Day One of the 9th annual QCon New York conference was held on June 13th, 2023, at the New York Marriott at the Brooklyn Bridge in Brooklyn, New York. This three-day event is organized by C4Media, a software media company focused on unbiased content and information in the enterprise development community and creators of InfoQ and QCon. It included a keynote address by Radia Perlman and presentations from these four tracks:
- Architectures You've Always Wondered About
- Hosted by Sergey Fedorov, director of engineering at Netflix.
- Offers attendees a chance to go behind the scenes with some of the world's most successful technology companies.
- Modern Data Architecture & Engineering
- Hosted by Allen Wang, senior staff engineer at DoorDash.
- Offers attendees to learn some fundamental, powerful yet versatile building blocks and their core engineering principles that you can leverage to build a simple yet efficient and scalable data architecture.
- Language Platforms and Software Supply Chain
- Hosted by Priya Wadhwa, software engineer at Chainguard, and Colin Eberhardt, CTO at Scott Logic.
- Delves into the latest developments in language platforms, enabling developers to write code using a growing range of languages across an expanding array of platforms.
- Staff+ Engineering: New Skills, New Challenges
- Hosted by Leslie Chapman, engineering fellow at Comcast.
- This track will talk about what it takes to be an effective and successful Staff+ Engineer.
There was also one sponsored solutions track.
Dio Synodinos, president of C4Media, Pia von Beren, project manager & diversity lead at C4Media, and Danny Latimer, content product manager at C4Media, kicked off the day one activities by welcoming the attendees and providing detailed conference information. The aforementioned track leads for Day One introduced themselves and described the presentations in their respective tracks.
Keynote Address: The Many Facets of "Identity"
Radia Perlman, a pioneer of network design, inventor of the Spanning Tree Protocol and fellow at Dell Technologies, presented a keynote entitled, The Many Facets of "Identity". Based on the history of practicing authentication methods, Perlman provided a very insightful look at how the phrase "the identity problem" may not be as well-understood. She maintained that "most people think they know the definition of 'identity'...kind of."
Perlman went on to describe the many dimensions of "identity" including: human and DNS naming; how to prove ownership of a human or DNS name; and what a browser needs to know to properly authenticate a website. The theory of DNS is "beautiful," as she described, but in reality, a browser search generally returns an obscure URL string. Because of this, Perlman once fell victim to a scam while trying to return her driver's license.
She then discussed how it is difficult for humans to properly follow password rules, questioned the feasibility of security questions, and recommended that people should use identity providers. Perlman characterized the Public Key Infrastructure (PKI) as "still crazy after all these years" and discussed how a certificate authority, a device that signs a message saying "This name has this public key," should be associated with the registry from which the DNS name is returned.
She then described the problem with X.509 certificates such that Internet protocols use DNS names, not X.500 names. "If being able to receive at a specific IP address is secure, we don't need any of this fancy crypto stuff," Perlman said. She then compared the top-down and bottom-up models with DNS hierarchical namespaces in which each node in the namespace represents a certificate authority.
Perlman recommended the bottom-up model, created by Charlie Kaufman circa 1988 because organizations wouldn't have to pay for certifications. Also, there is still a monopoly at the root level and the root can impersonate everyone in the top-down model. In summary,
Perlman said that nothing is quite right today because names are meaningless strings and obtaining a certification certificate is messy and insecure. In conclusion, Perlman suggested always starting with the question, "What problem am I solving?" and comparing various approaches. In a humorous moment early in her presentation, she remarked, "I hate computers" when she had difficulty manipulating her presentation slides.
Perlman is the author of the books, Network Security: Private Communication in a Public World and Interconnections: Bridges, Routers, Switches, and Internetworking Protocols.
Highlighted Presentations: Kappa architecture, Sigstore, and WebAssembly
Laying the Foundations for a Kappa Architecture - The Yellow Brick Road was presented by Sherin Thomas, staff software engineer at Chime. Thomas introduced the Kappa Architecture as an alternative to the Lambda Architecture, both deployment models for data processing that combine a traditional batch pipeline with a fast real-time stream pipeline for data access.
She questioned why the Lambda Architecture is still popular based on the underlying assumption of Lambda: "that stream processors cannot provide consistency is no longer true thanks to modern stream processors like Flink." The Kappa Architecture has its roots in a 2014 blog post by Kafka co-creator Jay Kreps, co-founder and CEO at Confluent.
Thomas characterized the Kappa Architecture as a streaming-first, single-path solution that can handle real-time processing as well as reprocessing and backfills. She demonstrated how developers can build a multi-purpose data platform that can support a range of applications on the latency and consistency spectrum using principles from a Kappa architecture. Thomas discussed the Beam Model, how to write to both streams and data lakes and how to convert a data lake to a stream.
