With great alarm I have been watching the conflict in Georgia, where Russian troops appear to be continuing to advance and target military installations despite the "order" to hold to a ceasefire. In my humble opinion, this is a premeditated attempt to bully and subjugate all of Georgia, and use them as an example so that other former Soviet republics (like the Ukraine) don't get too uppity.

However, the fact is that my horror is out of a sincere belief in collective self-determination, as well as a growing concern relating to that Europe has become overly dependant on energy from Russia. So if I could wave my hand and propose a solution it would be one which would require painful compromises to both sides:

1) Give Russia the regions of Abkazia and South Ossetia
2) Give Georgia full NATO membership so that the European countries can pledge to protect the Caspian Sea pipeline.

Needless to say this would please nobody. It would, however, help with the stability of the region.

One of the major problems I have run into with Firefox three is that XHTML which passes the W3C's valiators is not rendered at all. The problem has to do with the fact that the W3C and the Firefox team apparently have different views as to what the XHTML spec actually means.

See the discussion in the following bugzilla entries:
https://bugzilla.mozilla.org/show_bug.cgi?id=408702
https://bugzilla.mozilla.org/show_bug.cgi?id=412114

The following XHTML document renders on Seamonkey but not on FF3. Furthermore, it passes the W3C's validators with no problems:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
        "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
    <title>LedgerSMB 1.2.99</title>
    <meta http-equiv="Pragma" content="no-cache" />
    <meta http-equiv="Expires" content="-1" />
        <link rel="shortcut icon" href="favicon.ico" type="image/x-icon" />
 
    <link rel="stylesheet" href="css/ledgersmb.css" type="text/css" title="LedgerSMB stylesheet" />
 
    <link rel="stylesheet" href="UI/login.css" type="text/css" title="LedgerSMB stylesheet" />
 
    <link rel="stylesheet" href="css/ledgersmb.css" type="text/css" title="LedgerSMB stylesheet" />
 
    <script type="text/javascript" language="JavaScript" src="UI/login.js" />
 
    <meta http-equiv="content-type" content="text/html; charset=UTF-8" />
    <meta name="robots" content="noindex,nofollow" />
 
</head>
 
<body class="login" onload="setup_page('Name:',
    'Password:');">
    <br /><br />
    <center>
        <form method="post" action="login.pl" name="login"
            onsubmit="return submit_form()">
        <input id="menubar" type="hidden" name="menubar" value="" />
        <input id="blacklisted" type="hidden" name="blacklisted" value="" />
        <div class="login">
            <div class="login" align="center">
                <a href="http://www.ledgersmb.org/" target="_top"><img src="images/ledgersmb.png" class="logo" alt="LedgerSMB Logo" /></a>
                <h1 class="login" align="center">Version SVN Trunk</h1>
                <div align="center">
                    <div id="credentials"></div>
                    <div id="company_div">
                      <div class="labelledinput">
                        <div class="label">
                            <label for="company">
                            Company
                            </label>
                        </div>
                        <div class="input">
                            <input class="login"
                            type="text"
                            name="company"
                            size="30"
                            id="company"
                            accesskey="c" />
                        </div>
                    </div>
                </div>
                <button type="submit" name="action" value="login" accesskey="l">Login</button>
            </div>
        </div></div>
        </form>
        <p><a href="admin.pl">Administrative login</a></p>
    </center>
</body>
</html>

The problem lies with the tag in the document head. Firefox 3 sees it as unterminated while the W3C validator sees it as properly terminated. The Firefox team argues that the W3C validator is wrong and that they won't support content that the W3C's tools say are valid.

The Firefox Team's Rationale:

The new behavior in Firefox, as it turns out is behavior by design. The issue has to do with a security fix which had to do with unterminated tags in earlier versions, where the tag would be ignored and the rest of the document would be processed as HTML. Obviously this is a problem because it leads to ambiguity as to the nature of content, whether it is executable, and what it does. I support their efforts to fix it, but I also think that the fix is as flawed from developers' perspective as User Access Control is in Vista from a power user's perspective. Basically a self-terminating tag is differentiable from an unterminated one and since the W3C's validators show this as valid, it should be handled.

See:
https://bugzilla.mozilla.org/show_bug.cgi?id=305873

Why this is a bad thing:

Now, arguably the W3C's validators are wrong. According to the spec and the DTD, the script tag really *should* have an end tag. However, expecting that all developers are going to be spec lawyers is a serious mistake. Many developers *do* rely on the W3C validators as being the ultimate arbitrator of what is valid HTML and XHTML. Failing to handle this case in the same way will:

1) Needlessly flood bugzilla with repetative bugs.
2) Drive developers away from Firefox to those who are more inline with existing validation tools
3) Create support headaches for everyone.

This is a trivial fix without the dire security issues the Firefox team has invoked.

