XML and Web Services In The News - 31 January 2007
Provided by OASIS |
Edited by Robin Cover
This issue of XML Daily Newslink is sponsored by BEA Systems
HEADLINES:
First Public Working Draft for W3C WSDL 1.1 Element Identifiers
David Orchard, Asir Vedamuthu, Frederick Hirsch (et al), W3C WD
W3C's Web Services Policy Working Group has released a First Public
Working Draft for "WSDL 1.1 Element Identifiers." These fragment
identifiers and IRI-references, designed to be easy for authors to
understand and compare, are for use in Web Services Description Language
(WSDL) 1.1 documents. Several issues have been filed on this document
and are recorded in Bugzilla; the Working Group solicits feedback on a
proposal to change the syntax of some WSDL 1.1. element identifiers.
The document is primarily based upon WSDL 2.0 Core. There is a
substantial difference between the WSDL 1.1 and WSDL 2.0 fragment
identifiers.WSDL 2.0 defines fragment identifiers with respect to the
WSDL 2.0 component model, whereas WSDL 1.1 defines XML element and
attribute syntax only. Because there is no WSDL 1.1 component model,
the WSDL 1.1 fragment identifiers are to the WSDL 1.1 elements.
Further, the fragment identifers are to the WSDL 1.1 elements prior
to any processing of the WSDL document, such as validation, inclusion,
imports, schema type validation, etc. A WSDL 1.1 fragment identifier
is an XPointer, augmented with WSDL 1.1 pointer parts. The pointer
parts have a scheme name that corresponds to one of the standard WSDL
1.1 element names, and scheme data that is a path composed of names
that identify the elements. The scheme names all begin with the prefix
"wsdl11." to avoid name conflicts with other schemes. The names in
the path are of type either QName, NCName, IRI, URI, or Pointer Part
depending on the context. The scheme data for WSDL 1.1 extension elements
is defined by the corresponding extension specification. For QNames,
any prefix MUST be defined by a preceding xmlns pointer part. If a
QName does not have a prefix then its namespace name is the target
namespace of the WSDL 1.1 document. The fragment identifier is typically
constructed from the name property of the element and the name properties
of its ancestors as a path There are two main cases for WSDL 1.1 IRIs:
(1) the IRI of a WSDL 1.1 document (2) the IRI of a WSDL 1.1 namespace
The IRI of a WSDL 1.1 document can be dereferenced to give a resource
representation that contributes elements to a single WSDL 1.1 namespace.
If the media type is set to the WSDL 1.1 media type i.e.,
'application/xml', then the fragment identifiers can be used to identify
the main elements that are defined in the document. In keeping with
WSDL 1.1, which has a recommendation that that the namespace URI be
dereferencible to a WSDL 1.1 document, this document specifies the use
of the namespace IRI with the WSDL 1.1 fragment identifiers to form an
IRI-reference. The WG plans to publish this document as a Working Group
Note.
See also: W3C Web Services Activity
SOA Principles
Dave Orchard, Blog
This document provides a technical description of SOA and what it means
for Architects and developers. Readers should have some familiarity with
current technologies such as Web, XML, and Web services. It document
provides a view of SOA as a broad set of architecture, design principles
and choices used in building distributed systems. In essence, the
document views SOA as a few core principles and a set design options or
'knobs' that are set differently for each particular application
depending upon the features required. There are many reasons to follow
SOA design principles and options. The usual main goal is to build
software that provides components that are usable by a variety of other
components in a distributed environment, aka re-usable software components.
Other goals include optimizing functionality, costs and non-functional
requirements like scalability, performance, extensibility and security...
SOA is a broad set of architecture and design principles and choices
used in building distributed systems. The very fundamental part of
building distributed systems is requiring that there is a described
interface, or contract, between components and this contract is one
step towards loose coupling. There are a variety of interface
technology selections that provide further loose coupling, such as
XML, WSDL and SOAP and other Web services specifications. The
implementation of software, and the extent to which its internal
contracts affect the published interface, has significant impacts on
coupling, arguably as much as the interface technologies.
