Respecting Lotus Notes

Richard Schwartz wonders why this item didn't mention Lotus Notes as a security exemplar:

Lotus Notes has had evidence-based code access security -- PKI-based digital signature on code, and the ECL to control finely-grained permissions -- since release 4.5. It's been there for nearly a decade.
True. It's also true that, as Richard suggests, Lotus Notes suffers from a Rodney Dangerfield-like lack of respect. For what it's worth, I do respect Lotus Notes, and here are some of the reasons why.

Security. My first PKI experience was with Notes, long before there was a web, never mind a PKI-capable web. I appreciated the virtues of the PKI model then, and proceeded to evangelize it for many years. Notes was way ahead of its time in this regard. Although Groove's peer-to-peer model challenged Notes' by-then-conventional approach, it became clear that the two were complementary. Organizational cross-certification and ad-hoc spontaneity could, and should, co-exist.

User empowerment. The hallmark of Notes was, and is, the data-gathering and reporting application created by an administrative assistant. Enterprise Wikis are becoming the fashionable way to do this nowadays, but Notes has been there all along.

Hybrid data model. Notes' blurring of the boundaries between document-oriented and record-oriented data was extraordinarily useful. One way to read the history of XML is as an effort (still in progress) to formalize a hybrid data model that embraces both perspectives.

Rodney Dangerfield is one avatar for Lotus Notes, but I think there's a better one. He's a character in a cartoon sequence that appears in Tom Wolfe's Mauve Gloves & Madmen, Clutter & Vine. I don't know the guy's name, but he's called The Man Who Always Peaked Too Soon.


Former URL: http://weblog.infoworld.com/udell/2005/08/01.html#a1279