Here is a nice AJaX pattern:

In most samples that I have seen so far, a global XMLHttpRequest variable is declared, since you cannot pass variables to the action handler.

In this article, they show a nice pattern, where you declare an anonymous function that calls another named function which may accept parameters; like this:

    http_request.onreadystatechange = function(){
        do_the_thing(http_request);
    };

This is particularly useful if you need to send of multiple XHRs without being able to gurantee the order in which they return.

Thanks to Joan Morris DiMicco for finding this.

I was setting up SQL Server 2005 client tools (which are in parts .NET based) and notced that as part of the installation process, the installer generates native images from the the .NET MSIL code. The benefits are obvious, but I was under the impression that Microsoft was - at least in the past - discouraging such deployment behavior.

As you might know, Sun is shutting down their operations during the 4th of July week, so my bloggin will be fairly light over the next couple of days. A few thinks that I intend to spend some thoughts on over this break include:

• Is user-centric identity - as implemented by CardSpace - truly useful for interoperable and privacy-encouraging identity? The obvious interoperability limitation is the somewhat artificial restriction of WCS to WS-Trust. But I think there are other problems with WCS as well: will it be "just another box we have to click away"? If identity information about a user can be transmitted with a single click (by releasing an InfoCard), users might get lured into giving away personal information more easily, effectively having a negative impact on privacy. A good example is the AutoFill function of the Google toolbar: since I am using it, I am a lot less careful about giving away PII - when I still had to enter everything by hand, I was always thinking twice about releasing information.

• How can a CardSpace-like model play well with REST/POX web services? The whole question of lightweight identity enabled web services and application is still quite open.

• Will Germany make it to the Finals? THAT question will be answered on July 4.

This is a interesting research project at Microsoft: Phoenix is the framework for all upcoming compiler and JITer optimizations for the Microsofts platforms. Their goal is to unify opmizations and execuction imrpovements for both managed (i.e. .NET) and unmanaged (i.e. Win32) code. Conceptually it uses a three stage optimization and code generation process, with the Phoenix C2.EXE C++ back end compiler being the centerpiece:

A very nice effect of this research program is that it will allow developers to come up with their very own development language and still use the platform optimizations provided by Phoenix.

The research development kit can be found here.

Here is a way to ruin your day: watch this movie about a simulation of a 500km rock hitting earth (most unfortunately only in Japanese, but the pictures are excellent).

Well - it seems that WinFS returned to the undead for at least another 1-2 operating system releases: Quentin Clark writes in the WinFS group blog, that WinFS is canceled for Vista and XP. They are now moving those parts that are stable enough for productization into SQL server and ADO.NET.

This article effectively ends Microsoft's second push to move to a relational file system. The infamous Cairo OO-OS in 1991 that was supposed to be built on NT, and then WinFS, as one of the pillars of Longhorn in 2002.

My guess is that this whole thing will be completely tabled until after Windows Vienna ships - this would probably make it 2010 until it comes up, add 5-10 years development efforts, so you might have a chance seeing this by 2015.

Well, if Microsoft wants to update their NTFS file system, they can certainly take a look at Solaris' ZFS. Maybe ... ahh, I am dreaming now.

Since last Thursday, I am a happy owner of a Cingular 2125 (HTC Farady) with Windows Mobile 5.0 Smartphone Edition. I have to admit that since my first step with Windows CE (Pocket PC 2002 on an iPaq 3850) they have made some great improvements. Networking is MUCH easier now, and with the EDGE capabilities I get easily about 100+ kbps in my area. This is good enough to listen to a stereo audio stream, which means that I can now listen to my favorite radio stations from Germany (DLF) whereever I am.

Another great feature is the VPN capabilities of the phone itself. Really useful though is the Bluefire Security VPN client that allows me to dial into my corporate network using a SecurID card.

The next steps will - obviously - to start dabbeling with the Mobile 5.0 SDK and the Mobile extensions for NetBeans.

SAML could be used for performing anonymous (more precisely pseudonymous) authorization in the following way:

1. A user contacts a relying party for a particular service.
2. The RP returns a request for a set of attributes that it requires to allow access.
3. The user agent formulates a request to its SAML IdP for a signed attribute statement about that set of attributes.
4. The IdP returns that statement, signed with its key.
5. The client forwards that statement to the RP.
6. The RP verifies the signature against the public key of the issuer.

In this scenario, the IdP does not know anything about the RP, and can not associate the particular user request with the public key request from the RP (unless the IdP is really obscure and serves only a very few users). The RP only knows about the attributes that were asserted in the statement.

The obvious drawback is that the IdP has a lot of knowledge about the user. This issue can be mediated by putting a user trusted-broker between the user and the IdP and the user.