Performance Challenges for the Open Web Stanford CS193H 29 September 2008
Background: making the web work better Ive been abusing web browsers for 15 years I used to work on AJAX / JS performance Video: Now Im helping open up the social web Weekly video podcast: thesocialweb.tv Open Web has new performance challenges Making multiple sites play well together Privacy, transparency, flexibility, simplicity
In a world with lots of socially-aware sites…
…and lots of open social web building blocks…
…how do the pieces fit together? …and what will the new Social Web look like?
Reminder: The social web today is broken… On each site, we still have to: Re-create an account Re-enter our profile info Re-find our friends Re-establish our relationships New social apps have limited options: Create yet-another-silo (and start from scratch) -or- Make a widget inside an existing walled garden
…but we know how to make things better!
Create a portable, durable online identity OpenID Sign up / sign in with an existing account Link / share your profile data between sites
Example: Sign up for Plaxo with OpenID
Create a portable, durable online identity OpenID Sign up / sign in with an existing account Link / share your profile data between sites rel=me (XFN) Consolidate your online identity with me-links Social Graph API See what your users said about themselves
Build and maintain real relationships Contact APIs Find people from your current address book Leverage previously established relationships OAuth Share private data between trusted sites Friends-list portability Continuous discovery across multiple sites
A periodic check of new people from your networks on other sites
Stay up-to-date with the people you know OpenSocial Build social apps that can run anywhere
OpenSocial
OpenSocial: Large and Growing Rapidly
Stay up-to-date with the people you know OpenSocial Build social apps that can run anywhere RSS / Atom Syndicate your activity to share with others Jabber (XMPP) Real-time update stream between sites
Building blocks in action: contacts portability User signs in with an OpenID - Site fetches OpenID URL looks for X-XRDS-Location - Site parses XRDS-Simple doc to discover available APIs Site tries to access contacts API gets a WWW-Authenticate response header specifies OAuth - OAuth Discovery (via XRDS) provides OAuth endpoints Site sends user though OAuth flow to grant access - User returns to site with authorized access token - Site can now access users contacts data via API + token
Performance Challenges Minimizing round trips Discovery, Association, OpenID, OAuth, etc. Combining steps vs. small pieces loosely joined JSON-RPC in OpenSocial (batching API calls) Caching: freshness vs. performance Policies for how long to store personal data Social Graph API: cached web crawl Server-alerted notifications
Performance Challenges (cont.) Pull vs. push: aggregating activity Polling is easy but inefficient & doesnt scale (1000 users every 15 min > 1 hit per sec) XMPP & Gnip: receive update notifications Integrating 3 rd party content Server-side (proxied) vs. client-side (JS onload) Iframe vs. inline New techniques: XFBML, Caja, etc.
…so how do these building blocks fit together?