IETF Forms New Working Group on Provisioning of Symmetric Keys
Staff, IESG Announcement
The IESG Secretary announced the formation of a new IETF in the
Security Area: Provisioning of Symmetric Keys (keyprov). Chaired by
Phillip Hallam-Baker and Hannes Tschofenig, the Working Group has been
chartered to define protocols and data formats necessary for
provisioning of symmetric cryptographic keys and associated attributes.
The group shall consider use cases related to use of Shared Symmetric
Key Tokens. Other use cases may be considered for the purpose of
avoiding unnecessary restrictions in the design and ensure the potential
for future extensibility. The working group will produce the following
deliverables: (1) Portable Symmetric Key Container; (2) Dynamic
Symmetric Key Provisioning Protocol. Current developments in deployment
of Shared Symmetric Key (SSK) tokens have highlighted the need for a
standard protocol for provisioning symmetric keys. The need for
provisioning protocols in PKI architectures has been recognized for
some time. Although the existence and architecture of these protocols
provides a feasibility proof for the KEYPROV work assumptions built
into these protocols mean that it is not possible to apply them to
symmetric key architectures without substantial modification. In
particular the ability to provision symmetric keys and associated
attributes dynamically to already issued devices such as cell phones
and USB drives is highly desirable. The working group will develop the
necessary protocols and data formats required to support provisioning
and management of symmetric key authentication tokens, both proprietary
and standards based. The following Internet drafts have been proposed
by their authors as input documents: [i] Dynamic Symmetric Key
Provisioning Protocol; [ii] Portable Symmetric Key Container; [iii]
Extensions to CT-KIP to Support.
See also: XML and Security Standards
Middleware Vendors Should Standardize the WS-* Middleware Architecture
Nick Gall, Contributed Paper
This document is a position paper prepared for the W3C "Workshop on Web
of Services for Enterprise Computing," to be held 27-28 February 2007 at
MITRE, Bedford, MA, USA. The workshop addresses the question "Can the
Web fulfill industry and business requirements?" This contributed paper
by Nick Gall asserts: " Web Services based on SOAP and WSDL are "Web"
in name only. In fact, they are a hostile overlay of the Web based on
traditional enterprise middleware architectural styles that has fallen
far short of expectations over the past decade. The W3C should leave
the work on standardizing the WS-* middleware architecture to the
middleware vendors and shift its focus to standardizing aspects of Web
architecture that make it easier to apply to "application to application"
scenarios. The typical use case for enterprise middleware is to create
applications with little emphasis on either a shared information model
or process model across multiple applications (ie stovepipes). Middleware
is then used to retrofit some degree of integration between applications
(aka application to application or A2A integration), usually by wrappering
existing applications with APIs that are often defined on an application
by application basis (i.e., point to point integration). .. It is my
position that the W3C should extricate itself from further direct work
on SOAP, WDSL, or any other WS-* specifications and redirect its
resources into evangelizing and standardizing identifiers, formats, and
protocols that exemplify Web architectural principles. This includes
educating enterprise application architects how to design 'applications'
that are 'native' web applications."
See also: the workshop program
Creating A Successful Consortium, Part II
Andrew Updegrove, Consortium Standards Bulletin
In Part I of this article, I reviewed the key business concepts
underlying the formation of a successful consortium to develop, promote
and/or support standards. In this second and final installment, I
discuss the most important legal considerations to consider in creating
and maintaining such organizations, including: the legal issues
presented by specific types of activities; common legal structures and
the relative virtues and failings of each; optimal jurisdictions for
formation; antitrust laws and their implications for operations; tax
exemption criteria, the advantages and disadvantages of seeking exemption
as a public charity as compared to a trade association, and how to
evaluate the advisability of seeking exemption; and issues associated
with certification and branding.
