Practical Internet GroupwareBy Jon Udell
1st Edition October 1999 (est.)
1-56592-537-8, Order Number: 5378
384 pages (est.), $29.95 (est.)
Discuss this material in Jon Udell's newsgroups (news view or web view)
Using public newsgroups as described in the last chapter, you can augment a corporate Web site with Usenet-style discussion. These site-specific newsgroups work a bit differently from their Usenet counterparts. They can store messages much longer than Usenet newsgroups do - even indefinitely. That persistence creates opportunities to manage the message store as a pool of content that can be advantageously linked into a Web site. But this is still a public mode of collaboration, one that ought to appeal to the widest possible audience. It's inappropriate here, as it is inappropriate on the Usenet, to use the full set of capabilities built in to the Microsoft/Netscape newsreaders. Public newsgroups necessarily cater to the lowest common denominator: plain ASCII text messages.
On the intranet, it's a different story. Here you're not dealing with the public, only with your own staff. That means you can allow, and should encourage, the most effective use of Internet communication tools - that is, newsreaders and mailers. They can do much more than many people realize. For example, most people know that the Microsoft and Netscape newsreaders can post plain-text messages to newsgroups, and can also attach MIME-encoded binary files. But relatively few people have used them to:
Compose and display HTML messages
Communicate securely over SSL
Authenticate using name/password credentials or client certificates (digital IDs)
Do fulltext search of an indexed newsgroup (Netscape Collabra and Collabra Server only)
Exploit powerful synergies between email and newsgroups
When people discover and use these capabilities, intranet-based discussion can become even more powerful than Internet-based discussion. Why does this rarely happen? There are two reasons, one technical and one cultural. The technical reason is that although every intranet offers Web and email service, few provide NNTP service. So there usually isn't a local environment in which to explore and master the kinds of rich collaboration that NNTP can enable. This obstacle, as we'll see here and in more detail in chapter 13, is easily overcome.
The cultural problem is far more difficult. The methods I'll present in the next few chapters presume that groups really want to collaborate - that is, share documents, move communication from interpersonal to group spaces, pool knowledge. "Our people are our only real asset," corporate executives like to say, and they mean it. They understand that their success depends mainly on what their people know, not just individually but collectively. A Lotus executive once claimed that there is an infinite return on an investment in Lotus Notes. Infinite! That sounds like brash computer-industry hyperbole. In fact it's arguably true when Notes captures organizational knowledge as it was designed to do, and is capable of doing. But mostly that doesn't happen, for lots of reasons. People tend to focus only their own tasks, and associate only within their own workgroups. People don't want to document everything they do. People don't want to think carefully about how they communicate, with whom, for what purposes, with what results. People don't want to share what they know, if they believe that doing so will threaten their own security.
There's no magic-bullet solution. Internet groupware succeeds as well as it does, on the large scale of the Internet, because of that large scale. There is critical mass. Thousands of people may know some crucial fact. The vast majority won't be inclined to plug it into the planetary knowledge base. When even one person does, everyone else benefits. On the intranet, though, Internet-style groupware faces the same challenges as Notes does. Critical mass is very hard to achieve. Many companies and workgroups, frankly, won't get there. But your company or workgroup might, and if you succeed, you'll enjoy a huge advantage.
Effective use of Notes (or of Microsoft Exchange) requires commitment and learned discipline. Likewise Internet groupware. It has one big advantage, though: the standard Internet client is ubiquitous. People spend an awful lot of time using it to browse, and read and write email. When an intranet culture encourages people to collaborate more effectively, the same already-installed client can help them do so. I'll say more about why it makes sense to engage in this kind collaboration, and show how you can exploit some little-known and poorly-understood features of NNTP conferencing to make it happen. But since not many people have ever set up or used local newsgroups, let's look briefly at how that works.
At BYTE we created a set of intranet newsgroups in which our distributed staff could privately converse, exchange the manuscripts and images that were the raw material of our product, and manage the flow of other documents. There were company-wide newsgroups with names like bytestaff.operations and bytestaff.issueplanning, and departmental newsgroups with names like newmedia.operations and newmedia.design. Originally the NNTP server that hosted these groups was Microsoft's INS (Internet News Server)[ 1]. Later we used Netscape's Collabra Server. Chapter 13 is a basic tutorial on setting up and running these news servers, and also the standard Unix INN.
 INS was originally a freely-available product, then later became part of the Microsoft Commercial Internet Services (MCIS), which was sold exclusively to ISPs and not generally available. However a variant of INS became the NNTP service bundled with the NT 4 Option pack, which is freely available.
