Cover Pages: SGML and XML News 2004 Q2

Quick News: Bookmark 'News Headlines' or subscribe to an XML RSS channel [RSS 0.91], also HTML-ized. See Clippings for news in the making.

[June 30, 2004] Oracle BPEL Process Manager Provides SOA and Integration Platform Support. At the JavaOne 2004 Conference, Oracle announced the immediate availability of the Oracle BPEL Process Manager, provided free on the Oracle Technology Network for download and evaluation. The Business Process Execution Language (BPEL) is being developed within the OASIS Web Services Business Process Execution Language Technical Committee, chartered to continue work on the business process language published in the April 2002 Business Process Execution Language for Web Services (BPEL4WS) specification. Based upon Oracle's acquisition of Collaxa Inc. and the Collaxa BPEL Server, the Oracle BPEL Process Manager provides a "complete Service Oriented Architecture (SOA) and integration platform, makeing it easier for organizations to coordinate Web services and automate business processes." The Oracle BPEL Process Manager "is a new addition to the Oracle product portfolio, enabling enterprises to model, deploy and manage BPEL processes. It comprises an easy-to-use BPEL modeler, a scalable BPEL engine, an extensible WSDL binding framework, a monitoring console and a set of built-in integration services (transformation, user task, java embedding). It offers native and comprehensive BPEL support, ease-of-use, and cross-platform support." The Oracle BPEL Process Manager, "hailed as the best BPEL implementation on the market, enables organizations to easily implement adaptive transactions and collaborative business processes based on composite applications. The solution includes an engine for executing business processes, a console to monitor, manage and debug business processes and a rich graphical interface to design and build business processes. With its native BPEL engine, Collaxa provided organizations such as the European Space Agency, SAIC and British American Tobacco the most open means for executing business processes written in BPEL. When coupled with Oracle Application Server 10g, this native BPEL engine completes Oracle's comprehensive SOA and integration platform." [Full context]
[June 28, 2004] Sun Releases JDesktop Network Components (JDNC) as an Open Source Project. Sun Microsystems has announced the release of the open source JDesktop Network Components (JDNC) Project on Javadesktop.org. JDNC includes the lightweight JDNC Markup Language, and aims to "simplify the development of rich networked desktop applications by means of a set of high-level user interface components with built-in networking and data-binding support." The JDNC Markup Language is "a simple, extensible XML-based markup language that enables developers to configure JDNC based clients using XML and deploy them either as Java Web Start applications or as applets in a standard browser." JDNC "leverages the power of J2SE and Swing while providing a higher level API, as well as an optional XML markup language, which enables common user-interface functionality to be constructed more quickly, without requiring extensive Swing or GUI programming skill. Additionally, JDNC simplifies the task of connecting a rich client to a J2EE backend, including JDBC and WebServices." JDNC has a specific goal to make programming shortcuts accessible to a broader developer base, and especially to markup language developers. It will allow a wider audience to build "rich, data-centric, Java desktop clients for J2EE-based network services comparable to what enterprise developers typically build, such as SQL database frontends, forms-based workflow, and data visualization applications. Three standard client deployment options are supported for JDNC, since is completely Java-based: (1) as a standalone application; (2) an application deployed with Java WebStart; (3) Applet deployed in a browser using Java Plugin. "When using the JDNC markup language, the same JDNC XML markup file may be used in all three cases. JDNC provides the bootstrapping classes which interpret the XML file and realize its contents in the appropriate toplevel UI container." Offered under the Lesser General Public License (LGPL), JDesktop Network Components is one of several open source projects announced by Sun at the JavaOne 2004 Conference. Other technologies contributed to open source include Project Looking Glass, Java 3D Desktop Technology, and JDesktop Integration Components (JDIC). [Full context]
[June 25, 2004] IETF Releases Anti-Spam Sender ID Internet Draft Specification. The IETF has released a revised version of the Internet Draft MTA Authentication Records in DNS from the MARID Working Group, now called the 'Sender ID' specification. Jointly authored by Jim Lyon (Microsoft) and Meng Weng Wong (Pobox.com), the Sender ID draft represents a merger of the Sender Policy Framework (SPF) specification and Microsoft's Caller ID for E-mail proposal. The authors "hope to simplify industry adoption of effective e-mail authentication technology, thereby helping more swiftly provide greater spam protection to e-mail users worldwide." Meng Weng Wong has authored a separate informational I-D Behind The Curtain: An Apology for Sender ID. It explains that "Sender ID follows from a set of design decisions; those decisions were motivated by philosophical, engineering, and political considerations. The document reviews some of the important choice that distinguish Sender ID from alternative possibilities in the same space." Motivation for the Sender ID draft is presented in the abstract: "Internet mail suffers from the fact that much unwanted mail is sent using spoofed addresses — 'spoofed' in this case means the