A second option would be to engage with the W3C to help ensure that such discrepancies are resolved bidirectionally. A little effort now will save a lot of headache for everyone down the road. I would hate to see Firefox 3 become more or less the Windows Vista of Open Source, but this may happen if the FF team decides to go it alone in their interpretation of the specs. That would be a real shame.

I have been thinking a great deal about how Colombia can get out of the civil war which has torn the country apart for over four decades. The problems are deep but they may be soon solvable. In short, leadership of the government devoted to social justice, economic growth, and security for all Colombians is absolutely necessary. There is hope that this can happen but not under Alvarro Uribe.

Colombia's civil war began as a Communist insurrection in the 1960's. The goal of the Communist powers was probably to weaken US influence in the region especially in the wake of the decision by Colombia to send thousands of troops to fight in the Korean war. However, over time, FARC has cut all political ties to any political parties and has become primarily occupied with their own financial interests relating to drug trafficking. There are other leftist rebels in Colombia, but none of them match the force of the FARC.

In part to contain the FARC, the Colombian government has financed and sponsored a number of right-wing militias which are also into terrorism, narcotrafficking, etc. While not as big or as strong as the FARC, they are still a major force to be reckoned with. Unfortunately, the current president, Uribe, has continued policies of backing these militas. Consequently Colombians are left with no guarantees of security in a civil war where both sides readily resort to terrorism and where both sides finance their aims via the manufacture and sale of cocaine.

As hellish as the situation sounds (and Colombia is not likely to be somewhere I would go to visit at the moment), the beginnings of hope are starting to emerge. The peace process and FARC's handling of it have caused most of the left-wing of Colombian politics to cease supporting the organization, since their main goal has become that of narcotrafficking. While the right-wing and the government has not abandoned their terrorist organizations yet, political pressure is building to do so.

What Colombia needs is for a center-left candidate to emerge victorious in Presidential elections with a message that Colombia as a whole can unite behind. THe center-left part is important because this is necessary for being able to crebibly reject violence from the FARC. The message needs to be one of social justice, economic growth, and an attempt to provide security for all Colombians from the terrorist organizations which have dominated both sides of this conflict. Once Colombians turn away from violence, then the militias (including the FARC) can be taken down.

It will not be easy-- Uribe is seeking modifications to term limits to let him run again for the same office. In this regard, he joins the ranks of Hugo Chavez, Alberto Fujimori, and other Latin American authoritarian leaders who would rather rewrite the law than step down. While it is hoped that the measure doesn't pass, we will have to see. Secondly, any President able to marginalize the militias would almost certainly have a platform that the US would not like. There would be additional resistance to breaking the historic ties between the countries.

Nonetheless, I am hopefull it can be done. It seems possible that within another decade, this horrible civil war will be only a memory.

I have generally called Colombia's raid unbelievably stupid. However, I figured I would discuss who the real winners and losers are in the developing crisis:

Winner: The FARC. With this crisis, Colombia has recalled their troops away from border areas, giving FARC a large and safe corridor in which to operate. Venezuela's mobilization is also believed to give the leader of FARC military protection of the Venezuelan government. If FARC continues with negotiations and releases the hostages as previously expected, France has also expressed some willingness to cease regarding FARC as a terrorist organization. Legitimacy by even some EU members may be a strategic victory in the on-going conflict. (Personally, I think that FARC needs to be seen for what it is-- a large-scale mafia-like organized crime syndicate which does not recognize international borders. I am not sure I would call them "terrorists" so much as the "Colombian Mob." They have no real political platform other than their own economic interests in cocaine production.)

Winner: Ecuador. Ecuador has in the past taken a tough line against general FARC activity in Ecuador with the exception of offers to try to mediate a peace process and hostage release. The attack has been seen across Latin America as unacceptable, and Correa has gained much-needed support.

Winner: OAS. OAS has shown that they are capable of dealing with crises in the area and helping to get people to back away from the brink of war (Ecuador has threatened military retaliation against Colombia over the cross-border raid).

Loser: Hugo Chavez. Closing the border to Colombia will exacerbate inflation and food shortages in Venezuela and likely cause dissatisfaction in the longer run.

Loser: Averro Uribe. Uribe is standing alone in this crisis-- it is unclear how much support he has even in Colombia relating to his handling of the crisis. The economic toll to Colombia is likely to be a real problem in the ongoing civil war.

Winner: de Silva. Brazil has shown that they can be a real diplomatic powerhouse in the area. It is likely that Brazil's influence in South America will be strengthened by their role in this crisis.

Loser: The USA. Bush's handling of the crisis ensures without any doubt that the lease for the only USAF base in South America (in Manta, Ecuador) will not be renewed. The posturing of all presidential candidates on the issue have further weakened US credibility and diplomacy in the area. The leftist governments see the US as being imperial, while the right-wing governments see the US as undermining their sovereignty. This is not good for us.

