I am looking for a copy of CryptUI.h file which used to be in Win32 Platform SDK, but was replaced with CryptUIAPI.h.  I need it to call CryptUIDlgViewCertificate which is undocumented.  The function displays a dialoging showing details about certificates.  Microsoft recommends CryptUIDlgViewContext but it's available only on XP and Windows Server 2003.  There is another recently documented fuction CertViewProperties, but that works only on XP, Windows 2000 Pro adn Server.  CryptUIDlgViewCertificate works on all of these platforms as well as Windows 98+.  I could use CAPICOM but that will add 450K to the footprint just to display a cert.  I could also write my own cert display dialog, but that involves more work than I am willing to put into this.

So…Help!

If you don't understand what I wrote above, don't feel bad.  This stuff is so geeky that not even Google can find enough material to fill a page.

Update – 2003/10/21 01:36PM PST

Michel Gallant came to my rescue with his open source KeyPal utility which has the necessary declarations – Gallant indeed!  Declartations are in C# so I'll translate it to C and post it here for future reference.  I might even wrap all this into a DLL for others.  I still haven't figured out how to coax these APIs to display a cert chain like the way Acrobat 6 does it.

Bjarke Viksoe released source code for BVRDE, Win32 IDE for developing UNIX/Linux software which I mentioned before.  Thanks Bjarke.  BVRDE is basically a full GUI front-end to command-line oriented tools running on remote UNIX/Linux boxes.  BVRDE source is a great starting point for Windows IDE projects.  It's written in WTL so your IDE can be lean and fast.

Tomcat 5 is currently stable enough for me to use, but I think it's use of Jakarta Commons Logging framework is going to cause headaches for webapps using Log4J.  For some reason, Tomcat fails to start if there is an webapp using Log4J.  After spending several hours of fiddling with configuration, I had to stub out all log4j calls from a webapp to get it to work.

XForms 1.0 is finally a W3C Recommendation.  No comment.

There is a lot of discussion going on about ways for user agents (read browsers) can locate site metadata.  People are even arguing about what constitutes a site.  Beside the discussion within W3C TAG, RSS developers are discussing this topic with RSS feed discovery in mind.  Consensus seems to be moving away from using robots.txt style solution which uses fixed-URI.

Tim Berners-Lee wrote back in February:

The architecture of the web is that the space of identifiers on an http web site is owned by the owner of the domain name.  The owner, "publisher",  is free to allocate identifiers and define how they are served.

Any variation from this breaks the web.

Hogwash.

1. Web is just not that brittle.
2. Other solutions are not as easy.
3. User agents should protect themselves from unexpected data.
4. People will not revolt if W3C reserves some range of names if they are reasonably unique.

Simplest solution IMHO is to introduce a special file extension for metadata and a default file name for directory metadata.

For example, if ".w3c" file extension is used for metadata and default file name for directory metadata is empty string, metadata for the resource "/application/foobar.html" can be found in "/application/foobar.w3c" and metadata for the path "/application/" can be found in "/application/.w3c".

Add to this a hierarchical inheritance rule which basically say metadata not specific to a resource can be overriden by subpaths.  For convenience sake, subpaths starting with "_w3c" should be reserved.

Using this solution, my blog's RSS feed list can be located by fetching "https://blog.docuverse.com/.w3c".  Problem solved.

To me, current discussions are no different than discussions about where the toilet flush lever should be placed.  Should it be on the right-side because there are more right-handed people or at the center to be fair?  I say let the manufacturers place the damn lever anywhere convenient and noticeable.  'Users' will do the rest.

SQLLite

While LAMP (Linux, Apache, MySQL, PHP/Perl/Python) is still going strong as a web application platform, MySQL is being challenged as the default database by SQLLite (home, download, wiki).  SQLLite is an embeddable SQL database engine, meaning it runs inside your program.  Beside being embeddable, it has these attractive features:

• Speed – SQLLite is faster than MySQL (benchmark)
• Code Size – just 25K lines of C
• Data Size – much smaller backup file than MySQL
• Data Storage – everything is stored in one file
• Transaction – built-in and default unlike MySQL
• Dependency – SQLLite has no external dependencies

Upcoming PHP 5 will include and use SQLLite as its default database engine.  This PHP Internals message outlines the benefits SQLLite brings to PHP.  Interestingly, MySQL client libraries will no longer be bundled with PHP due to some licensing issues.  I am not sure if this is a major trend in the making, but MySQL is taking the embeddable threat seriously enough to work on its own version of embeddable MySQL (mentioned in the October issue of Linux Magazine).