address is used without the permission of the domain owner." The Sender ID document describes mechanisms by which a domain owner can publish its set of outgoing MTAs [Mail Transfer Agents], mechanisms by which SMTP servers can determine what email address is allegedly responsible for most proximately introducing a message into the Internet mail system, and whether that introduction is authorized by the owner of the domain contained in that email address." One part of the proposal's decision model involves finding a purported responsible address and extracting the domain part of the purported responsible address, called a purported responsible domain. Then an E-mail Policy Document for the purported responsible domain would be located. The E-mail Policy Document is modeled by an XML infoset that contains, among other things, a definition of the four-argument client authorization function. The Sender ID draft "describes those parts of the XML infoset that define the mail acceptance function. The infoset may contain other information relating to e-mail; this other information may be the subject of future IETF consensus processes." Industry experts are by no means agreed that the Sender ID proposal constitutes a real solution to the spamming problem, or that the net effect will be judged positive by all parties. The authors of the specification assert that the design "is carefully tailored to ensure that the overwhelming majority of legitimate emailers, remailers and mailing list operators are already compliant." [Full context]
[June 24, 2004] Application Vulnerability Description Language (AVDL) Becomes an OASIS Standard. OASIS has announced the approval of Application Vulnerability Description Language Version 1.0 as an OASIS Standard. AVDL is a security interoperability standard for creating a uniform method of describing application security vulnerabilities using XML. The version 1.0 specification "describes a standard XML format that allows entities such as applications, organizations, or institutes to communicate security information regarding web. AVDL provides an open XML-based vulnerability assessment output that will be used to improve the effectiveness of attack prevention, event correlation, and remediation technologies." Based upon the AVDL information exchange model, application administrators use an assessment tool to determine if their networked applications are "vulnerable to various types of malicious attacks. An assessment tool records and catalogues detected vulnerabilities in an XML file in AVDL format. An application security gateway then uses the AVDL information to recommend the optimal attack prevention policy for the protected application. In addition, a remediation product uses the same AVDL file to suggest the best course of action for correcting the security issues. Finally a reporting tool uses the AVDL file to correlate event logs with areas of known vulnerability." According to Jan Bialkowski of NetContinuum, Co-chair of the OASIS AVDL Technical Committee, "organizations are drowning in the flood of security bulletins and alerts while application vulnerability exploits are wreaking havoc on networks around the globe; AVDL offers an automated way to break this cycle by dramatically reducing the time between the discovery of a new vulnerability and the response time to block attacks at the security gateway." The AVDL TC Chairs indicate that some features of the AVDL specification design were inspired by Mitre's Open Vulnerability Assessment Language (OVAL), which uses the Common Vulnerabilities and Exposures (CVE) database. Related technical work is being done within the OASIS Web Application Security TC based upon Application Security Attack Components (ASAC) and VulnXML, developed by the Open Web Application Security Project (OWASP). [Full context]
[June 23, 2004] IPTC Collaborates with Adobe to Integrate XMP into Image Metadata Specifications. Adobe Systems and the International Press Telecommunications Council (IPTC) have announced a collaborative effort to extend the capabilities of IPTC metadata through use of Adobe's Extensible Metadata Platform (XMP). The Adobe XMP specification "standardizes the definition, creation, and processing of metadata by providing a data model, storage model (serialization of the metadata as a stream of XML), and formal schema definitions (predefined sets of metadata property definitions that are relevant for a wide range of applications). XMP makes use of the W3C XML-based Resource Description Framework (RDF) standard in order to represent the metadata properties associated with a document. The International Press Telecommunications Council (IPTC) Consortium includes the world's major news agencies and news industry vendors. IPTC develops and maintains technical standards for improved news exchange, including XML-based standards for news content and metadata: NewsML, SportsML, ProgramGuideML, and EventsML. The IPTC also develops and maintains controlled vocabularies of terms of significance to publishers, "the most significant of which are part of the Subject Reference System (SRS). This metadata system includes a taxonomy of subject codes, listings of roles and genres of news components, and ratings for relevance, priority, urgency, and other characteristics. These sets of terms can be assigned as metadata to news objects such as text, photographs, graphics, audio- and video files, and streams." According to the joint announcement, incorporating Adobe XMP into IPTC metadata specifications "will expand the scope of information captured to describe the content of images and extend the reach of IPTC metadata beyond its traditional constituencies. For example, photographs can be tagged with richer detail including usage