To be fair, Colombia's actions would be like having the US, without proper authorization from Mexico, carry out raids on drug trafficking organizations using American air and ground troops. Colombia clearly overstepped any reasonable lines and this explains Mexico's support for Ecuador on the matter.

As an American, I often feel like my President is unparalleled in stupidity* when it comes to managing our involvement in conflicts and crises around the world. Then, on occasion, someone does something somewhere which makes me realize we are not alone in our experience of being ruled by idiots.

* Ok, that is an overstatement. Bush may be inept at handling many crises but he has made important contributions to the resolution of others.

This week was one such week. Colombia attacked an encampment of FARC personnel in Ecuador during hostage negotiations prompting threats of war from two of Columbia's neighbors, Ecuador and Venezuela. When asked for an appology, Colombia has given given one entirly devoid of substance (sort of "sorry for the inconvenience, but we would do it again").

So the crisis began to unfold. By now at least Ecuador and Venezuela have deployed troops to the border with Colombia, and Peru may be doing the same. The three countries (often at odds with eachother) have united in support for Ecuador's sovereign control over that country's territory. Ecuador has even threatened military action against Colombia if substantive actions are taken on Colombia's side.

This was an extremely stupid move on Colombia's part. This has alienated the country which leases the space for the USAF base which the US uses for most anti-FARC missions, and it has also given Chavez an excuse to provide actual military support to the FARC. Furthermore this isolates Colombia and thus risks to cause issues for the economy of the area. Finally, as long as Ecuador is threatening military action against Colombia over the incursion, this provides FARC with a safe corridor of operations near the border of Ecuador, Peru, and Venezuela. I personally believe that the FARC needs to be defeated but Colombia cannot do this by themselves. I fear this action may cause many issues for Colombia for a long time.

As if this wasn't enough, Ecuador has managed to get all of South America largely on their side. However, Colombia far from being apologetic has decided that they will take the matter to the International Criminal Court where they will charge Chavez with genocide for his alleged (though probable role) in supporting FARC. The problem with this is that the timing at least (and in all likelihood the charges themselves) is so clearly politically motivated that I don't think the ICC would act. Instead this just drives those who are infuriated over the incident into positions where more is required.

I wish I could say that I was optimistic. But I now fear that this will degrade into some sort of war. Colombia has chosen to be the worst kind of neighbor and in all likelihood this will cause serious problems for a long time. If Colombia is to defeat the FARC, they will need all the help they can get. Making enemies with three of their four neighbors does not seem wise.

FARC has scored an important political victory here in the same way that Hezbullah scored an important victory in the war with Israel last year. They have been given, through ineptness on the part of Uribe, a safe haven, and safe corridors of operation. They have also restricted the amount of aid which will be available to Colombia long-term (largely sealing the fate of the lease of the USAF base at Manta, Ecuador), and set their enemies all alone in the night.

One of the more interesting arguments I have been in recently is whether scientific epistomology is limited and whether this implies that spiritual truth is somehow separate from scientific truth. The principle of separation has been labeled "Non-Overlapping Magisteria" or NOMA by the Catholic Church and the name has stuck. NOMA has been criticized as suggesting a false coexistance but I would argue that the issues with NOMA are due to both science and religion treading on eachothers' territory.

Of course, I am not a Catholic, or even a Christian. I expect my views here to ruffle quite a few feathers but I have done my best to make my argument solid.

The False Problem with NOMA:
A naive look at NOMA suggests that it is in fact a problematic principle because religions such as the Catholic Church have progressively given more and more of what was historically their domain over to science. Thus it is tempting to see NOMA as a drawn-out surrender where science gets to answer anything it can prove and religion gets to answer the rest. In this view, religion basically is there to offer certainty about things we can't be certain about and hence has no place in a scintific world is due to problems defining spiritual truth among both scientists and religious people.

Science does not Exist in a Vacuum:
Similarly, a lot of people water down science by suggesting that it is somehow fully self-contained, and that data inevitably leads to theory. The basic problem with this view is that the development of theory requires more than just a mathematical review of the data. Scientific theories arise from review of data, and by definition they are falsifiable (if some data is later discovered which disproves the theory) but they also contain elements of the theoritician's world-view beyond simply trying to put the pieces together. I suspect that this is why theoretical physicists who are deeply into phylosophy and spirituality are so well represented in the top tier of their field.

In short, as Werner Heisenberg pointed out, theory is developed by an individual reviewing data and applying ideas which pre-exist the review of the data to them (see "Physics and Philosophy"). I suspect that this was also behind Einstein's proclemation that imagination is more important than knowledge. Science is thus largely an area of applied philosophy where philosophical principles are applied to interpretation of data in the formation of theories much in the same way that engineering applies physics, chemistry, enad the like.

As such, science deprived of non-scientific ideas would also be denied the major breakthroughs that we have seen in every area.