See also: Part 1
Brewster Kahle: Fighting to Protect Copyright 'Orphans'
Daniel Terdiman, CNET News.com
An effort among Internet activists to halt the extension of copyright
protections for orphan works--out-of-print books and media -- was dealt
a setback last week by a U.S. appeals court decision. The case,
Kahle v. Gonzales, was filed in 2004 by, among others, Internet Archive
co-founder and director Brewster Kahle. Plaintiffs argued that
extending such copyrights harmed the public's ability to access orphan
works. The Internet Archive has been joined by companies like Google,
Yahoo and Microsoft in attempting to gain public domain status for
these works. But a U.S. district court had already rejected the lawsuit,
and last week, the Ninth Circuit U.S. Court of Appeals upheld the lower
court's decision, saying that plaintiffs' arguments were essentially
the same as those rebuffed by the U.S. Supreme Court in 2003 in Eldred
v. Ashcroft, which affirmed the constitutionality of new copyright
laws expanding the protections for orphaned works. For Kahle, the
ruling was a blow to his goal of preserving as many forms of media as
possible for posterity. But he hardly views the result as a final
defeat. Kahle and the Internet Archive are also gaining momentum, and
recently received a $1 million grant from the Sloan Foundation for
the scanning of public domain works. Kahle: "We're out to help build
the Library of Alexandria version 2, starting with humankind's
published works, books, music, video, Web pages, software, and make it
available to everyone anywhere at anytime, and forever. We started
archiving the Web in 1996 with snapshots every two months of all
publicly accessible Web pages. The "Wayback Machine" is now about 85
billion pages and 1.5 petabytes. Then we moved on to books, music and
video. We work with great lawyers, the U.S. Copyright office, the
Library of Congress and the American Library Association. We have
30,000 movies, 100,000 audio recordings and now we're digitizing books.
We now have over 2,000 bands and 36,000 concerts. With packaged
software, our lawyers told us that digital rights management (DRM)
would pose a problem under the Digital Millennium Copyright Act (DMCA),
so we got an exemption from the copyright office allowing us to rip
software and break the copy protection for archival purposes. With
books, we are starting with out-of-copyright (works) and wanting to
move to orphan works, then out-of-print works, then finally in-print
(works). We digitize 12,000 books a month and have 100,000 on the
site now for free use and download."
See also: Internet Archive
Limited EXSLT Support in Mozilla Firefox 3.0
Kurt Cagle, O'Reilly Articles
The news from the XSLT front of late has been very good, with the
release of the XSLT 2.0 standard, XPath 2 and XQuery 1 - and I just
found another hopeful sign in this post from Mozilla's Jonas Sicking:
"We now have code checked in to support some parts of EXSLT. These
functions will be supported in the upcoming Firefox 3 release:
exsl:node-set; exsl:object-type; regexp:test; regexp:match;
regexp:replace; set:difference; set:distinct; set:intersection;
set:distinct; set:has-same-node; set:leading; set:trailing; str:tokenize;
str:concat; str:split; math:min; math:max; math:highest; math:lowest."
Mozilla Firefox has definitely become my favorite browser, but I have
to admit that I've long been frustrated that the browser was hampered
with such a limited XSLT processor. Perhaps the chief complaint I've
had comes from the lack of the node-set() method in XSLT's XPath.
Node-set() isn't in XSLT 1 and it isn't in XSLT 2, but for completely
different reasons. In XSLT1, there was a fundamental notion that XSLT
should be completely side-effect free, to the extent that you couldn't
create intermediate XML to be processed by other templates, but
instead had to live with 'XML Fragments'. In XSLT2, the underlying
data model was revamped to the extent, including the introduction of
sequences (more about that in an upcoming post) and one immediate
consequence of this was that you could get intermediate XML creation
largely for free. node-set() is an evolutionary step between 1 and 2,
however, and was perhaps one of the biggest driving factors in the
establishment of the EXSLT library. The nodeset method takes a string
representation of a well-formed XML fragment and converts it into a
nodeset that can then be assigned to a variable or processed in an
apply-templates or for-each statement. This lack was realized early on
by Microsoft in their browser, and the Saxon 6.x libraries included
an equivalent statement, to the extent that by the early years of this
decade the node-set() function was considered an 'unofficial' but
established XPath method.
What is "Contradiction" of an ISO Standard?