rights, limitations and assignment information, creating a direct link between editorial systems and photographer's work." Current IPTC users also welcome the incorporation of XMP's rights management schema which defines properties relating to legal ownership and usage terms applicable to digital news items. XMP's capabilities extend the current IPTC structure to support "advanced metadata capabilities, including rights management, for the current customer base, which includes the largest circulation newspapers in the United States." Adobe and IPTC have also announced their intent to "develop future implementations that will be accessible via the Adobe Creative Suite, and related point products including Photoshop CS, through a customizable metadata user interface. This is intended to streamline the data capture process and allow relevant IPTC metadata to be preserved as the file is utilized across news and derivative workflows. As part of its collaboration, Adobe and IPTC plan to establish a working group that will identify a strategy for users to transition to IPTC implementations that take advantage of XMP extensibility." [Full context]
[June 21, 2004] Workflow Management Coalition Hosts ASAP and Wf-XML 2.0 Interoperability Demo. The Workflow Management Coalition (WfMC) has announced a multi-vendor interoperability demonstration for Wf-XML 2.0 and the OASIS Asynchronous Service Access Protocol (ASAP). The interop demo will be held June 23, 2004 at the BrainStorm Business Process Management Conference in San Francisco. ASAP is currently a Working Draft specification being developed by an OASIS Technical Committee. This TC was chartered to create a very simple extension of Simple Object Access Protocol (SOAP) that enables generic asynchronous webservices or long-running webservices. ASAP is a "web services protocol that can be used to access a generic service that might take a long time to complete. Existing web services protocols protocols work best when the service can provide an answer quickly, within a minute or two at the longest. ASAP is useful when the answer might take longer than this — for example services that last from minutes to months in duration. The service being invoked might be fully automated, a manual task that a person performs, or any mixture of the two. This capability to handle both automated and manual activities is what makes ASAP particularly suited for B2B and intra-organizational service request scenarios." Wf-XML Version 2.0 was produced by the Workflow Management Coalition (WfMC), and extends the ASAP model to include BPM and workflow interchange capabilities. Wf-XML "introduces the concept that factories themselves may be added and removed. The concept of a container resource is defined, and operations are defined to list factories and to create new ones. A business process engine "is a special type of asynchronous service: it has the ability to be started, to involve people in that process, and to complete some time later. One BPM engine can be easily linked to another BPM engine using Wf-XML. Wf-XML extends ASAP by including the ability to retrieve the process definition, and to monitor the current state of a running process instance. Wf-XML 2.0 both simplifies and strengthens the implementation of asynchronous services to support business process interoperability." The Interoperability Demonstration will involve products that have implemented the Wf-XML 2.0 web commerce protocol, and will include scenarios with Customer, Retailer and Manufacturer. "All clients and servers will be internet; demonstration client each have a simple UI to invoke the asynchronous services from a web form. Each implementation exposes a factory that can be called with a specified context structure, and should return a specific result structure within a few seconds." [Full context]
[June 18, 2004] W3C Public Working Draft on Content Selection for Device Independence (DISelect). The W3C Device Independence Working Group (DIWG) has released a First Public Working Draft for Content Selection for Device Independence (DISelect) 1.0 as part of the W3C Device Independence Activity. The draft specification "represents one part of the approach being developed within DIWG for the provision of a markup language that supports creation of web sites that can be used from a wide variety of devices with a wide variety of characteristics. The overall approach being taken by DIWG is based on the development of a device independent profile for XHTML. The profile will be based on XHTML Version 2, XForms, and current and forthcoming versions of CSS. DIWG is developing additional modules that can be added to this combination of specifications to complete the profile. This specification describes the module that provides selection between versions of materials." According to the WD abstract, the new document "specifies a syntax and processing model general purpose selection. Selection involves conditional processing of various parts of an XML information set according to the results of the evaluation of expressions. Using this mechanism some parts of the information set can be selected for further processing and others can be suppressed. The specification of the parts of the infoset affected and the expressions that govern processing is by means of XML-friendly syntax. This includes elements, attributes and XPath expressions. The document specifies how these components work together to provide general purpose selection." The DISelect specification "provides a simple mechanism for the selection of the content that is to be expressed when adaptation takes place. Its processing model will follow the XInclude approach of positioning the document that contains DISelect items as the input to a step in which it is replaced by host markup based on processing of DISelect." Attributes and elements are defined for conditional processing. DISelect variables to help reduce the complexity of expressions and markup. DISelect uses a subset of XPath 1.0 to express the calculations and conditions involved when determining whether or not a particular piece of content is to be included for processing. This subset is sufficient to construct conditional expressions and expressions that return values. It also includes the ability to invoke XPath functions." [Full context]