The Limitations of Science:
Science is a methodology for a limited form of natural discovery which can provide some grounding for certain forms of philosophy but lacks any direction of itself-- even the direction of science is dictated by outside ideas as documented above.

Science is at its strongest where reproducible experimentation is possible. It is at most overextended where reproducible experimentation is not possible. For example, science probably cannot say much for certain about otherwise normal people who claim to have witnessed miracles, claim to have been abducted by aliens, etc except that "we don't know." Hence the hard experimental sciences in areas like particle physics and quantum mechanics are where it is strongest, and the soft sciences relating to subjects like psychology are where science is the weakest. In the middle are areas where limited experimentation may be possible but where the bulk of material to work from has to be unearthed-- areas such as paleontology, archeology, and historical linguistics. (Mathematics does not fit into this classification and is probably better described as a branch of deductive logic rather than science.)

Interestingly, what hamstrings scientific psychology is a scientifically valid observation argued first (in the field of modern psychology) by Carl Jung, that humans do not come into the world as blank slates, that we carry with us individual personalities (what he called the "a priori self") from a time before birth. This is observable in that some fetuses are more active than others, and display other behavioral differences as well. Since there is a portion of the psyche which is not reproducible, then you end up with a fundamental problem when looking for reproducible results-- at best results may show up in statistical analysis, but actual experimentation and repeatability is fundamentally limited even excluding ethical concerns.

The Valid Role of Science:
Science represents the best epistomology for seeking an understanding of mechanism of our current natural and (broadly-speaking) historical external world. It also provides more limited insight into older historical elements of the artificial world through archeology, historical linguistics. Finally there is even more limited value in areas such as clinical psychology (psychiatry is something different which is generally grounded in neural science and experimentation and is hence more scientific than clinical psychology).

However, science can never go from mechanism to goal-- it can never tell us what we as a society should value, and can never provide by itself any viable ethical principles (it can provide a method for validating actions we take in support of ethical principles, however).

Science can never be the guide to what is great artwork or music, and I believe it will ever be able to provide guidance for relating to the experience of the divine, which if my understanding of comparitive religion is accurate seems to be a near-universal aspect of the human condition. Science might be able to provide some insight into what makes certain pieces of art great or what the mechanism is in the brain for the sense of the divine, but cannot provide guidance beyond mechanism.

So science must remain concerned only with mechanisms and things which (necessarily spring from mechanism, such as chronology, age, and timing) of the natural and to a lesser extent the psychological and artificial world as well.

The Place of Religion:
If Science limited by its own epistomology, then the question becomes what of religion? Is there a place for religion alongside science and philosophy? I think that this problem, when approached rationally provides ample room to criticize and limit the scope of religious discourse. But I think that when one looks back it is clear that there is a place for religious belief.

The first issue is that religion must give up any claim of authority over mechanism (and hence chronology, age, timing, etc) of the natural world. This means that evolution for example exists in an area where religion has no claim of authority.

Most of the world's religions historically important religions developed at least in large part before the adoption of writing. Walter Ong ("Orality and Literacy") has documented a fundamental shift of thinking which occurs when one moves from oral-tradition-centered cultures to literacy-centered cultures. The literacy shift is, I believe, the core of the cognative shift which lead from the Renaissance to the "Enlightenment." However, as the Abrahamic religions developed in literary societies (including but not limited to Christianity, Islam, and Judaism), they have tended to have an emphasis more on the idea of literal truth. It is thus my belief that religion must step back and address issues more along the way that Hinduism or Platonism does-- as metaphores where the Ideas behind must be sought rather than mere simple pronouncements of literal truth.

Religious traditions thus end up being language-like structures for helping us relate to various aspects of our inner and outer world but exists in a way which is fundamentally does not overlap with science and yet provides immeasurable value (perhaps greater value than religions do today). In this view, science and religion could enhance eachother and coexist without conflict and both provide their best to society and eachother.

Ultimately, this means that most religions today must give up more than science, but in my view this is not a surrender but an act where religion refocuses itself on what it is really all about.

For some time I have been looking at the possibility of starting a new organization to help fill what I believe is a gap in the available coverage by other organizations. The Institute for the Advancement of Open Source would:

1) Help with outreach and advocacy of free/open source software, documentation, and content.

2) Provide minimalist and marketing-friendly guidelines and definitions for what qualifies as free/open source. This is different from the OSI OSD in the sense that the OSI OSD is largely designed for evaluating specific licenses by a specific organization. I believe that it is well beyond the time and ability of marketing managers to understand the organization-specific interpretations of that definition (and how the organization's interpretation differs from the nearly identical DFSG).

3) Provide a place where people involved in Free/Open Source software, documentation, and content can come together, work together, and mentor others involved in the same area.