QDBM

If you don't need to use SQL, Mikio Hirabayashi's QDBM is an attractive xDBM-style (GDBM, NDBM, SDBM, Berkeley DB, etc.) database management library.  This benchmark (PDF) compares QDBM with other xDBM libraries.  It's main competitor is Berkeley DB which also offers both hash table and B+ tree API.  In comparison to Berkeley DB, QDBM has a nice speed/data-size ratio.  Only problem is that QDBM is still in beta.  Hopefully, this post will give the open source project more exposure and attract more resources to it.

This is a non-crypto wack at the spam problem.  It's half-baked at the moment, but I am sure you guys will provide the necessary heat to cook fully or burn it crisp.

Today, e-mail senders have no way of knowing whether a message sent has been erroneously flagged as a spam on the receiver side by either receiver-SMTPs or SMTP clients.  Being able to check whether my message is likely to be flagged as a spam has some value to me.  Starting with that idea, let's see if a solution comes together.

Spam-Filtered Outgoing Mail

A sender-SMTP that uses spam-filters on outgoing messages returns messages flagged as a spam or a likely spam back to the sender instead of sending them, allowing the sender to revise the message or use another communication channel like telephoning.  Sender-SMTP is basically saying that the message is being returned because chance of the message getting through the spam filter on the receiving side is low, a valuable service IMHO.

Sender-SMTP can weed out spammer's mail accounts by monitoring spam ratio on each account.

Filtering spam on the sender-side has two side-effects:

1. outgoing mail volume drops.
    
2. spam ratio decreases.

These effects will be visible to both receiver-SMTPs and mail recipients, meaning less spams for them.  Sender-SMTP can also actively weed out spammers by monitoring spam ratio on each mail account.

Identifying sender-SMTP by IP address

To encourage sender-SMTPs to use spam-filters on outgoing mail, they have to be identified.  One cheap solution is by IP address.

If sender-SMTPs are encouraged to have static IP addresses, receiver-SMTPs can identify sender-SMPTs and rate each accordingly, giving higher marks to those that seems to be filtering spam.  Penalties to those who rate low can range from limiting frequency of connections and/or limiting volume per connection.

To encourage sender-SMTPs to use a static IP address, receiver-SMTPs can apply penalties to unknown sender-SMTPs.  To avoid the penalty, sender-SMTPs must use a senderid assigned to the IP address on first connection.

Recipient Feedback

Receiver-SMTPs can append a URL to each message to collect recipient feedback which can be used to differentiate good SMTPs from masquerading bad SMTPs.  Feedback can be sent as part of receiver-SMTP's response when the suspect sender-SMTP connects next time.  Sender-SMTP can use the information to throttle back the suspect sender's mail volume.

I am not sure if the solution I just sketched will work or not, but it is definitely more scalable than TEN or SMTP4All.  Please let me know what you think.

Update - 2003/10/14 12:32PM PST

 Mitch Ratcliffe is looking at the spam problem from a similar angle:

Push the responsibility back onto the sources of spam, not the end-user who generally doesn't spam one iota.

Right on, Mitch.

While I was getting a haircut today, I thought about the scalability problem of solutions like TEN and SMTP4All.

Digitally signing each message will reduce mail throughput significantly.  Some of the throughput loss will be offset by removal of spam which will reduce message traffic by as much as 90%.  Scalability problem remains still because mail traffic is not constant.

Add to this the cost of bi-directional authentication between sender-SMTP and receiver SMTP.  If messages per session is high (i.e. mail traffic between AOL and MSN), cost will be minimal.  But I suspect the average number of messages per session is pretty low, meaning near one message per session.

In "Another Whack at Spam", Tim Bray describes a solution similar to my Trusted E-mail Network (TEN) idea (also read "Fixing E-Mail") – via Dave whose blog I read before Tim's blog.  He arrived at the solution while talking about spam at Foo Camp with Jeremy Zawodny, Dave Sifry, and Doug Cutting.

He also thinks digital signing should be done by mail servers instead of users.  But his thinking differs from mine in how the trusted network of mail servers should be organized and the network's relationship with mail servers outside the network.  I believe the network should be backed by a business entity in charge of issuing and revoking certs to member mail servers, maintaining and providing trust rating information on mail servers and mail users, etc.

While I like loosely-coupled peer network as much as anyone, I believe PKI and responsiveness requirements call for a central authority.  Under Tim's solution, each mail servers are given too much room for misbehavior and removal of a rogue mail server takes too much time.  What I want is the ability to shutdown a rogue user or mail server within hours, not days.

Update #1 – 10/13/2003 11:15AM PST

Liz Lawley raised some key concerns that reminded me to fill in some missing pieces of the TEN model.

Open Source

Since there is nothing proprietary about TEN servers, there will be plenty of open source TEN-enabled mail servers and TEN-enabling patches for popular open source mail servers.  So TEN servers will be very affordable.

