|
XML and Web Services In The News - 23 March 2006
Provided by OASIS |
Edited by Robin Cover
This issue of XML.org Daily Newslink is sponsored by SAP
HEADLINES:
IBM: Proposing An Addition to WS-I Profiles
Tony Baer, Computer Business Review Online
After a somewhat stormy birth four years ago, Web Services
Interoperability (WS-I) has become one of the success stories in the
web services standards world. Its role is devising profiles, or test
cases, for determining if web services middleware from different vendors
are truly interoperable. IBM is expected to propose the Reliable
Asynchronous Messaging Profile, RAMP, at this year's first major WS-I
gathering. RAMP will consist of snippets of three recent or pending
web services standards: WS-Addressing, WS-ReliableMessaging, and
WS-SecureConversation. IBM developed the proposed RAMP profile in
conjunction with Ford and Chrysler, and has recently drawn backing from
other customers, including Citibank. WS-I profiles are not standards per
se, but test cases that vendors accept as their standard for testing the
interoperability of their web services middleware products. To keep the
tests manageable, they do not necessarily exercise every aspect of the
technology stack. Arguably, the strength of WS-I is that it has stuck
to its knitting with a couple of very basic interoperability profiles,
the Basic Profile and the Basic Security Profile, and has therefore
drawn virtually universal industry support. The weakness is that WS-I's
lowest common denominator approach has caused the organization to stay
behind the times.
See also: RAMP
Next Steps for WS-I: Interoperable Reliable Asynchronous Messaging
Tom Glover, IBM Blog
"As we approach the next WS-I Plenary discussion regarding how we come
to consensus to get work on Reliable Asynchronous Messaging under way
is fast and furious ... which is great news. In [a previous blog entry]
I talked about RAMP, or the Reliable Asynchronous Messaging Profile, a
draft Profile DaimlerChrysler, Ford, and IBM have produced with
contributions from many others, and about the preparation of a draft
working group charter intended to move this work into WS-I. The draft
charter prepared by Citigroup, IBM, and others went to the WS-I
Requirements WG where it was considered and amended by the WS-I
membership. It's now before the WS-I board. There's now another proposal
being worked. This effort, initiated by Microsoft, differs from the
initial proposal in a couple of ways at this point, and I say it that
way because it's now before the Requirements WG as well and is being
amended. The first difference is that there are charters for two working
groups in this proposal rather than one. The second difference is that
it proposes that RAMP be sub-divided so that ws-addressing goes into
an amended basic profile. The third difference is that it attempts to
get WS-I committed via working group charter contents to begin working
on SOAP 1.2 now... Here's what I hope is in the WG charter approved at
next weeks WS-I plenary: (1) Scenarios which articulate what the
profiles to be produced will address. (2) A BP 1.2 which extends and
evolves BP 1.1 to include WS-Addressing. (3) A Basic Reliable Messaging
Profile 1.0 which includes WS-ReliableMessaging and WS-SecureConversation.
You'll note that I advocate one working group, not two. This lets small
companies send representatives to one WG rather than two, which is a
real plus for them. It also cuts down on WS-I overhead, again a big
plus..."
See also: the Ferris paper
W3C Efficient XML Interchange Working Group Update
Robin Berjon and Oliver Goldman, Staff Report
W3C has issued a 15-March-2006 EXI Status document based upon proposals
submitted for evaluation as technology contributions to the Efficient
XML Interchange Working Group. In December 2005 the EXI WG began a
process of gathering candidate technologies for consideration in
defining an efficient XML interchange recommendation. Currently the
working group is examining the proposals and their self-assessments. It
is also developing a measurement framework and test suite for compactness
and processing efficiency based on the XBC Use Case Note and the XBC
Measurement Methodology Note. The first public draft describing the
measurement framework and early results will be published as a Note
in May 2006. The Efficient XML Interchange Working Group was chartered
to define an alternative encoding of the XML Information Set that
addresses the requirements identified by the XML Binary Characterization
Working Group, while maintaining the existing interoperability between
XML applications and XML specifications. The XML Binary Characterization
Working Group conducted work during one year to gather information about
uses cases where the overhead of generating, parsing, transmitting,
storing, or accessing XML-based data may be deemed too great for a
particular application, characterizing the properties that XML provides
as well as those that are required by the use cases, and establishing
measurements to help judge whether XML 1.x and alternate encodings
provide the required properties. Submitted proposals include X.694 with
PER, X.891 (Fast Infoset), Xebu, X.694 with BER, Efficient XML,
XSBC, FXDI, and esXML.
See also: WG web site
Web Services at a Crossroads
Daryl Plummer (Gartner), CMP Optimize Magazine
Implemention strategies for Web services are splitting into two camps:
building enterprise SOAs and exploiting Web technologies. One group
advocates using Web services to build complex internal systems known
as enterprise service-oriented architectures (SOAs). The other seeks
to use emerging Web technologies in tandem with Web services to create
flexible external applications. Their divergent approaches each require
different organizational skill sets. Unlike the enterprise-SOA camp,
Web-technologies evangelists say Web services are a mechanism for
programmability. But this camp is also expanding its definition of a
Web service. Initially, many people thought any service delivered over
the Web was, logically enough, a Web service. At the time, however,
that idea was considered an anathema to those of us who saw Web
services as specific to the use of things like SOAP and Web Services
Definition Language (WSDL). Web-technologies groups are now forcing
the acknowledgment that Web services will indeed use mechanisms other
than SOAP, WSDL, or even Universal Description, Discovery, and
Integration (UDDI). Instead, standards such as Plain Old XML (POX)
over HTTP and Representational State Transfer (REST) are asserting
themselves as legitimate and very credible ways of delivering on the
value proposition of Web services. As Web services assume more
expansive definitions, we can represent them using a wide variety of
formats and communications protocols.