[June 17, 2004] European Commission's IDA TAC Publishes Recommendations on Open Document Formats. The TAC (Telematics Between Administrations Committee) of the EC's IDA Community Programme has announced approval of an expert group's conclusions and recommendations on open document formats, with special focus upon XML formats in OpenOffice.Org and WordML. IDA (Interchange of Data between Administrations) is "a Community Programme managed by the European Commission's Enterprise Directorate General. IDA supports the implementation of EU legislation, from internal market regulations to consumer and health policies, by facilitating the exchange of information between public administrations across Europe through the use of information technology." "The TAC, which guides the Community programme for the Interchange of Data between Administrations (IDA), gave its support to recommendations that were prepared by a group of experts from EU Member States, based on an IDA report on the current market situation for document formats. While suggesting that the public sector should make use of XML-based document formats, the recommendations place particular importance on standardisation to ensure market access to industry actors. The TAC endorsed the IDA Expert Group's recommendations at a May 25, 2004 meeting, recognizing "the special responsibility of the European public sector to ensure the accessibility of its information, with a view to rationalising and improving the interactions with citizens and enterprises, and taking into account the importance of the public sector as buyer of IT services and products." The Expert Group stated that standardization initiatives "will ensure not only a fair and competitive market but will also help safeguard the interoperability of implementing solutions whilst preserving competition and innovation. Therefore, the submission of the OpenOffice.Org format to the Organization for the Advancement of Structured Information Standards (OASIS) in order to adopt it as the OASIS Open Office Standard should be welcomed." Further, "Industry is encouraged to provide filters that allow documents based on the WordML specifications and the emerging OASIS Open Document Format to be read and written to other applications whilst maintaining a maximum degree of faithfulness to content, structure and presentation; these filters should be made available for all products." [Full context]
[June 16, 2004] IETF Forms New Atom Publishing Format and Protocol (atompub) Working Group. The Internet Engineering Steering Group (IESG) has announced the formation of an Atom Working Group in the IETF Applications Area. Atom is being created as an enhancement to functionality provided in the popular RSS syndication format, currently documented in several semi-official XML specifications. Atom "defines a feed format for representing and a protocol for editing Web resources such as Weblogs, online journals, Wikis, and similar content. The feed format enables syndication; that is, provision of a channel of information by representing multiple resources in a single document. The editing protocol enables agents to interact with resources by nominating a way of using existing Web standards in a pattern. Chaired by Paul Hoffman and Tim Bray under the supervision of Applications Area Advisor Scott Hollenbeck, the IETF Atom Publishing Format and Protocol (atompub) Working Group will "use experience gained with RSS (variably used as a name by itself and as an acronym for 'RDF Site Summary', 'Rich Site Summary', or 'Really Simple Syndication') as the basis for a standards-track document specifying the model, syntax, and feed format. The feed format and HTTP will be used as the basis of work on a standards-track document specifying the editing protocol. The goal for the working group is to produce a single feed format and a single editing protocol; the working group will only consider additional formats or additional protocols if those charter changes are approved by the IESG." According to the new WG Charter, the working group "will also take steps to ensure interoperability, by unambiguously identifying required elements in formats, clearly nominating conformance levels for different types of software, and providing clear extensibility mechanisms and constraints upon them." Atom currently consists of "a conceptual model of a resource, a concrete syntax for this model, a syndication and archiving format (the Atom feed format) using this syntax, and an editing protocol using this syntax. The Atom protocol will be designed to provide security services for updating and accessing dynamic online resources. The working group will consider current known issues with requirements for remote access, along with the fact that many such resources are constrained by providers who provide the resource owners with little configuration control." The proposed WG schedule calls for release of initial Internet Drafts of the Atom feed format and Atom editing protocol in June 2004. These Internet Draft would be submitted approval as Last Call drafts in March 2005, and would be submitted to the IESG for consideration as Proposed Standards in April 2005. [Full context]