She concluded by maintaining that the Kappa Architecture is great, but it is not a silver bullet. The same is true for the Lambda Architecture due to the dual code path making it more difficult to manage. A backwards-compatible, cost-effective, versatile and easy-to-manage data platform could be a combination of the Kappa and Lambda architectures.
Sigstore: Secure and Scalable Infrastructure for Signing and Verifying Software was presented by Billy Lynch, staff software engineer at Chainguard, and Zack Newman, research scientist at Chainguard. To address the rise of security attacks across every stage of the development lifecycle, Lynch and Newman introduced Sigstore, an open-source project that aims to provide a transparent and secure way to sign and verify software artifacts.
Software signing can minimize the compromise of account credentials and package repositories, and checks that a software package is signed by the "owner." However, it doesn't prevent attacks such as normal vulnerabilities and build system compromises. Challenges with traditional software signing include: key management, rotation, compromise detection, revocation and identity.
Software signing is currently widely supported in open-source software, but not widely used. By default, tools don't check signatures due to usability issues and key management. Sigstore frees developers from key management and relies on existing account security practices such as two-factor authentication. With Sigstore, users authenticate via OAuth (OIDC) and an ephemeral X.509 code signing certificate is issued to bind to the identity of the user.
Lynch and Newman provided overviews and demonstrations of Sigstore to include sub-projects: Sigstore Cosign, signing for containers; Sigstore Gitsign, Git commit signing; Sigstore Fulcio, users authentication via OAuth; Sigstore Rekor, an append-only transparency log such that the certificate is valid if the signature is valid; Sigstore Policy Controller, a Kubernetes-based admission controller; and Sigstore Public Good Operations, a special interest group comprised of a group of volunteer engineers from various companies collaborating to operate and maintain the Sigstore Public Good instance. Inspired by RFC 9162, Certificate Transparency Version 2.0, the Sigstore team provides a cryptographically tamper-proof public log of everything they do.
The Sigstore team concluded by stating: there is no single or one-size fits all solution; software signing is not a silver bullet, but is a useful defense; software signing is critical for any DevSecOps; and developers should start verifying signatures including your own software. When asked by InfoQ about security concerns with X.509, as discussed in Perlman's keynote address, Newman stated that certificates are very complex and acknowledged that vulnerabilities can still make their way into certificates. However, Sigstore is satisfied with the mature libraries available to process X.509 certifications. Newman also stated that an alternative would be to scrap the current practice and start from scratch. However, that approach could introduce even more vulnerabilities.
Build Features Faster With WebAssembly Components was presented by Bailey Hayes, Director at Cosmonic. Hayes kicked off her presentation by defining WebAssembly (Wasm) Modules as a compilation target supported by many languages, a solution where only one .wasm file is required for an entire application, and built from one target language.
She then introduced the WebAssembly System Interface (WASI), a modular system interface for WebAssembly, that Hayes claims should really be known as the WebAssembly Standard Interfaces because it's difficult to deploy modules in POSIX. She then described how Wasm modules interact with the WASI via the WebAssembly Runtime and the many ways that a Wasm module can be executed, namely: plugin tools such as Extism and Atmo, FaaS providers, Docker and Kubernetes. This was followed by a demo of a Wasm application.
Hayes then introduced the WebAssembly Component Model, a proposed extension of the WebAssembly specification that supports high-level types within Wasm such as strings, records and variants. After describing the building blocks of Wasm components with the WASI, she described the process of how to build a component followed by a live demo of an application, written in Go and Rust, that was built and converted to a component.
Ron Pressler, technical lead, OpenJDK's Project Loom at Oracle presented Virtual Threads for Lightweight Concurrency and Other JVM Enhancements. Pressler provided a comprehensive background on the emergence of virtual threads that included many mathematical theories. A comparison of parallelism vs. concurrency defined performance measures in latency (time duration) and throughput (task/time unit), respectively. For any stable system with long-term averages, he introduced Little's Law as L = λW, such that:
- L = average number of items in a system
- λ = average arrival rate = exit rate = throughput
- W = average wait time in a system for an item (duration inside)
A comparison of threads vs. async/await in terms of scheduling/interleaving points, implementation and recursion/virtual calls defined the languages that support these attributes, namely: JavaScript, Kotlin and C++/Rust, respectively. After introducing asynchronous programming, syntactic coroutines (async/await) and the impact of context switching with servers, Pressler tied everything together by discussing threads and virtual threads in the Java programming language.
Virtual threads are a relatively new feature that was initially introduced in JDK 19 as a preview. After a second preview in JDK 20, virtual threads will be a final feature in JDK 21, scheduled to be released in September 2023. He concluded by defining the phrase "misleading familiarity" as "there is so much to learn, but there is so much to unlearn."