XML and Web Services In The News - 15 September 2006

Provided by OASIS | Edited by Robin Cover

This issue of XML Daily Newslink is sponsored by BEA Systems


HEADLINES:

 OASIS WS-SX TC Releases WS-SecureConversation and WS-Trust Specifications for Public Review
 Using XML Digital Signatures in the 2006 XML Environment
 Dynamic Languages for Agile Enterprises
 IP Multimedia Subsystem (IMS), Part 1: SOA Parlay X Web Services
 KDE Launches First KOffice 1.6 Beta

OASIS WS-SX TC Releases WS-SecureConversation and WS-Trust Specifications for Public Review
Staff, OASIS Announcement
Members of the OASIS Web Services Secure Exchange (WS-SX) Technical Committee have published two Committee Draft specifications for 60-day public review. The WS-SX TC was chartered to define extensions to the OASIS Web Services Security standard to enable trusted SOAP message exchanges involving multiple message exchanges and to define security policies that govern the formats and tokens of such messages. The "WS-Trust 1.3" specification is designed to enable applications to construct trusted SOAP message exchanges. This trust is represented through the exchange and brokering of security tokens. This specification provides a protocol agnostic way to issue, renew, and validate these security tokens. The "WS-Security" standard itself defines the basic mechanisms for providing secure messaging. WS-Trust uses these base mechanisms and defines additional primitives and extensions for security token exchange to enable the issuance and dissemination of credentials within different trust domains. Extensions to "WS-Security" are defined that provide: (1) Methods for issuing, renewing, and validating security tokens. (2)Ways to establish assess the presence of, and broker trust relationships. The "WS-SecureConversation 1.3" specification defines extensions to "WS-Security" which support security context establishment and sharing, and session key derivation. This allows contexts to be established and potentially more efficient keys or new key material to be exchanged, thereby increasing the overall performance and security of the subsequent exchanges.
See also: the TC formation

Using XML Digital Signatures in the 2006 XML Environment
Thomas Roessler (ed), W3C Working Draft
W3C has issued a First Public Working Draft of the document "Using XML Digital Signatures in the 2006 XML Environment." It is one of three new Working Drafts designed to update Canonical XML to version 1.1 and to provide to guidelines on using it with XML digital signatures. The draft describes how to use the XML Digital Signature Recommendation (XMLDSIG) in a way consistent with the present (Fall 2006) XML environment. In particular, the document takes into account the recent xml:id Version 1.0 and Canonical XML Version 1.1 W3C Recommendations. It discusses constraints on the use of XML Digital Signature, and relies on extension points present in the XML Digital Signature Recommendation; it does not, however, override any aspect of the XMLDSIG Recommendation. The companion document "Known Issues with Canonical XML 1.0 (C14N/1.0)" addresses some of the issues related to inheritance of the XML attributes 'xml:base' and 'xml:id' and the W3C Recommendation for Canonical XML Version 1.0 Errata. Shortcomings of C14N/1.0 are noted, and the use of a new C14N/1.1 recommendation with the XML Digital Signature 1.0 Recommendation is discussed. The "Canonical XML 1.1" Working Draft of 15-September-2006 represents a revision to Canonical XML 1.0 to address issues raised while producing the 'xml:id' specification. The Canonical XML specification "describes a method for generating a physical representation, the canonical form, of an XML document that accounts for the permissible changes. Except for limitations regarding a few unusual cases, if two documents have the same canonical form, then the two documents are logically equivalent within the given application context. Note that two documents may have differing canonical forms yet still be equivalent in a given context based on application-specific equivalence rules for which no generalized XML specification could account."
See also: the W3C news item