[June 15, 2004] Last Call Review for IETF Indication of Message Composition for Instant Messaging. The Internet Engineering Steering Group (IESG) has announced a Last Call review of the Internet Draft Indication of Message Composition for Instant Messaging, prepared by the IETF's SIP for Instant Messaging and Presence Leveraging Extensions (SIMPLE) Working Group. The Internet Draft describes an XML-based status message that can be used to indicate the current composing status to participants in an IM conversation. "In instant messaging (IM) systems, it is useful to know during an IM conversation that the other party is composing a message, e.g., typing or recording an audio message. The document defines a new status message content type and XML namespace that conveys information about a message being composed. Status messages are carried as XML, as instances of the XML Schema defined in the draft and labeled as an application/im-iscomposing+xml content type." The draft distinguishes two types of messages used in an IM conversation: one is the "content message" which "conveys actual content between two or more users engaged in an instant messaging conversation; the other is the "status message" which "indicates the current composing status to the other participants in a conversation. The status message can indicate the composition of a message of any type, including text, voice or video. The status messages are delivered to the instant messaging recipient in the same manner as the instant messages themselves. The Internet Draft Indication of Message Composition for Instant Messaging is legally encumbered, according to an IETF Patent Disclosure and Licensing Declaration from Microsoft on the version -00 'is-composing ' draft of March 2004. Microsoft declined to make a royalty-free declaration provided in the IPR Template ("Royalty-Free, Reasonable and Non-Discriminatory License to All Implementers"), electing instead a RAND declaration for two issued patents and potentially for related unpublished pending patent application(s). The IESG solicits public comment on this Internet Draft by 2004-06-28. [Full context]
[June 09, 2004] W3C Web Services Working Groups Release New Drafts on Handling of Binary Data. Six new or updated specifications related to binary content have been released by members of the W3C XML Protocol Working Group and Web Services Description Working Group. Both Working Groups are part of the W3C Web Services Activity. XML-binary Optimized Packaging and SOAP Message Transmission Optimization Mechanism are now Last Call Working Drafts which enhance SOAP Version 1.2 performance. Feedback on these WDs may be sent to the XML Protocol Working Group through 2004-06-29. The XML-binary Optimized Packaging (XOP) convention provides a means of more efficiently serializing XML Infosets that have certain types of content. A concrete implementation of the XOP format designed for carrying SOAP messages is defined in the SOAP Message Transmission Optimization Mechanism Working Draft; it describes both an abstract feature and a concrete implementation of XOP for optimizing the transmission and/or wire format of SOAP messages. A new W3C Note written by Michael Mahan (Nokia) answers questions about design decisions in the choice of the include mechanism selected by the XML Protocol Working Group during construction of XML-binary Optimized Packaging (XOP). XOP Inclusion Mechanism: Frequently Asked Questions explains the use of xop:Include as a "a minimal include element that defines one mandatory href attribute information item for the URI link to the related MIME part in a XOP package." The SOAP 1.2 Attachment Feature Note "defines a SOAP feature that represents an abstract model for SOAP attachments. It provides the basis for the creation of SOAP bindings that transmit such attachments along with a SOAP envelope, and provides for reference of those attachments from the envelope. SOAP attachments are described using the notion of a compound document structure consisting of a primary SOAP message part and zero or more related documents parts known as attachments." An updated SOAP Optimized Serialization Use Cases and Requirements Working Draft document "serves to motivate and constrain the scope of the XML Protocol WG's work on a SOAP Message Transmission Optimization Mechanism. A new Assigning Media Types to Binary Data in XML Working Draft "addresses the need to indicate the media type associated with binary element content in an XML document and the need to specify, in XML Schema, the expected media types associated with binary element content. It is expected that the additional information about the media type will be used for optimizing the handling of binary data that is part of a Web services message." [Full context]
[June 08, 2004] Tags for Identifying Languages: IESG Issues Last Call Review for IETF BCP. The Internet Engineering Steering Group (IESG) has announced a last call review for the Internet Draft Tags for Identifying Languages, edited by Addison Phillips (webMethods) and Mark Davis (IBM). The IESG intends to make a decision within the next few weeks on the request to approve this document as an IETF Best Current Practice (BCP) RFC. Commonly referenced as "RFC 3066bis," this working draft of Tags for Identifying Languages is intended to replace Tags for the Identification of Languages (IETF RFC 3066, BCP 47, January 2001). RFC 3066bis describes the "structure, content, construction, and semantics of language tags for use in cases where it is desirable to indicate the language used in an information object. It also describes how to register values for use in language tags and a construct for matching such language tags, including user defined extensions for private interchange." RFC 3066bis will