[Osiris-devel]host daemon using XML ?

Brian Wotring brian at shmoo.com
Sun Mar 10 20:11:06 EST 2002 

I fully agree with spike on this.  One of the goals is to keep the 
daemon as simple as possible.   The most complex portion of the code 
will be in the scanning module and the crypto.  Communication is simple 
and the dialogue will be as well.  Currently, the design specifies the 
following messages:

- start scanning
- stop scanning

- status request
- status response ( daemon to management )

- config data ( management to data )
- scan data ( daemon to management )

The first three message types don't even have a payload, it's basically 
nothing more than sending a two byte control code over the wire.  This 
message set already provides for the most important interaction between 
the daemon.  We can find out its current state/situation, we can start 
and stop scans, we can push a config, and we can receive scan data.

If we can get away with leaving out an XML parser from this daemon, I'm 
all for it.  If it can be shown that it would greatly benefit 
development or extensibility, we can add it.  I just don't see it as 
being a good thing at this point in time.  Sorry gdead, don't mean to 
shoot you down on this, I know you're the one who seems to feel very 
strongly about using XML here.  If you or anybody else thinks it's a 
mistake to leave it out, speak up.  This is still open for debate.

>> There are going to be serveral different types of communication between
>> the client and server.  These comms need to be secure and extensible 
>> as we
>> continue forward.  Designing a protocol to handle our requirements for 
>> the
>> comm channel may be quite a bit of work.  If we use XML, we can 
>> describe
>> the protocols as we need them using stands-based methods and tools.  We
>> can also utilize existing transport mechanisms (such as XML in TLS or
>> RPC-XML).
>
> In my opinion, this is the party line for XML and I don't buy into it.
> Yes, using XML will allow you to prototype the protocol quickly, but
> the trade off is overhead parsing the XML in each transaction.  My
> preference is to take the extra time to design an efficient protocol
> up front.  It's more work, but you save infinite cycles over the life
> of the software.
>
> I also feel that XML gives a false sense of extendibility.  Yes, you
> can just update your DTD to add new fields, but in the end you still
> have to re-code all of your clients and servers to handle that new
> data.


--
   Brian Wotring ( brian at shmoo.com )
   PGP KeyID: 0x9674763D

More information about the osiris-devel mailing list