XML and Web Services In The News - 15 September 2006
Provided by OASIS |
Edited by Robin Cover
This issue of XML Daily Newslink is sponsored by BEA Systems
HEADLINES:
OASIS WS-SX TC Releases WS-SecureConversation and WS-Trust Specifications for Public Review
Staff, OASIS Announcement
Members of the OASIS Web Services Secure Exchange (WS-SX) Technical
Committee have published two Committee Draft specifications for 60-day
public review. The WS-SX TC was chartered to define extensions to the
OASIS Web Services Security standard to enable trusted SOAP message
exchanges involving multiple message exchanges and to define security
policies that govern the formats and tokens of such messages. The
"WS-Trust 1.3" specification is designed to enable applications to
construct trusted SOAP message exchanges. This trust is represented
through the exchange and brokering of security tokens. This specification
provides a protocol agnostic way to issue, renew, and validate these
security tokens. The "WS-Security" standard itself defines the basic
mechanisms for providing secure messaging. WS-Trust uses these base
mechanisms and defines additional primitives and extensions for security
token exchange to enable the issuance and dissemination of credentials
within different trust domains. Extensions to "WS-Security" are defined
that provide: (1) Methods for issuing, renewing, and validating security
tokens. (2)Ways to establish assess the presence of, and broker trust
relationships. The "WS-SecureConversation 1.3" specification defines
extensions to "WS-Security" which support security context establishment
and sharing, and session key derivation. This allows contexts to be
established and potentially more efficient keys or new key material to
be exchanged, thereby increasing the overall performance and security
of the subsequent exchanges.
See also: the TC formation
Using XML Digital Signatures in the 2006 XML Environment
Thomas Roessler (ed), W3C Working Draft
W3C has issued a First Public Working Draft of the document "Using XML
Digital Signatures in the 2006 XML Environment." It is one of three
new Working Drafts designed to update Canonical XML to version 1.1 and
to provide to guidelines on using it with XML digital signatures.
The draft describes how to use the XML Digital Signature Recommendation
(XMLDSIG) in a way consistent with the present (Fall 2006) XML
environment. In particular, the document takes into account the recent
xml:id Version 1.0 and Canonical XML Version 1.1 W3C Recommendations.
It discusses constraints on the use of XML Digital Signature, and relies
on extension points present in the XML Digital Signature Recommendation;
it does not, however, override any aspect of the XMLDSIG Recommendation.
The companion document "Known Issues with Canonical XML 1.0 (C14N/1.0)"
addresses some of the issues related to inheritance of the XML
attributes 'xml:base' and 'xml:id' and the W3C Recommendation for
Canonical XML Version 1.0 Errata. Shortcomings of C14N/1.0 are noted,
and the use of a new C14N/1.1 recommendation with the XML Digital
Signature 1.0 Recommendation is discussed. The "Canonical XML 1.1"
Working Draft of 15-September-2006 represents a revision to Canonical
XML 1.0 to address issues raised while producing the 'xml:id'
specification. The Canonical XML specification "describes a method for
generating a physical representation, the canonical form, of an XML
document that accounts for the permissible changes. Except for
limitations regarding a few unusual cases, if two documents have the
same canonical form, then the two documents are logically equivalent
within the given application context. Note that two documents may
have differing canonical forms yet still be equivalent in a given
context based on application-specific equivalence rules for which no
generalized XML specification could account."
See also: the W3C news item
Dynamic Languages for Agile Enterprises
Jon Udell, InfoWorld
At the 2004 Open Source Convention (OSCON) in Portland, Ore., Jim
Hugunin, the creator of Jython, made the dramatic announcement that
he would be joining Microsoft to pursue his latest project, IronPython,
a Python implementation for the .Net CLR (Common Language Runtime).
The timing was awkward for OSCON: nothing chills the room like news
that an open source hero is emigrating to Redmond. I had just written
the keynote talk that I would deliver a few days later, at the
Vancouver Python Conference; it ended with a plea to consummate the
marriage between popular dynamic languages, such as Python and Ruby,
and the dominant managed runtimes, namely the JVM (Java Virtual
Machine) and the CLR. Recent weeks brought important news on both
fronts. On September 5, 2006 IronPython 1.0 was released to CodePlex,
Microsoft's community development Web site. As demonstrated and
discussed in Episode 8 of The Screening Room, the purpose of IronPython
is not to compete with statically typed .Net languages such as C#, but
to complement them. Then on September 7, 2006 Sun announced that it
had hired Thomas Enebo and Charles Nutter, maintainers of JRuby, the
JVM-based Ruby implementation, to continue their work on that project.