Private E-Mail Network

TEN servers should be able to use multiple PKI.  This means each TEN server will have multiple certs to sign e-mails with depending on the source and the destination of each e-mail.

If the mail exchange is completely within an organization, the message can be signed with a self-signed cert after checking to see if the sender meets the private TEN's trust rating requirement.  For mail sent outside the private TEN, a public TEN cert assigned to that TEN server should be used but only if the mail sender has sufficiently high TEN rating.

Free or Subsidized

A Private TEN does not have to charge fees.  For example, American universities can form a national private TEN, with each university or department running their own TEN server, that allows students and staffs from any of the member universities to exchange e-mail with each other without a fee.  Some universities could even sponsor some percentage of the fee for e-mails sent outside the University TEN.

Global Trusted E-Mail Network

While anyone can run a TEN server, not everyone will be able to get a Global TEN cert that enables e-mails to be trusted by anyone world-wide.  There are three ways to get a Global TEN cert:

1. Implicit Trust – you are trusted without doubt or reserve
2. Bonded Trust – you put up money to be trusted
3. Sponsored Trust – you are trusted by someone with a Global TEN cert.

Implicit and bonded trusts are obvious so I won't go into details about them unless someone asks.  Sponsored trust means a there is relationship between the sponsoring organization and the sponsored.  Each trusted mail sent from a sponsored organization affects both organizations if a complain is lodged against the mail.

For example, if a Stanford physics student sends out a mail with virus to someone, trust rating of Stanford Physics Department's TEN server and Stanford's TEN server will be degraded because the school sponsored the department.  If Stanford is a member of American University TEN, then the American University TEN's trust rating is degraded.

I have been thinking about using Sleepycat Software's Berkeley DB XML (BDBXML), the speedy open source XML database behind Kimbro Staken's XPath-happy prototype blogware, Syncato.  BDBXML license was confusing to me, particularly the word "redistribution", so I contacted them yesterday to find out if I could use it for free.

My situation is a common one in that I will have a single server driving several websites and web services, some of which will be commercial.  More servers might be added later, but still located at a single data center (ServerMatrix).  BDBXML license allows free use under this situation.  But the software that runs on my server(s) is being written at home which is in a different state.  Since my development machine is in California and my production server(s) are in Texas, I am in fact redistributing whenever I upload my software to the server(s), violating free use under BDBXML license.

Liz Pennell, Account Executive at Sleepycat Software, confirmed this but, recognizing that this might discourage developers from developing software based-on their new product, they graciously granted me free license.

Hi, Don,

I'm sorry for the delay in responding to you, but I wanted to discuss your case with some of my colleagues here.

In fact, if the development is at your home address and the hosting server is at a different postal address, the use you contemplate would typically be considered a redistribution event under the terms of our public license. As such, in the interests of applying the rules even-handedly across our user base, we'd need to specifically permit that use rather than just wink at it, if that makes sense.

However, I agree with you that this sort of use at least in spirit comports with the public license terms, as the software is only installed and performing useful work at a single physical site. It's also true that DB XML is still a young product, and we'd like to do what we can to promote its wider adoption.

Therefore, in this specific case given all the circumstances as detailed, I'd be willing to grant you a limited single-site exception to clause 3 of Sleepycat's public license, and permit your use, as described below, at no charge.

Since I knew my situation is far from unique, I asked Liz whether this exception was a general exception (?!?).  Her reply was:

I'm reluctant to commit to making this exception broadly into the future, but it's not something you need to keep secret. If an individual web site developer came to us at this point in the product's life, and described the kind of use that you're considering, we would be very likely to make the same call for the same reasons.

However, it wouldn't be prudent to assume that this will always be so, and we'd need to make the explicit judgment on a case-by-case basis every time.

There you have it, a Selective Early-Bird Special of sort.  If you are a developer in a similar siutation as me, you know what you should be doing right now.  Here is the e-mail address.

I have a feeling that Sleepycat's mailboxes will be full by Monday.  Sorry to wake you, Sleepycat.  Heehee.

Update – 2004/02/19:

Here is an update from Liz on the license which made a lot of sense to me:

Since nothing ever dies on the Net, I thought it was important to get back to you on the subject of qualification for free use of our software under Sleepycat's public license. My interpretation of the public license when you and I had our original e-mail exchange was actually too strict.

In fact, "redistribution" happens when a copy of Berkeley DB is installed *for actual use* on more than one physical site. In practice, this means that developers may build apps at multiple sites, or at a different site from where the application will be installed, because during the development cycle the application is not installed for actual use. If the application is installed for actual use at a single physical site, it qualifies for free use of Berkeley DB under the public license, regardless of where it may have been developed.