Folks have started talking about the Data Access API for Pirates of the Burning Sea. Of course, this is an area of interest for me, and I have expressed some minor opinions on it. Joe Ludwig was kind enough to respond on that same page, and Darius K weighed in at his official work blog. As usual1, I'm going to talk in more detail here rather than somewhere else because it's easier.
Working on the XML for Dungeon Runners, we considered something very similar to what Flying Lab is doing, for very similar reasons - the ability to monitor individual applications, to revoke misuses of the data, and so on. Now that they and we are doing it differently, I don't mean to criticize them on the subject either... just discuss it, with the understanding that they prefer their solution and we prefer ours. :-)
One reason we forewent API keys and developer identification was the simple principle about simplicity: KISS. More moving parts means more maintenance and more points of failure (and given our budget, single points of failure). I suspected at the time - and this has largely turned out to be true - that if something needs to be designed or coded or produced for the Dungeon Runners XML system, I'm going to be the one to do it... along with everything else I do.
Another reason was that we weren't already providing a way to access this data in-game (e.g., using an /inspect command or something like that to view another character). We didn't want to create a situation where most of the players were waiting to get the data (either another player, or us). The raw XML is readable, so the players who write applications using the data can't themselves be gatekeepers deciding who can see what. Perhaps that would actually be desirable for Burning Sea's PVP, I'm not sure.
Of course, "low barrier to entry" is always a concern for a game like DR - one that probably isn't as big a deal for Burning Sea, probably - and we want to encourage as many people as possible to look at and play with the XML.
Finally, we feel pretty confident that we can accomplish the sames goals as Joe mentions on an IP basis - find out what external systems are asking for XML, how much, etc. See what sites are asking for XML, how often, etc., and block IPs if anyone gets rowdy. Not a perfect solution, but a pretty good one, considering the other tradeoffs we had to deal with.
And yeah, we're struggling with the questions of privacy and PVP data exposure too. We haven't exposed many of the things we'd like to, simply because we haven't hit on the right way to do it yet. When we have those answers, you'll see another surge in data exposure from us, without a doubt. :-P
1. It came up when discussing Cryptic's Cryptic DB, and it still holds true: LiveJournal provides much better word processing facilities - even when I'm using raw HTML and not their WYSIWYG rich text editor - than most blog software's facility for leaving comments. My posts also don't go through a spam/offensiveness moderation stage, and I can include links (I never know whether links are being accepted on most other blogs until after I've written the comment).
Also, the comment facility here is actually better (allowing links and images, providing a sizable text input window, threaded discussions, comment preview, etc.) for continuing discussions. Finally, thanks to OpenID, people can more directly connect their comments here with their blogs elsewhere.
Sunday, April 20. 2008
Other people's XML
Trackbacks
Trackback specific URI for this entry
No Trackbacks