This will be different from other existing organizations in the following ways:

Unlike the FSF, we will have objective criteria for what constitutes Free/Open Source. Nobody will be left wondering how forced advocacy (as in the GNU Manifesto as an invariant section of the EMACS documentation) fits into the free speach/free software world.

Unlike the OSI and SPI, we will not limit ourselves to software. Also OSI has not really taken on a lot of the positive outreach possibilities in recent years, and although SPI has that in its charter, they have not done so either. We will not be providing the organizational support for specific projects that SPI does, nor will we provide license certification as does the OSI. Instead we will be primarily an outreach organization aimed at advancing free/open source sofware.

What do people think? Does this make sense?

Following disagreements which have gotten me banned from the OSI license discuss list over the right or power of OSI to unilaterally claim total authority over the term "open source" (a view which is disclaimed on the OSI site, but is generally held by various license-discuss participants including the list moderator-- those interested in what was actually said can check the December and January archives of that list on the OSI site), I have decided that the best way forward is to help fill the void in the industry by offering simple and concrete guidelines that my business will be using to determine whether or not we can use a license for development under our open source policy. This policy is generally in the same spirit as OSI's OSD and the FSF's Four Freedoms, but is designed to be less subject to arguments over interpretation, and easier for businesses to use as guidelines for when to state that software is uncontroversially free and open source. Note however that the guidelines are somewhat stricter than either the FSF's guidelines for Free Software or the OSI's OSD.

One of the key points one must be aware of is that software freedom carries with it an economic advantage. The goal of this set of guidelines is to help provide an objective framework for understanding when we feel that this freedom is crippled through onerous requirements either on the developers or the end users. Our commitment is to preserving this freedom for our customers and we hope other businesses will adopt similar guidelines.

The first two requirements are hard requirements. If either of these are violated, we will not do work on the project though we may help arrange others to do this.

1: Open source works must not place restrictions on use, nor may it force one to distribute source code except when one has opted to provide a copy of object code. Furthermore, no bundling restrictions may be in place. This provision disqualifies licenses which restrict commercial use either directly or indirectly (as the Aladdin License seeks to do), as well as ones which force distribution of modifications (such as those of the Aferro GPL and Larry Rosen's Open Software License). It does not disqualify the GPL v2, nor does it fully disqualify the GPL v3.

2: Modifications must be possible for all sections of the work except for the license text itself. One must be allowed to distribute such derivative works and to provide the same rights downstream as were granted to oneself. This disqualifies GFDL works which include invariant sections. If someone stated that one must *choose* a specific license and not provide the rest of the rights downstream, we would not work on that project either. This would also disqualify GPL v3 programs where additional permissions require their own removal on modification.

The following guidelines involve license selection. These do not disqualify us from working on various projects, but help us determine what licenses are best for a project:

3: Licenses should be no more restrictive then absolutely necessary for either party. Where all things are equal, more permissive licenses are preferred.
4: Licenses should be no more complicated than absolutely necessary. Where all things are equal, simpler (and usually shorter) licenses are preferred.

The final guideline defines our community involvement:

5: Multivendor solutions are preferred over single-vendor solutions.

What do people think?

UPDATE:
There has been a change in moderators of the license-discuss list. I was banned by Russ Nelson, not the current moderator (Ernie P). Ernie has been an important positive influence on the OSI in general and I wish him luck. However, I have serious questions about the OSI's ability to actually contribute substantial resources to the community at the present time, so I suppose I will work on these challenges and reconsider my involvement on the lists later.

A ballot initiative in Arazona has been put forward to attempt to deny citizenship to individuals born in this country to parents who are not here legally. I believe that this measure is Unconstitutional and something every American ought to oppose.

To be fair the issue of children being born to illegal immigrants who then give additional benefits to their parents is a real issue, but solutions to this problem exist which do not impose burdens on American citizens and do not run amok with the Constitutional definition of citizenship (being applicable to all who are born or naturalized in this country and who are subject to the jurisdiction of our country) found in the 14th amendment.

Proponents of the measure suggest that individuals born in this country to illegal immigrants do not fall under this ammendment. They point to congressional record to support their arguments but neither the plain wording of the amendment of the 14th Amendment nor the congressional record support this limitation. In general, the 14th amendment was understood to exclude certain classes of individuals, most notabably alians (neither born nor nationalized in the US), and children of diplomats or ministers of foreign governments (whose diplomatic immunity excludes them from US jurisdiction).

An attempt to ensure that only children of US citizens are US citizens would impose serious burdens on US citizens when their children are born. As my son was born overseas, I had to go through a similar process ater his birth. I don't think that requiring something in the US would be wise even if it was Constitutional (which I don't believe it is).

