2016-11-23

Survey Results

As promised we wanted you to give an overview about results of our survey.

Answers are not perfectly representative as we published it on Twitter only.
Most questions allowed multiple choices. Thus percentages sum up to over 100.


Results


OSM Buildings version

Numbers say Modern 3D Version is used by about 80% of projects.
Our impression is rather an even split between Classic and Modern versions.
We also got feedback that not everyone is clear about what version they’re using.


Application scenarios

Previous answers already indicate your application scenarios.
Data visualization leads with 70% followed by GIS with 60%, then Architecture with pleasing 17%.


Features

Our hints were perhaps too much inspiration. So keywords are: textured objects, indoor, terrain. Also some VR and some more building details.


Project environment

There is a large base of 60% of personal projects. Followed by businesses with close to 40%. Another surprise.
Then NGO/Education/Research at 30%.


Funding

Sponsored features leading by almost 70% which is a lot more than expected.
Followed by donations at 60% and some acceptance for subscriptions.
Also seems like GIS people slightly prefer donations.


Project partners

Strong 50% opting for MapboxGL.
Others sharing the rest evenly and sadly we’ve had some fake votes in that section.


Suggestions

We’ve got overall very positive feedback and compliments.
This means a lot and it is driving the project!

We’re asked for some improvements on the Classic version here.


Conclusions

Many things were to be expected and that could mean no significant changes ahead.
But our competitors are currently ramping up and investing a huge amount of money.
Our resource is lifetime and we have to spend it carefully.


Features

Adding heavy features for like terrain and textured objects would require large rewrites of the Modern viewer.
And then still it excludes potentially interested developers as code is very efficient but customized.

We could go with Cesium but these features are already implemented.
GIS features are not as present and data visualization on urban level is just bad.

We could go with Tangram but besides being very cool this leads nowhere.

We could go with ViziCities. This is an interesting option because of some overlap in data visualization ideas. Also ThreeJS is becoming more attractive to us. So far communication remains unanswered.

We could go with MapboxGL. Majority of you thinks this is a good idea.
We’re very split. It’s base map is awesome and recent integration of buildings seems cool.
But they’re currently at stage of extruded footprints. From what we see the engine needs similar rewrites just for more detailed building data and textures. And with aiming for car navigation, this is not their focus.
However, simple but effective mass building data visualization is very possible and it has all the GIS features we love.
Outcome: we’re hesitating to give the results away for others to make money.

With OSM GO there is another very new and promising project. It’s obviously under very heavy development but at an awesome progress. We’re in close contact and share many ideas.
It’s using ThreeJS as well which is undeniably good base to involve community.

For now we’ll go on with OSM Buildings Modern viewer. At same time we’ll assist OSM GO and perhaps join forces. MapboxGL remains on the list as well as our Classic viewer which we’d love to give some improvements.


Data

Mapbox Vector Tiles are a hot topic today. Few of you know we’re using similar schemas since years.
There is now an option to join OSM2VectorTiles.
We’re not happy with flexibility of data structures and update frequencies.
There is a lot of data features we have in mind that will hardly fit current tool chains.
Our prospect viewers can already handle Vector Tiles or will be able to soon.
Thus our decision will be postponed.
However, we’re going to make data services more present on our website.
Commercial options will be removed except enterprise level.
From there it’s your choice: free user who are hopefully donating or a single commercial licensing option.


Funding

Donation options will return and be prominent. We’re curious how much willingness to donate there really is.
We’ll call for sponsoring bigger features. That worked particulary well for single feature/single sponsor: We’ll be trying a more crowdsourcing like approach now.


Last words

Let us know your option!

Please donate (PayPal).



2016-02-09

SSF*L

Updated


F* stands for Flawed.


On the way to make OSM Buildings a bit more secure and the data backend more convenient to use, https had to come into play.
Still a small project I've put big hope into letsencrypt in order to get free certificates.

Domain setup


osmbuildings.org - primary website
   www.osmbuildings.org - forwards the primary website
   cdn.osmbuildings.org - serves static scripts
  data.osmbuildings.org - entry point all the data
a.data.osmbuildings.org - alternative sub-sub domain for parallel loading
b.data.osmbuildings.org - alternative sub-sub domain for parallel loading
c.data.osmbuildings.org - alternative sub-sub domain for parallel loading
d.data.osmbuildings.org - alternative sub-sub domain for parallel loading

It's most important to cover the "data" subtree as this is the core service for users.

When letsencrypt went live, it was just disappointing that certificates will expire after 90 days. It's very inconvenient not to miss a quarterly update point.
Also they offer no Wildcard certificates. It means refreshing every single domain.

Complicating fact is that the "data" subtree is not served by any common web server. Means manual updating.

I think, that's all concession to big commercial CA's in order to get their cross signature.

Ok, we've outgrown the SSL for personal use.

Next stop StartSSL.


I've ordered a Wildcard certificate and the process felt endless.
No information about what documents they really need, extensive loops after every single upload + reply.
Then no clear information about what would be missing or when the process will be completed.

I stopped the nightmare after a week.

Still not able to spend thousands on SSL, I was willing to increase the budget.

Wildcard certificates


My choice was RapidSSL cert, re-sold by my server provider.
And suddenly things went fast and seemingly well.

But then I learned what Wildcard really means:

coverage for *.osmbuildings.org

osmbuildings.org - YES
   www.osmbuildings.org - YES
   cdn.osmbuildings.org - YES
  data.osmbuildings.org - YES
a.data.osmbuildings.org - NO!
b.data.osmbuildings.org - NO!
c.data.osmbuildings.org - NO!
d.data.osmbuildings.org - NO!

The most important addresses would not be covered!
I had to learn this is as intended in RFC6125.
I was told to buy another Wildcard cert for the sub-sub domains. Doubling the price made clear who profits from such regulation.

Then I just tried to change the certificate to cover all the "data" subtree.
Not possible. I had to cancel all and reorder.

If *.osmbuildings.org covers osmbuildings.org and its sub domains,
then a Wildcard like *.data.osmbuildings.org should cover data.osmbuildings.org and it's sub domains.

expected coverage by *.data.osmbuildings.org

osmbuildings.org - NO
   www.osmbuildings.org - NO
   cdn.osmbuildings.org - NO
  data.osmbuildings.org - YES
a.data.osmbuildings.org - YES
b.data.osmbuildings.org - YES
c.data.osmbuildings.org - YES
d.data.osmbuildings.org - YES

Again, that's not the case. Now pure data.osmbuildings.org remains uncovered.
I call rip off.

Update


As RapidSSl certificate combination didn'T help me either, I went back to StartSSL and spent more time in reading carefully what's possible with their services.

Seemingly all requirements could be covered so I gave them another try. Luckily all my uploaded documents were still present.

It required some pushing but at the end, I bought one validation and can now use Wildcards and multiple domains together.
Just a single certificate to be installed once.

A good note on RapidSSL: cancelling my orders went fast and without any questions.

Shady paths


On my way to finding providers, I've hit the original vendors that are just excessively expensive. Then websites like rapidsslonline.com (compare with rapidssl.com) that look like a copy, but are much cheaper.
But no word about what they are. Resellers? A branch? Just fraud?

Also found some promising German providers. Usually doesn't matter but it helps a lot if you speak same language as your support peer.
But for all either: their certificate was issued to some far asian company, was invalid or non existent.

All this is not creating trust. Especially in such sensitive business.

That's why I think the system is seriously flawed.