What's Up With the Web Services Stack?
Jason Stamper, CBR Editor's Weblog
Something odd seems to be going on in the upper layers of the Web
Services stack, in that band of specifications that are either immature
standards, or not yet at the standards stage. I'm talking about WS-*
specifications, that include WS-Addressing, WS-Policy,
WS-ReliableMessaging, WS-Security and more. While there was relatively
rapid consensus on the value of tried-and-tested standards at the lower
end of the web services stack, where the likes of XML, SOAP and WSDL
can get people on the road to a web services development approach, at
the more abstracted WS-* level there still seems to be a lot of
wrangling going on. WS-Policy, is [rumored] to be handed to a standards
body to begin ratification as a standard "any day now"; tauthors of the
WS-Policy specification are IBM, BEA Systems, Microsoft, SAP, Sonic
Software, and VeriSign. While many of the web services standards are
well tested and relatively mature -- such as XML, HTTP, SOAP and WSDL --
key capabilities that many would consider vital for mission critical
applications, such as WS-Reliable Messaging, WS-Security and WS-Policy,
are either relatively immature standards or have not progressed beyond
the specification stage. WS-Policy is designed to provide a general
purpose model and syntax to describe and communicate the policies of a
web service. It should provide a flexible and extensible grammar for
expressing the capabilities, requirements, and general characteristics
of entities in an XML web services-based system, according to its authors.
See also: WS-Policy references
Web Services Security Interoperability with Microsoft
Staff, SOCJ News
Layer 7 Technologies announced that it has successfully demonstrated
Web services security interoperability with Microsoft's Windows
Communication Foundation (WCF), formerly codenamed 'Indigo'. WCF
extends Microsoft's .NET Framework to enable developers to build
secure, reliable, and interoperable Web services. Layer 7 successfully
demonstrated interoperability with Windows Communication Foundation
using the Web Services Security (WSS) 1.1 specification including
UsernameToken over SSL, UsernameToken for X509 Certificate and X509
Mutual Certificate profiles. In addition Layer 7 demonstrated
interoperability with Microsoft 'InfoCard' technology, the code name
for an open federated identity framework, through the use of WS-Trust
and a SAML token. The 'InfoCard' technology will also be distributed
as part of WinFX.
A First Look at InfoCard
Keith Brown, Microsoft MSDN Magazine
Fragmentation of identity on the Web annoying, and it's also really
limiting the Web's potential. In this column, I'll introduce you to a
system that I truly hope will be a uniting force for identity on the Web.
It's called InfoCard, and it's planned to be available with Windows
Vista. Three players that are always involved in any InfoCard
transaction. First is the subject. An example of a subject is a user
who wants to represent herself digitally on the Internet. Second is the
identity provider (IP), an organization that issues digital identities.
A close analogy is a company like Thawte, the [ficticious] issuer of the
secure sockets layer (SSL) certificate that I use to identify my
company's Web site. Finally, there's the relying party (RP), which
relies on digital identity for its operation. Most Web sites and Web
services today allow users to submit some form of identity, anything
from a simple e-mail address to a digital certificate or something more
exotic. InfoCard encompasses a lot of different tasks. It orchestrates
a few of the WS-* protocols to make the secure interchange of identity
information feasible. It also presents a GUI that allows a user to
choose among several digital identities, each of which is represented
visually as a card... Note that the InfoCard itself doesn't actually
contain any of my identity details. That phone number I gave to Thawte
isn't in the InfoCard. What the InfoCard does carry is metadata that
describes the shape of the identity. This information includes what
claims it has inside it, such as an e-mail address, a home phone, and
so forth, and what identity technology it uses such as Security
Assertion Markup Language 1.1 (SAML).
See also: InfoCard references
Open Source SOAP Stacks Getting Revamped: XFire, Apache Tout New Wares
Paul Krill, InfoWorld
XFire, an open source SOAP stack used in SOA, is being fitted with
enhancements for security, binary attachments, and XML object binding,
the developer of the stack said at TheServerSide Java Symposium
conference on Friday. The technology is viewed as an alternative to
Apache Axis. A new release of Axis came out this week. Specifically,
Version 1.1 of XFire, due in approximately three to four weeks, will
support the WS-Security specification; MTOM (Message Transmission
Optimization Mechanism) for handling large, binary objects; and JiBX,
for XML object binding, said Dan Diephouse, developer and president
of Envoisolutions,. XFire, written two years ago, provides for Java-
based Web services development. It has featured high performance, ease
of use and integration with the Spring framework, Diephouse said.
Pluggable bindings also have been a key attraction... Apache, meanwhile,
announced Axis2 0.95. New in this version are transport framework
improvements. Other features in Axis2 include Axiom, which is an XML
object model, according to Apache. XML Infoset support is featured also.
REST (Representational State Transfer) is supported in Axis2 0.95, as
well.
XML.org is an OASIS Information Channel sponsored by Innodata Isogen and SAP.
Use http://www.oasis-open.org/mlmanage to unsubscribe or change an email address. See http://xml.org/xml/news_market.shtml for the list archives. |
