wsreaders (see last month's "HTML + NNTP = Groupware"), news servers have become, in effect, read/write Web servers.
With these servers, users can exchange not only plain ASCII files but also rich HTML documents enhanced with styling, links, graphics, binary attachments, and active content. Visitors to your public newsgroups (anyone, anywhere, anytime) and users of your private newsgroups (your staff, also anywhere, anytime) can use the same client software: Netscape Navigator or Communicator, or Microsoft Internet Explorer (MSIE).
Why does this matter? Here's one key benefit: Collaborators can flexibly manage the scope of their collaboration.
Information Scoping
I run a set of private newsgroups just for my own team -- BYTE's three-person New Media department. Another set of newsgroups is accessible to the entire BYTE staff. Finally, BYTE's public newsgroups are world-visible. Because I use the same client to participate in all three realms, I can respect boundaries -- or cross them -- as it's appropriate.
For example, we New Media team members use our private newsgroups to document the ever-changing procedures and configurations that underpin The BYTE Site. Much of this chatter would only annoy the rest of the BYTE staff, but it's vital to us. We post a stream of messages not only to communicate with each other but also to document what we do so that we (or perhaps a future new team member) can recover this knowledge three or six months from now.
What if our private discussions raise issues that are relevant to other groups? If it's a matter of BYTE policy, the proper scope may be another BYTE department or the entire BYTE staff. If it's a general issue
, though, the proper scope might be global. Unless there are reasons for privacy, why not tap into the collective brain trust at work in BYTE's public newsgroups?
The scope of collaboration doesn't always expand. Sometimes discussion needs to move from public space to private space. For example, I've just started a public on-line focus group for our marketing team. Issues raised there will probably need to move into private space for internal debate.
Newsgroup Access-Control Strategies
Conventional INND servers create zones of private discussion using a control file called
nnrpd.access
. Here's how I might create a world-visible group, a staff-wide group, and two departmental groups:
*:Read,Post:::public_forum
*:Read,Post:edit:ep:staff_forum, edit_forum
*:Read,Post:sales:sp: staff_forum,sales_forum
These lines say: "Any IP host (
*
) can read and post to public_forum. Allow only user edit (password
ep
) or user sales (password
sp
) into s
taff_forum. Only user edit can get into edit_forum. Only user sales can get into sales_forum."
What's hard about this? Nothing at all, once you've got INND up and running. But that can be a big hurdle. Other than Internet system administrators charged with providing Usenet service for companies or Internet service providers (ISPs), very few people have ever used INND.
That could change in a hurry, though. Microsoft and Netscape have given INND a pretty face that won't intimidate regu-lar folks. Anyone who's comfortable deploying these vendors' Web servers should also be able to deploy their news servers. [
Editor's note:
The version of INS that I use comes with the Microsoft Commercial Internet System (MCIS) and is not generally available. Another version of INS will be included in the forthcoming IIS 4.0. I haven't tried that version yet, but Microsoft says that it's comparable to the MCIS version.
]
Ironically, both require more configuration effort than does INND to achieve th
e four-zone setup illustrated above. But since the task involves tabbing through dialog boxes and mouse-clicking, rather than hand-editing Unix-style configuration files, many users who regard INND with terror will embrace INS and
Collabra
. To all you Unix graybeards: Don't rush to mock those who prefer the new breed of news server. INS and especially Collabra do things that INND can't: Secure Sockets Layer (SSL) encryption, client authentication, integrated full-text search. These features transform INND into a compelling groupware platform.
Although they're comparably easy to use, the Microsoft and Netscape news servers differ radically in their methods of access control. Microsoft's INS integrates with Windows NT's stand-alone or domain security. Netscape's Collabra relies on a local or remote LDAP database. Both approaches have pros and cons (see the sidebar "Comparing NNTP Access-Control Methods").
Which approach is best? All other things being equal, I would recommend I
NS for an NT-based, intranet-only solution, and Collabra for Unix hosting or for a mixed Internet/intranet clientele.
Either server can accept connections over an SSL-secured channel. That puts you a step ahead of the standard INND, which sends user names and passwords in the clear. The SSL capability may or may not matter for an intranet deployment. But it matters greatly if you locate company-private content on a world-visible server.