Rick Jelliffe, O'Reilly Opinion
Patrick Durusau, editor of ODF, asked me to restate my thoughts on what
"contradiction" should mean at ISO. I had mentioned my views in an SC34
meeting last year. This topic is, of course, of interest right at the
moment, because the Ecma proposal for OOXML is at the stage in its
acceptance process where the process says it should be checked to make
sure it doesn't contradict other standards. I take a fairly strict view
of "contradiction". Anything else works against fairness of process.
A contradiction is where [extract]: (1) One standard attempts to
redefine another, or is a rival standard for exactly the same named thing
but is different in some aspect... (2) One standard disrupts another —
the precedent for this is the IEEE 802 WAPI issue in which the claim was
that the changes would make existing conforming implementations
non-conforming... (3) One standard pretends to be another... (4) One
standard incorrectly uses another — for example, if a standard said it
used ISO SGML but allowed that to be invalid for no intrinsic reason. A
contradiction may have negative effects, such as user confusion, but it
is not the negative effects that cause that there is a contradiction;
a highly technical standard will confuse anyone. It is the direct
contradictions int he text of the standards that is involved. So what,
in those terms, are not contradictions? [extract]: [i] overlap — for
example, there are two to five (depending on how you count them) standards
for grammar-based schema languages at ISO (SGML/XML DTDs, Architectural
Forms, RELAX NG, RELAX NG compact syntax, namespace-aware DTDs) let
alone considering W3C XML Schemas as a standard schema language; [ii]
using a profile; [iii] doing your own thing within a specification;
[iv] reserved-but-unused or deprecated keywords with inadequate
explaination of the operation that the keywords would have if they were
allowed-for-use and not deprecated.
See also: Andy Updegrove
Web 2.0 User Interface Technologies
Sam Thompson, IBM developerWorks
This article explores a series of Web 2.0 user interface technologies
that enable you to build applications with better-than-browser user
experiences. As a result, you can centrally deploy and manage them
just like any other Java 2 Enterprise Edition (Java EE) application.
Web 2.0 applications provide the best of both worlds: the cost-
effective, server-based deployment model combined with rich user
experiences that are comparable to most user experiences with client-
resident applications. Here are the different technology options for
you to create compelling user experiences for today's Java EE
applications: (1) Flex and OpenLaszlo; (2) IBM Workplace Managed
Client and the IBM Lotus Expeditor; (3) Faces Client Components;
(4) Ajax; (5) HTML. The strong momentum in the industry today is to
improve the user experience of server-delivered applications. Ajax,
while still a bit immature, has gathered tremendous momentum and many
enterprises, both small and large, are starting to use it in production.
The other technologies mentioned in this paper have small pockets of
support, but none have emerged as a sure bet at this point. Other user
interface technologies, both commercial and open source (such as
Nexaweb, Backbase, and JackBE) also exist, but were not mentioned in
this paper to keep the paper reasonably concise. The key is that none
of these technologies is one size fits all, and thus, none is a perfect
fit for all situations. Each of the above technologies has its own
merits and can be a good fit depending on the circumstances. So how
to choose? For starters, nothing can beat good old HTML if the driving
force behind your technology selection is to reach as many users as
possible. At the opposite extreme, if you require disconnected
operations and you can install your application's software on the
user's machine, one of the EclipseRPC-based alternatives, Workplace
Managed Client or Lotus Expeditor, is the best fit. If you require a
rich user experience that you can only deliver through the fidelity of
Flash Player, you can probably justify using Flex or OpenLaszlo. If
you build the application using JavaServer Faces, you're better off
using some Faces Client Components. Lastly, if your goal is simply to
attack some usability hot spots in an existing HTML-based user
interface or to deliver a standards-based, plug-in-free, better-than-
browser user experience, Ajax is the way to go. At this point in the
hype cycle, Ajax seems to be emerging as the most popular Web 2.0
technology choice.
XML.org is an OASIS Information Channel
sponsored by BEA Systems, Inc., IBM Corporation, Innodata Isogen, SAP AG and Sun
Microsystems, Inc.
Use http://www.oasis-open.org/mlmanage
to unsubscribe or change an email address. See http://xml.org/xml/news_market.shtml
for the list archives. |