Why didn't we run our local newsgroups on INN? We could have, but modern derivatives of INN, including both the Microsoft and Netscape products, are easier to use and more featureful. It's true ease of use, like beauty, is in the eye of the beholder. If you're good at command-line administration you may feel that the GUI point-and-click interfaces to the newer servers are more trouble than they're worth. Nevertheless, these interfaces vastly enlarge the potential reach of NNTP. A Windows NT LAN administrator who may know nothing of Unix (never mind INN, whose quirks and crankiness are legendary) will find the Microsoft or Netscape news servers straightforward and familiar. It takes about an hour to install either of these servers, create some newsgroups, and begin hosting intranet discussions.
Eventually, I'll admit, I spent much more than an hour on setup. As we expanded our use of local newsgroups we needed better structure and more security. The structure that evolved was a system of what I'll call scoped newsgroups. Rather than present everyone in the company with a long list of newsgroups, we made the top level of the newsgroup tree visible to everybody and assigned subtrees to departments and project teams. We'll see later in this chapter, and in chapter four, why this kind of structure is important. And in chapter 13 we'll see how to create it.
The security issue arose when I moved the news server from our intranet to our Internet-visible DMZ (that's the demilitarized zone between an external firewall and an internal firewall). Originally the news server ran on a corporate intranet, accessible from office PCs around the country but not from home or road PCs. But collaboration isn't just a nine-to-five activity in the modern organization. People need to be able to collaborate anywhere, anytime, so I put the news server out in the DMZ along with our public Web server. That meant we had to encrypt all data flowing to and from the news server. You can't do that with INN, but you can do it with both the Microsoft and Netscape news servers.
If you've only used NNTP to connect to the Usenet, you may not realize that it supports a name/password protocol similar to HTTP's basic authentication (see tip below). Like the HTTP version, NNTP authentication involves a simple name/password challenge. Now that use of packet sniffers has become a recreational sport, these unencrypted authentication schemes offer only a weak form of security. As with a password-protected Web server that holds confidential data, an extranet-based conference server that hosts private discussions should encrypt not only login credentials but also all message traffic. The Microsoft and Netscape news servers do this in the same way that Web servers do. As I'll show in chapter 13, you can install a digital ID on a news server and run it in SSL (Secure Sockets Layer) mode. The Microsoft and Netscape newsreaders can both communicate securely with either brand of server. The exchange of name/password credentials is encrypted; so are other commands and all message data.Usage Tip: HTTP versus NNTP authentication
In HTTP authentication, a request for a protected page causes a server to send your browser the HTTP Authorization header and a MIME-encoded username/password pair. Your browser responds by prompting you, with a dialog box, for a name and password. Then it retries the request and, if your credentials were accepted, the server shows you the page originally requested - subject to permissions on your account.
In NNTP authentication, a request to list the contents of a protected newsgroup provokes a response like
480 Authentication required for command. Your newsreader responds by prompting you, with a dialog box, for a name and password. Then it transmits the authinfo command twice, first to send a username, then the password. If your credentials are accepted, the news server allows you to list messages, read, and post messages - subject to permissions on your account.
With a secure private news server in place, editors and writers could collaborate from their offices, their homes, or any other points of attachment to the Internet. In this environment we began to do things that we couldn't do in our public INN-based newsgroups. In some cases, the limitations had been INN's. It doesn't support integrated fulltext search, for example. That's an NNTP extension that Netscape added to Collabra Server and that works only in conjunction with the Collabra client.
In other cases the limitations weren't INN shortcomings. Rather, they were imposed by the culture of the Usenet. For example, the Netscape/Microsoft newsreaders can compose and display HTML documents. This is pretty exciting stuff. It invites users to go beyond the age-old Usenet tradition of line-oriented ASCII text, and enrich their online collaboration with rich text, tables, lists, inline images, and hyperlinks.
You might think that you need a modern NNTP server to handle HTML-enriched newsgroups. Actually you don't. HTML news messages, like conventional line-oriented ASCII news messages, are just clumps of headers followed by more text. Venerable old INN handles this stuff in that same way that its modern derivatives do. Rich messaging - that is, the ability to compose and view HTML-formatted documents - arises entirely from the new breed of mail/news clients.
The Usenet continues to play to the lowest-common-denominator plain-text-oriented newsreader, as indeed it should. If you create your own public newsgroups they should probably obey the same rule. But on your intranet or extranet, you can fully exploit all the rich features built into modern newsreaders. Lacking a local news server, not many users of Netscape Collabra or Microsoft Outlook Express have had a chance to discover an amazing fact about these newsreaders. They are arguably the most effective tools now available for creating intranet content. What's that? I think an intranet's mission is to document what is collectively known in a company. Much of that knowledge exists in the form of messages. Conferencing tools are an effective way to move message data into shared spaces, thereby manufacturing intranet content. Before we explore how that process can work, though, let's look more closely at the relationships between two modes of messaging: conferencing and email.
Discuss this material in Jon Udell's newsgroups (news view or web view)
Back to: Practical Internet Groupware
© 2001, O'Reilly & Associates, Inc.