Why do that? Collaboration knows no bounds. Documents that your coworkers share with you in NNTP conferences do you no good if you're at at home or on the road and can't reach through the firewall to read them. Cleartext authentication using NNTP's
authinfo
command is only the weakest kind of security. SSL sessions encrypt your credentials as well as the data that flows between news clients and servers. To enable SSL, you need a digital certificate for your news server, just as you need one to secure your Web server (see "Digital IDs," March BYTE).
If you're running INS for a homogeneous population of Windows clients, there's a middle-ground option. You can use NT's challenge/response authentication protocol. In that case, session data won't be encrypted, but credentials will be. That's still a big improvement over cleartext authentication.
Managing Shared Documents
NNTP conferences are starting to look more and more like Lotus Notes document databases. That's partly a function of HTML-aware newsreaders. Many of the advanced features I discussed last month flow from NNTP clients, not servers, and so they work with legacy INND servers as well as with Collabra or INS. But two Notes-like features in Communicator's Collabra client -- full-text search and categorization -- require Collabra Server.
Collabra Server comes with its own search engine -- unlike INS, which instead relies on Microsoft's generic Index Server. Collabra could (and perhaps eventually should) similarly leverage Netscape's general-purpose indexer/searcher. But for the
3.0 server, Netscape chose -- I think wisely -- to focus on tight coupling with the Collabra client.
The two products jointly implement a search protocol that Netscape has proposed as an extension to the NNTP standard. As a result, you can search newsgroups directly from the newsreader. And, crucially, a user not permitted to read a newsgroup won't ever see a search hit from that newsgroup. This secure search capability would be difficult to achieve with INS and Index Server -- or, indeed, with any mechanism (such as The BYTE Site's conference searcher) that operates in Web space rather than in NNTP space.
Collabra can also create customized views of discussions. It does this in two ways: categorized newsgroups and virtual newsgroups. If the Collabra Server administrator declares a newsgroup as a categorized one, its subgroups interact with the otherwise-inactive "Show Categories" feature of the Collabra client.
When I tried this, I solved a mystery. The newsreader's third (newsgroup) pane
has vanished in Collabra, apparently replaced by the Message Center, which runs as a separate application. But when you point the newsreader at a categorized discussion, the missing third pane reappears. That's how Collabra displays categories.
However, this is only marginally useful to me. Legacy newsreaders don't see the categories, and since I support a mix of newsreaders, there's no incentive to create them. I'd rather have the third pane back as it was in Navigator.
Virtual newsgroups are more interesting. In last month's column I showed a Collabra-based full-text search for the term
vpn
. When I used the search dialog box's Save As button, Collabra performed a neat trick. It created a newsgroup called virtual.vpn and put copies of the found articles in that virtual newsgroup. What's more, as new messages matching the
vpn
search flow into any of our private conferences, they are also automatically routed into virtual.vpn!
Nifty as virtual newsgroups are, I'm still left want
ing a more powerful way to categorize newsgroups. Specifically, I'd like to be able to declare custom headers for a given group -- in our contacts group, for example, these might be Company, Product, and Lastname -- and then have the newsreader build sorted views based on those headers. I think this scheme won't even require any modifications to the NNTP protocol. News messages, like mail messages, are already full of custom headers, such as X-Mozilla-Status. Why not X-Company and X-Product? The server won't mind these extra headers; the client can make excellent use of them.
The latest news servers are works in progress. What's encouraging, though, is that they
are
progressing. NNTP techology was for years a diamond in the rough. The standard INND already did more than most people realize. INS and Collabra have staked out important new territory. I can't wait to see what's next, but in the meantime I'm building some slick collaborative solutions around what's here today.
When you need to m
irror one server to another, you appreciate how both Collabra and INS hide the details.
TOOLWATCH
Business::CreditCard.............free
Jon Orwant
E-mail:
orwant@media.mit.edu
ftp://ftp.cis.ufl.edu/pub/perl/CPAN/modules/by-module/Business/
If you're using Perl CGI scripts to take credit-card orders, don't reinvent the wheel. Here are the routines you need to identify card types and check the validity of card numbers.
BOOKNOTE
Software Reuse: Architecture, Process and Organization for Business Success
.....$44.06
by Ivar Jacobson, Martin Griss, and Patrik Jonsson
ACM Press/Addison Wesley Longman
ISBN 0-201-92476-5
Internet:
http://info.acm.org
;
http://www.awl.com/cseng
Next-Generation Servers