Dynamic Languages for Agile Enterprises
Jon Udell, InfoWorld
At the 2004 Open Source Convention (OSCON) in Portland, Ore., Jim Hugunin, the creator of Jython, made the dramatic announcement that he would be joining Microsoft to pursue his latest project, IronPython, a Python implementation for the .Net CLR (Common Language Runtime). The timing was awkward for OSCON: nothing chills the room like news that an open source hero is emigrating to Redmond. I had just written the keynote talk that I would deliver a few days later, at the Vancouver Python Conference; it ended with a plea to consummate the marriage between popular dynamic languages, such as Python and Ruby, and the dominant managed runtimes, namely the JVM (Java Virtual Machine) and the CLR. Recent weeks brought important news on both fronts. On September 5, 2006 IronPython 1.0 was released to CodePlex, Microsoft's community development Web site. As demonstrated and discussed in Episode 8 of The Screening Room, the purpose of IronPython is not to compete with statically typed .Net languages such as C#, but to complement them. Then on September 7, 2006 Sun announced that it had hired Thomas Enebo and Charles Nutter, maintainers of JRuby, the JVM-based Ruby implementation, to continue their work on that project. That's two great strategic moves rolled into one. First, it's a bid for peace between two warring camps. Users of the wildly popular Ruby on Rails framework have had nothing good to say about users of enterprise-grade Java frameworks, and vice versa. Once a solid bridge is built between the two, this pointless bickering can end. This week's flurry of news about dynamic languages and managed runtimes helps make that notion less shocking, and it brings us two steps closer to detente. Why argue about dynamic versus static languages when you can have the best of both worlds?

IP Multimedia Subsystem (IMS), Part 1: SOA Parlay X Web Services
Rebecca LJ Chen et al., IBM developerWorks IP Multimedia Subsystem (IMS) is a set of specifications that describes the Next Generation Networking (NGN) architecture for implementing IP based telephony and multimedia services. IMS defines a complete architecture and framework that enables the convergence of voice, video, data and mobile network technology over an IP-based infrastructure. In addition to the 3GPP and 3GPP2, Open Mobile Alliance (OMA) plays an important role on specifying and developing IMS service standardization. The services defined by OMA are built on top of IMS infrastructure, such as Instant Messaging (IM), Presence service, and Group Management Service. Service providers are eager to allow their customers to be able to develop and implement services that leverage existing service resources. However, many enterprise application developers may have an IT background but are not familiar with those complex telephone protocols (e.g. SIP, ISDN, SS7 etc.); and they need a simple API for services creation and development. It then falls to Parlay X SOA (Service-Oriented Architecture) Web services, which have been defined by Parlay Group in 2003 in order to provide a set of simple-to-use, high-level, telecom-related Web services. The idea with Parlay X is to provide Web services in a context that is already widely adopted and understood by a large number of developers and programmers, and to do so in an environment where there are a variety of development tools available. With the Parlay X SOA Web services interfaces, the application developers can access and leverage the existing IMS services more easily through Web services. The Parlay X SOA Web services are connected to the telecommunication network either via the Open Services Access - Gateway (OSA-GW) or directly through data service components over IP Protocols. With the birth of SOA Parlay X Web Services, IT developers with no telematic knowledge can now manipulate with telecom services as if calling any ordinary Web service: just make a simple function call from your Java program, and you can tap into the perplex telecom world in a simple and straightforward way.
See also: Parlay/OSA API specs

KDE Launches First KOffice 1.6 Beta
Staff, DesktopLinux.com Announcement
The KDE Project on Sept. 10 released KOffice 1.6-beta1, the first beta release for KOffice 1.6, which the project team said is scheduled for full release this October. The release is meant for testing purposes only, not for deployment on production systems, according to the team. The principal improvements in v1.6-beta1 over KOffice 1.5, as listed by the project team, are: (1) Kexi (Database application) — Further enhancements in the database connectivity library; in Table Designer (schema altering without removing table contents, "image" data type); data aware combo boxes (drop-down lists; and data-aware "Image Box" widget in Forms and Table View (2) Krita (Pixel based graphics editor) — New filters has been added (random noise, random pick, lens correction, filters from krita-plugins); new tool for drawing bezier curves, magnetic selection, perspective transformation and healing has been added. (3) Kugar (Reporting tool) — Kugar's templates are now visible in the startup dialog. (4) KPlato (Project management tool) — Added PERT calculation for estimated value based on optimistic, expected and pessimistic value. (5) KFormula (Mathematical formula editor) — OpenDocument and MathML are now native format; OpenDocument is now the default file format, and most of the standard is now supported.
See also: OpenDocument references


XML.org is an OASIS Information Channel sponsored by BEA Systems, Inc., IBM Corporation, Innodata Isogen, SAP AG and Sun Microsystems, Inc.

Use http://www.oasis-open.org/mlmanage to unsubscribe or change an email address. See http://xml.org/xml/news_market.shtml for the list archives.


Bottom Gear Image