. calls means, seems very apples and oranges...

I guess it would have made a lot more sense to say, "where SOAP was managing 900 calls a second, Etch wa

What I want from Cisco...

[Midnight Thunder (17205)]

Is for them to finally document the extensions that are using to IPSEC. If you don't have Windows and the Cisco router is using firewall requirements, then only MS-Windows is capable of connecting. This is not implemented for other platforms - at least this what I found with Linux and MacOS X. The guys working on vpnc [uni-kl.de] are almost doing a better job with their client, but they still need more information to add the firewall compatibility.

Re:

[K. S. Kyosuke (729550)]

Might be, but you are totally off-topic here. This article is about doing this [wikipedia.org] ober network, which has nothing to do with Instant Messaging, save for the fact that some information transfer is involved. IIRC, there are things like XEP-0072, that allow for application data messaging over XMPP, but these are also not exactly of interest to most Jabber users, and if they require server extensions, well, you'll be out of luck with using "popular services" }the public ones?] to transfer such data.

Re:

[gbjbaanb (229885)]

Unfortunately, (and even if this is not true, but perception makes it so) if you use some GPL code in your project, your project must be released under the GPL.

So commercial projects do not use GPL code at all, never, ever ever. Which is a shame as some of it is very good :)

Now, if there was a licence that said "all the code in this package is GPL, if you use any of it you're bound to releases any changes you make to the code in this package only. Linked/compiled/merged/etc etc code that you add to it does

Re:

[abigor (540274)]

Do you honestly think Debian is even on Cisco's radar? Think again.