Performance Challenges

for the Open Web

Stanford CS193H29 September 2008

Background: making the web work better

I’ve been abusing web browsers for 15 years

- http://josephsmarr.com

I used to work on AJAX / JS performance- http://josephsmarr.com/2007/07/25/high-performance-javascript-oscon-2007- Video:

http://developer.yahoo.net/blogs/theater/archives/2007/08/joseph_smarr_highperformance_j.html

Now I’m helping open up the social web- http://josephsmarr.com/2008/09/22/tying-it-all-together-implementing-the-open-web-web-20-expo-

new-york- Weekly video podcast: thesocialweb.tv

Open Web has new performance challenges- Making multiple sites play well together- Privacy, transparency, flexibility, simplicity

In a world with lots of socially-aware sites…

…and lots of “open social web” building blocks…

…how do the pieces fit together?

…and what will the new

Social Web look like?

Reminder: The social web today is broken…

On each site, we still have to:-Re-create an account-Re-enter our profile info-Re-find our friends-Re-establish our relationships

New social apps have limited options:-Create yet-another-silo (and start from scratch)

-or--Make a widget inside an existing walled garden

…but we know how to make things better!

Create a portable, durable online identity

OpenID- Sign up / sign in with an existing

account- Link / share your profile data between

sites

Example: Sign up for Plaxo with OpenID

Create a portable, durable online identity

OpenID- Sign up / sign in with an existing account- Link / share your profile data between sites

rel=me (XFN)- Consolidate your online identity with me-links

Social Graph API- See what your users said about themselves

Build and maintain real relationships

Contact APIs- Find people from your current address book- Leverage previously established relationships

OAuth- Share private data between trusted sites

Friends-list portability- Continuous discovery across multiple sites

“A periodic check of new people from your networks on other sites”

Stay up-to-date with the people you know

OpenSocial- Build social apps that can run anywhere

OpenSocial

OpenSocial: Large and Growing Rapidly

Stay up-to-date with the people you know

OpenSocial- Build social apps that can run anywhere

RSS / Atom- Syndicate your activity to share with others

Jabber (XMPP)- Real-time update stream between sites

Building blocks in action: contacts portability

User signs in with an OpenID- Site fetches OpenID URL looks for X-XRDS-Location- Site parses XRDS-Simple doc to discover available APIs

Site tries to access contacts API gets a 401- WWW-Authenticate response header specifies OAuth- OAuth Discovery (via XRDS) provides OAuth endpoints

Site sends user though OAuth flow to grant access- User returns to site with authorized access token- Site can now access users’ contacts data via API + token

Performance Challenges

Minimizing round trips- Discovery, Association, OpenID, OAuth, etc.- Combining steps vs. small pieces loosely

joined- JSON-RPC in OpenSocial (batching API calls)

Caching: freshness vs. performance- Policies for how long to store personal data- Social Graph API: cached web crawl- Server-alerted notifications

Performance Challenges (cont.)

Pull vs. push: aggregating activity- Polling is easy but inefficient & doesn’t scale

(1000 users every 15 min > 1 hit per sec)- XMPP & Gnip: receive update notifications

Integrating 3rd party content- Server-side (proxied) vs. client-side (JS

onload)- Iframe vs. inline- New techniques: XFBML, Caja, etc.

…so how do these building blocks fit together?