That's two great strategic moves rolled into one. First, it's a bid
for peace between two warring camps. Users of the wildly popular Ruby
on Rails framework have had nothing good to say about users of
enterprise-grade Java frameworks, and vice versa. Once a solid bridge
is built between the two, this pointless bickering can end. This
week's flurry of news about dynamic languages and managed runtimes
helps make that notion less shocking, and it brings us two steps
closer to detente. Why argue about dynamic versus static languages
when you can have the best of both worlds?
IP Multimedia Subsystem (IMS), Part 1: SOA Parlay X Web Services
Rebecca LJ Chen et al., IBM developerWorks
IP Multimedia Subsystem (IMS) is a set of specifications that
describes the Next Generation Networking (NGN) architecture for
implementing IP based telephony and multimedia services. IMS defines
a complete architecture and framework that enables the convergence
of voice, video, data and mobile network technology over an IP-based
infrastructure. In addition to the 3GPP and 3GPP2, Open Mobile
Alliance (OMA) plays an important role on specifying and developing
IMS service standardization. The services defined by OMA are built on
top of IMS infrastructure, such as Instant Messaging (IM), Presence
service, and Group Management Service. Service providers are eager to
allow their customers to be able to develop and implement services
that leverage existing service resources. However, many enterprise
application developers may have an IT background but are not familiar
with those complex telephone protocols (e.g. SIP, ISDN, SS7 etc.); and
they need a simple API for services creation and development. It then
falls to Parlay X SOA (Service-Oriented Architecture) Web services,
which have been defined by Parlay Group in 2003 in order to provide
a set of simple-to-use, high-level, telecom-related Web services. The
idea with Parlay X is to provide Web services in a context that is
already widely adopted and understood by a large number of developers
and programmers, and to do so in an environment where there are a
variety of development tools available. With the Parlay X SOA Web
services interfaces, the application developers can access and leverage
the existing IMS services more easily through Web services. The Parlay
X SOA Web services are connected to the telecommunication network
either via the Open Services Access - Gateway (OSA-GW) or directly
through data service components over IP Protocols. With the birth of
SOA Parlay X Web Services, IT developers with no telematic knowledge
can now manipulate with telecom services as if calling any ordinary
Web service: just make a simple function call from your Java program,
and you can tap into the perplex telecom world in a simple and
straightforward way.
See also: Parlay/OSA API specs
KDE Launches First KOffice 1.6 Beta
Staff, DesktopLinux.com Announcement
The KDE Project on Sept. 10 released KOffice 1.6-beta1, the first beta
release for KOffice 1.6, which the project team said is scheduled for
full release this October. The release is meant for testing purposes
only, not for deployment on production systems, according to the team.
The principal improvements in v1.6-beta1 over KOffice 1.5, as listed by
the project team, are: (1) Kexi (Database application) — Further
enhancements in the database connectivity library; in Table Designer
(schema altering without removing table contents, "image" data type);
data aware combo boxes (drop-down lists; and data-aware "Image Box"
widget in Forms and Table View (2) Krita (Pixel based graphics editor)
— New filters has been added (random noise, random pick, lens correction,
filters from krita-plugins); new tool for drawing bezier curves,
magnetic selection, perspective transformation and healing has been
added. (3) Kugar (Reporting tool) — Kugar's templates are now visible
in the startup dialog. (4) KPlato (Project management tool) — Added
PERT calculation for estimated value based on optimistic, expected and
pessimistic value. (5) KFormula (Mathematical formula editor) —
OpenDocument and MathML are now native format; OpenDocument is now
the default file format, and most of the standard is now supported.
See also: OpenDocument references
XML.org is an OASIS Information Channel
sponsored by BEA Systems, Inc., IBM Corporation, Innodata Isogen, SAP AG and Sun
Microsystems, Inc.
Use http://www.oasis-open.org/mlmanage
to unsubscribe or change an email address. See http://xml.org/xml/news_market.shtml
for the list archives. |