A better approach would be to make a simple rule: US citizens must meet a minimum age of, say, 21 years old before petitioning the entry of blood relatives. Furthermore, when a family of illegal immigrants is detained and deported, any US citizen children of the family who have no immediate relatives legally in the US would be issued a passport and then deported. The passport would then allow the child to apply for a new passport when he/she becomes an adult and re-enter the US as a US citizen. No interpretation of the Constitution I can find would prevent the US government from barring entry of minor US citizens when not accompanied by a legal guardian who is also legally able to enter the country. By placing a minimum age of 21 on top of a petition process which can last several years, we could remove any incentive to have children in the US for the sole purpose of one's own immigration status.

A second piece of our policy needs to be a sane immigration policy which does not create a massive black market for illegal immigration. This black market fuels drug and human trafficking, and these industries could be set up to smuggle other dangerous substances into the US, such as those which might be useful in large-scale terrorist activities. Therefore illegal immigration is a systemic threat to our national security. This means that we need strong reform for the processes of bringing in foreign workers and that we work to slowly help ensure that people who are currently on welfare have an opportunity to make a better living for themselves taking jobs which currently go to illegal immigrants (however, here, the devil is in the details).

NULLs are, IMO, the only major blunder in Codd's initial rules of relational databases. NULLs introduce data ambiguity because they have two possible yet distinct meanings: unknown (but applicable) and not applicable.

Until very recently, I was in the camp which said that use of NULLs should generally be avoided in database design because of the issue raised above (semantic ambiguity). The idea I previously held was that NULLs should only represent information which is presumed to be applicable but is currently known (perhaps because there is no business requirement to collect it). I now believe that a disciplined approach to using NULLs to represent non-applicable values when appropriate is better than a general policy of avoidance. This puts me in a camp now decisively opposite many people in database design (including Chris Date).

The basic issue is that the semantic ambiguity of NULLs makes the relational model incomplete. This has a fairly serious consequence-- many sorts of data constraints cannot be meaningfully applied in relational databases when NULLs cannot be used for non-applicable data. Take for example the following information record:

job_id: 123
created_by: chris
created_at: 2007-12-14 15:30:36.6543-8
completed_at: NULL
success: NULL
error_condition: NULL

we might represent the above record in a table such as:
create table pending_job (
id serial not null unique,
created_by text not null references users(username),
created_at timestamp default now(),
completed_at timestamp,
success bool,
error_condition text,
CHECK (completed_at IS NULL OR success IS NOT NULL),
CHECK (success IS NOT FALSE OR error_condition IS NOT NULL)
);

In short, when the job completes, we must log whether the job was successful.
When the job is not successful, we must log a reason.

Now, it might be possible to break the completed information into a separate table, though I don't see any real normalization benefits to doing so since all dependencies are on the id field anyway (this is artificial data structured in an artificial manner). However, whether or not we do so, we cannot maintain a constraint which states that the error_condition field must be populated on a failed job when it is completed unless we allow the use of NULLs to represent non-applicability in this case.

There has been a lot of criticism from both Republicans and Democrats about the latest National Intelligence Estimate's assessment of Iran's nuclear weapons program. Most of this criticism doesn't withstand even a cursory reading of the document. The document does, to some extent vindicate the Bush Administration's concerns about Iranian nuclear weapons development, and it does suggest that we need to apply serious pressure to keep the weapons program stopped. In short it is not nearly as soft on Iran as critics on all sides would want people to believe.

In fact the Bush Administration is quite right that we need to keep pressure up on Iran to stop nuclear fuel enrichment except as might be subject to extremely thorough and intrusive third-party (probably IAEA) inspections.

However this does not address I think the big issue with the document-- that it shows that the Bush Administration is lying again to the American people to whip up fear and support for his agenda just like he did with Iraq. Democracy is castrated when the people are lied to. We have been saddled with this mess (which is now our responsibility to somehow fix) because we rushed to war due to lies. Now we know it is happening again, so the urge is to turn away from policies which should have our support for the right rather than the wrong reasons.

We need a clear, calm, and generally honest voice about what is actually going on. Now is not the time for the arrogance of power.

In the end, this may all be good. International pressure is continuing on Iran and not just from the United States. At the same time, this may help lead the way to real change (regardless of which party wins) in the next Presidential election.

I have recently been in a discussion on the LedgerSMB development list over the value of normalization of our database and where I feel that we need to go. This lead to a fairly heated debate between those of us who work on the database back-end in part because a lot of databases are sometimes normalized in ways which are not practical. My view, which I still hold, is that normalization is always a good thing if done properly, but that sometimes people try to do recipe-book normalization without understanding the process and create horrible messes.

For people who don't know what normalization of a relational database schema involves, this is the process by which data dependencies are analyzed and tables broken down in such a way as to duplicate as little data as possible. As one progresses through the normal forms (First Normal Form, Second Normal Form, Third Normal Form, Boyce/Codd Normal Form, Forth Normal Form, and Fifth Normal Form) one breaks up tables into smaller entities so that single facts are stored in one place only (and therefore are less likely to get out of date). Just as good object-oriented design breaks up data structures along lines on dependencies of program flow (so that proper encapsulation is possible), good relational design breaks up data relations along the lines of dependencies on data (so that central data management is possible).

