Do people really need the IE client?

[Rob R. Ainscough]

This is more of a conceptual question:

1. More and more companies are using VPN's and locking out internet
connectivity (for a host of reasons, security, productivity, etc.).
2. ASP.NET requires a web server and has more layers than a .NET Windows
application
3. a .NET windows app .DLL's and .EXEs are very small

So which is better, offer a Windows .NET component ("managed") that can be
downloaded installed from a web site or distributed in some other manner
(CD, ftp, VPN) that runs faster and has a much more responsive user
interface OR an ASP.NET web server based that has a slow IE client - many
more layers & configuration dependancies. Both can commuincate with a host
of databases backends.

Since .NET framework is multi-platform and a managed .NET app can operate on
multiple platforms, it seems to me that .NET windows forms apps are actually
a better solution than ASP.NET approach (with it's host of other
requiresments and security issues).

The downside is that the component needs to be installed on the client PC,
but the reality is that most people work on a one or two, maybe 3 PC's.
Since these .NET app components are small (most of my .NET apps are well
below 1MB, most around 500KB or less) a single download will often be a lot
faster than processing ASP.NET pages.

Sooo...where does this go? I'm thinking that .NET windows apps are indeed a
better solution (in most cases) than ASP.NET web apps -- certainly a LOT
faster in execution and have less layers, more secure, and much easier to
maintain.

I think the automatic distribution of .NET framework is now changing the
decisions to go Windows Form or ASP/web server. Both worlds are now open,
perhaps the era of the IE client is numbered?

rob.

 

[Sylvain Lafontaine]

The days of IE are not numbering simply because of security concerns: a .NET
windows component can do anything on your machine. Of course, you can
always say that you can start playing around with the security settings but
that doesn't change an iota to the real problem; as we have all learning
from the Java experience: you can take the time of doing a full security and
background check (minutes, hours, days, months, ...) on each site when you
are navigating the internet and touring many dozens of sites a day.

S. L.

 

[Elementary Penguin]

You should watch the MS webcast on "Smart Clients"

 

[Rob R. Ainscough]

Security wasn't really my point -- IE client is slow & layered -- many large
corporations (and smaller ones too) go the VPN route. And I wasn't really
suggesting a problem -- just questioning the concept of IE vs. the reality
of what people need, what businesses need, and how IE has seemed to gone
full circle (getting fatter along the way) only to be a slower & less secure
solution.

I realize IE will never go away because of it's advertisement potential
entering into the homes of millions -- but when you think about it --
Cookies and host of other components needed by IE and one web server based
net App, it really seems just like a bloated slower version of what can be
contained in .NET framework with very small distribution .NET windows
apps -- you cut out the web server, you cut out the IE translation, and you
cut out the execution of malicious code the end user never wanted or needed
(such as data miners, trackers, etc. etc.).

What I am noticing is that more and more businesses are moving away from IE
(for whatever reasons) based projects.

Rob.

 

[Sylvain Lafontaine]

For an Intranet, you're totally right; but for the Internet, many Extranets
and B2B, .NET client applications and even Smart Clients are totally out of
consideration at this moment for security reason.

I've myself be punched on that subject by a potential client and the simple
mention of it in a free discussion has been sufficient to get me out of the
course definitely.

S. L.

 

[Jon Skeet [C# MVP]]

<"Sylvain Lafontaine" <sylvain aei ca (fill the blanks, no spam

The days of IE are not numbering simply because of security concerns: a .NET
windows component can do anything on your machine.

I don't think it can by default. You can make it *insecure* by playing
around with security, but I believe that by default it's in a
relatively low trust environment.