We asked David Treadwell, Microsoft's general manager of the .Net Platform Developer Division, to comment on key issues that arose while researching .Net's performance. Treadwell's answers were surprisingly frank and shed light on Microsoft's Longhorn future.
Q: When Windows .Net Server was renamed Windows Server 2003, it raised questions about Microsoft's commitment to .Net as a platform.
Treadwell: We realized that both .Net and Windows were platform initiatives, and in branding Windows server, we chose Windows. WinFX (the collection of Longhorn technologies) is a superset of the .Net platform, but we're now including it as part of the Windows brand. We're trying to move the .Net label more toward Web services, rather than apply it broadly to the whole platform.
Q: Are you satisfied with the progress made so far in wrapping .Net managed interfaces around the base OS and your servers and applications?
Treadwell: It takes many years. Win16 to Win32 took a long time. In the .Net Framework 1.0 and 1.1, we worked hard to cover the platform. We missed some things -- for example, we chose not to do serial I/O classes. In Whidbey, we'll get to some of those things we didn't have time for. The WinFX prime directive, when we get to Longhorn, is to deliver first-class managed access to all broadly used system technologies.
Q: Why wasn't No-Touch Deployment more successful, and how will ClickOnce correct that?
Treadwell: No-Touch Deployment was shaky. It didn't have the infrastructure to do auto-updates. You want to be able to install in a low-impact manner without changing the machine configuration. And when you're cached on the machine, you want to check for updates and refresh that cache automatically. The infrastructure wasn't quite there yet; ClickOnce, in Whidbey, will be better.
Q: What practical benefits is .Net's security architecture delivering today?
Treadwell: Here's a simple one: If you write pure managed code, a buffer overflow just can't happen. So a whole class of nasty security bugs goes away. As for code identity, I love the vision. But I'll acknowledge that it hasn't taken off as we'd hoped. When people tried to write partial-trust apps, it always turned out there was one thing they needed to do and couldn't. We have to do more work to find the right scenarios where you can do a functional smart-client app that runs in partial trust and doesn't require the user to micromanage permissions. In WinFX, I want to make it viable to write partial-trust apps that can do real things.