In my view, relational data modelling is a fairly straight-forward mathematical exercise. And in general, normalizing to third normal form does not cause people to make too many mistakes. However, further normalization is fraught with hazards because many database engineers try to apply some method of arriving at a model of data which does not take into account its own structure. In many cases (key-value modelling, for example) these approaches are foreign to the relational model and hence result in problems. I call these messes "misnormalized databases." In most of these cases, though, the best option is to avoid such ideas and stick with table structures that best represent the structure and dependencies of your data.

When one progresses beyond third normal form, one of the problems that one encounters is the fact that it is not possible to know how normalized a table is without knowing how the table is used and what real-world constraints are on the data (data may exist independent of any given program flow, but it does not exist independent of its use). In general the places where one runs into trouble are:

1. Tables where the information in them is no longer sufficient to derive any authoritative statement from the record and those records noted via foreign keys specifically in that table.
2. Tables normalized in a way which makes it more difficult to enforce real-world data constraints (this usually means you are missing real data dependencies).
3. Tables normalized for the sole purpose of reducing duplicate information without addressing internal data semantics.

Additionally, relational modeling allows for easier enforcement of data constraints in data not subject to prior data structure constraints (accounting data in particular does not allow for all constraints to be specified in relational terms in the current generation of RDBMS's). Hence things like addresses, location data, and customer information are more easily stored and checked than financial data (one area where I see room for improvement in RDMBS's).

In general, normalization is always a win if it is done well. If it is done badly without proper analysis of real world data constraints, you end up with a mess.

Having now worked with some interesting applications where artificial data structures and rules were issues (including accounting rules), I have come to decide that RDBMS's need some additional features to meet certain types of needs. Otherwise one is required to forego some (often important) data integrity rules in favor of giving the application authoritative responsibility for data integrity.

The most frequent issue one might have involves double-entry accounting rules. In double-entry accounting, every transaction must be balanced (the sum of the amount must equal 0), but each transaction can involve an arbitrary number of parts. Logically we might have:

Account Number...Amount...Transaction...Reference
1010 Checking...10000....19934.........Total Payment Customer 5
1300 AR.........-3000....19934.........Paying vendor 5, invoice 35
1300 AR.........-7000....19934.........Paying vendor 5, invoice 36

Current generations of RDBMS's that I have worked with do not provide any means of enforcing this sort of constraint outside of procedural logic (i.e. stored procedures). It would be really nice to be able to declare such constraints within the DDL of SQL itself, or at least be able to create triggers which allow this sort of enforcement when running arbitrary SQL.

The major difficulty in enforcing the above transaction is that one can only enforce the constraint at the transaction level. Each individual row insert will violate the constraint. So table-level constraints do not work in this case. I see three options:

1) Deferrable check constraints on the table level. However, performance here is likely to suck because if you have a constraint like:
check sum(amount) = 0 default deferred
every transaction is going to have to run an aggregate on the table, which could become quite large in an accounting applicaion.

2) A better option might be to have an insert_set constraint (when updating is disabled), so that only the inserting record set is checked. Note that this does not affect other situations where these sorts of rules might be in place but updates are allowed.

3) Transaction-level triggers with full access to the old and new row sets. A trigger might look something like this (in pseudocode):

if operation = update then
      select transaction from new where transaction IN (select transaction from affected_table where pkey NOT IN (select pkey from old));
      IF FOUND then
              raise exception "updating part of a transaction not allowed"
      end if;
end if;
select transaction from new group by transaction having sum(amount) 0;
if found then
      raise exception "write set includes unbalanced transaction(s)!"
end if;

While I would prefer a declarative interface (and hence check constraints instead of triggers), it would be nice to have any improvement in this area rather than have to rely on stored procedures to enforce data integrity.

As many programmers are aware, there is a conceptual mismatch between relational and object oriented data modeling approaches. This mismatch causes a great number of headaches for both application developers and database administrators. Unlike Chris Date (whose Third Manifesto suggests a unification of db and OO schemes in a tightly bound and relationally oriented fashion), I am going to suggest that the problem is one which cannot be solved simply by adopting a fully relational approach, nor do object-relation mappers solve the problem (they force the adoption of an object-oriented approach).

