Apollo and Web Services
I noticed earlier this week that Mike Chambers, had put out feature requests or Apollo. This would most likely be a difficult task for most as the actual vision behind the Apollo project is blurry to most people.
I am going to assume (from what I have seen) that this vision is actually the evolution of Macromedia Central, mixed with AJAX and PDF.
Great, so what we are talking about here is a client (browser) built for housing Rich Internet Applications, allowing them to interact, and allowing untethering.
Now one feature I would see as important, would actually be a feature per se, but more a change in the way we have been approaching Web Services.
Web Services are the core driver of the new Web 2.0 movement, and a platform built to drive this movement has to make the consumption, and management of Web Services it's main concern.
Again I want to point people to Dick Hardt's presentation on Identity 2.0. Watch this before you read any further.
The important idea that I think Apollo needs to focus on is identity management. Adobe has the oppourtunity to really do something innovative here, because Apollo's sucess might be dependent on it.
Think about mashups for a moment. I have popped out a few of my own over the last few months. Mashups that leverage Flickr, and Eventful mainly.
Now if you had a client that was emploring you to build applications based on Web Services, and mash things up, you are quickly going to run into a problem.
If I build a Teknision image editor, that leverages Flickr, and a user of my application want to use it edit images in their Flickr account, am I doing the right thing when I ask the user for their authentication information in my application?
The answer is certainly not. I have no right to have direct access to any user's log in information to any service, so I can either breach their privacy, and they can hope I don't abuse it, or I can limit the functionality I provide in my app based on the fact that I don't want to breach their privacy.
So, what I believe is that Web Servies, and the management of them in Apollo, should be done at a base level underneath our actual applications. When my application is installed into Apollo, it would notify the end user that I will be leveraging the Flickr API and give the user the ability to set the appropriate credentials for that service.
More than that, if an application already uses it, then all that is important is that Apollo somehow notifies the user that I am using the service as well.
Now it would be crucial that actual user account information would never be exposed to our actual applications. It is truly not relevant as long as authentication has occured at the platform level.
So my feature request is a low level identity management layer for Web Services. I want to leverage them in my application, but I want the user to be in control of their data.
This is actually a pretty tall order considering there is no real standard for Authentication with Web Services, they all do it differently. But this is absolutely crucial, to the development of the Web 2.0 concept.
Maybe Apollo could be the trailblazer for standards in the arena.