The basic issue is that, although relational and object oriented provide methods of partitioning data variables, the goals and methods of determining how that data is partitioned is fundamentally different. Relational models focus on breaking down data so that it can be easily managed with a minimum of duplication and error correction. Object oriented models focus on breaking down data into portions which are organized by their relevance to the flow of data processing (hence the emphasis on encapsulation). Consequently relational and object oriented designs often cannot be mapped to eachother in a straight-forward way because the models are not mathematically equivalent (i.e. one relational model does not necessarily imply a single given object model, nor does a single given object model necessarily imply a single given relational model). Furthermore, a relation as a unit of semantic data storage or semantic data description is not the same thing as an object which is a unit of data flow. This contextual difference (partitioning the data attributes using data dependency vs flow dependency) more or less dooms attempts to treat these systems as equivalent.

Since these concepts cannot be mapped to eachother in an optimal and straight-forward manner, so we should probably forget about this sort of effort. ORM's and the like are probably quite useful for sets of applications where good relational design doesn't matter (one-off small web apps which don't need to connect to other applications in any way) but they fail for any application where the re-use and central management of data is important. The only trap here is that one-off applications which are expected to remain islands forever sometimes develop into something that has complex integration needs. In this case, one is unable to integrate on the data level.

In general I see three options for developers to use in addressing this problem. The inherent tradeoff is between reporting and centralized database on one hand and rapid application development on the other.

The first option is to use a simple object store for the application. XML files, BDB, serialized objects, OODB's, LDAP, etc. are all valid approaches here. In this approach, reporting is a lot of work (you have to do the retrieval and parsing yourself), and the information is not as manageable as it could be in an RDBMS, but the data models map exactly 1:1, and programming is easy.

The second option is to do a straight-forward mapping of relations to properties, and essentially use an RDBMS as a set-based serialization system. In this case, the data is not normalized, reporting is a challenge but doable, and the data is not really particularly reusable.

The final option is to provide separate physical and logical data stores. The physical data store is a highly normalized relational system, while the logical store consists of either views or stored procedures designed to present the data in a way consistent with flow-based dependencies. In essence these divisions avoid the mapping issues by making the model differences explicit. This means more time in database development, and marginally more time in initial application development, but a lot less time down the road making extensions. It also means that central management and reporting of data is strongest in this model.

SODA and the Object-Relational Impedance Mismatch
One of the major software engineering problem of today is the Object-Relational Impedance Mismatch which makes it difficult to blend object oriented programming with well-normalized relational databases. One of the main types of attempts to solve this problem involves the development of Object to Relational Mappers (ORMs) which attempt to abstract the relational issues and map the data structures of an object to relations in the database.

Accepting Futurepower's criticism, I would also direct the reader to the Wikipedia article.

Unfortunately, there may be cases where ORM's run into fundamental math problems in converting the data structures. They also tend to be somewhat limited because most of them are OO programmers looking at RDBMSs, and so forth. (This is not universally the case. DBIx::Class is remarkably well throught out). However, because we do not have consistent high-quality ORMs with portable object definitions in any large number of languages, use of ORMs in software engineering largely restricts database design and undermines the promise of creating well-designed relational databases which can be easily mapped to object oriented interfaces.

In the LedgerSMB project, we have taken a different approach that we hope will be as revolutionary as Service Oriented Architectures promise to be for software engineering in general. In fact by approaching the problem from a service oriented rather than a data oriented standpoint, we have created a unique and portable approach to the object-relational problem. We call our approach Service Oriented Database Architecture, or SODA.

The basic promise of SODA is that programs can discover data interfaces and bind to those automatically rather than having an application generate SQL DML commands. SODA will live up to this promise by focusing on discoverable interfaces so that applications and code generators can dynamically create appropriate classes and methods. However, with current generations of PostgreSQL, there are limitations which restrict the use in large environments. However, Oracle developers may find these ideas quite useful as well (the ideas create different limitations on Oracle).

Basic Architecture
In LedgerSMB we use a flat namespace (because we don't have access to a package structure like Oracle uses) and use naming conventions to avoid conflicts. Stored procedures are named with lowercase class names, followed by a double underscore, followed by a lower case method name. So Report::Income_Statement becomes report__income_statement. A class can therefore easily search for its own methods in the database system catalogs.

The second major piece of SODA is that of discoverable argument->property mappings. Hence if Income_Statement has two arguments (both dates) named date_from and date_to, we can name these arguments, we can provide enough information for the class to do this mapping. Since PostgreSQL supports named arguments we use these. Due to name conflicts with potential tables one may be interacting with, we preface all arguments with in_. Hence we declare our function as:
CREATE FUNCTION report__income_statement(in_date_from date, in_date_to date) RETURNS SETOF account_line AS ....

Now all the information needed to discover this interface, identify it with a class and properties can be found in the system catalogs.

Future versions will probably include class data structure outlines created as TYPEs, and an ability to handle arrays of complex tuple-based types as stored procedure arguments, so that one can fully discover data interfaces from the database.

SODA brings the same benefits as other SOA technologies to software engineering but addresses the interface with the database. This can allow for a more flexible re-use of business logic, and a loose coupling between the object and relational paradigms. Please let me know what you think.