represent a significant improvement in language identification facility if it is approved as a an IETF BCP that supersedes RFC 3066. Both XML 1.0 and XML 1.1 normatively reference RFC 3066 for purposes of language identification: "In document processing, it is often useful to identify the natural or formal language in which the content is written. A special attribute named xml:lang may be inserted in documents to specify the language used in the contents and attribute values of any element in an XML document. In valid documents, this attribute, like any other, must be declared if it is used. The values of the attribute are language identifiers as defined by IETF RFC 3066, Tags for the Identification of Languages, or its successor..." The main goals in the revision RFC 3066 are: (1) to maintain backward compatibility, so that all previous codes would remain valid; (2) to reduce the need for large numbers of registrations; (3) to provide a more formal structure to allow parsing into subtags even where software does not have the latest registrations; (4) to provide stability in the face of potential instability in ISO 639, 3166, and 15924 codes — demonstrated instability in the case of ISO 3166; and (5) to allow for external extension mechanisms." The revision of IETF RFC 3066 represents one of several standards efforts currently underway to enhance intelligent computer processing of machine-readable natural language through the use of language description in markup contexts. The IESG solicits final comments on the proposal to approve "RFC 3066bis" as an IETF BCP. Feedback should be sent to the relevant IETF mailing lists by 2004-07-05. [Full context]
[June 07, 2004] W3C First Public Working Draft for RDF Data Access Use Cases and Requirements. The W3C RDF Data Access Working Group has released an initial Working Draft specification for RDF Data Access Use Cases and Requirements which "outlines use cases for RDF query languages and access protocols and their requirements, examining their design objectives." The Working Draft has been produced as part of the W3C Semantic Web Activity. The RDF Data Access Working Group was chartered to "gather requirements and to define an HTTP and/or SOAP-based protocol for selecting instances of subgraphs from an RDF graph," paying special attention to the RDF Net API submission. The WG's work involves specification of a "language for the query and the use of RDF in some serialization for the returned results. The query langauge may have aspects of a path language similar to XPath (used for XML in XSLT and XQuery) and various RDF experimental path syntaxes." The Use Cases and Requirements draft clarifies some of the objectives in the W3C design of an RDF query language and data access protocol. "Each use case describes a user-oriented context in which the RDF query language or protocol or both are used to solve a real problem. The use cases characterize some of the most important and most common motivations behind the development of existing RDF query languages and access protocols. The use cases, in turn, inform decisions about requirements, that is, the critical features that a standard RDF query language and data access protocol require, as well as design objectives that are not on the critical path." "The RDF data model is a directed, labeled graph with edges labeled with URIs and nodes that are either unidentified, literals, or URIs. The W3C's Semantic Web Activity is based on RDF's flexibility as a means of representing data. While there are several standards covering RDF itself, there has not yet been any work done to create standards for querying or accessing RDF data. There is no formal, publicly standardized language for querying RDF information. Likewise, there is no formal, publicly standardized data access protocol for interacting with remote or local RDF storage servers." The requirements sketched in the initial Working Draft are in development: the RDF Data Access Working Group has adopted some but not all of these requirements; several are still under discussion. The team invites feedback especially with respect to which use cases and requirements should be elaborated, clarified, removed, or added. [Full context]
[June 03, 2004] Proposed Technical Specification for Web Services Addressing and Referencing Framework. A bold move to catalyze standards convergence and create a public Web Services Addressing specification has been published on W3C's open Web services mailing list. Representatives from eleven major companies have proposed the creation of a new technical activity to "bring about industry convergence in the area of Web Service Referencing and Addressing." An open letter from Jeff Mischkinsky (Oracle) to the W3C AC Forum contains the proposal from W3C Advisory Committee members representing Arjuna, CycloneCommerce, Enigmatec, Fujitsu, Hitachi, Iona, NEC, Nokia, Oracle, SeeBeyond, and Sun. Two principal specifications in the web services addressing and referencing area would be used as input to the new technical activity; the working group would "use these inputs without prejudice or restriction and, evaluate them on their technical merit,in its deliberations to create deliverables which satisfy the Charter requirements," together with other contributions which conform to the goals and scope of the proposed Charter. One is the the Web Services Addressing (WS-Addressing) specification, provided that it is submitted for such use. WS-Addressing is a proprietary specification in three published versions, owned by BEA, IBM, and Microsoft. The second key specification is WS-MessageDelivery Version 1.0, which "defines an abstract set of message delivery properties enabling message delivery for Web services that utilize Message Exchange Patterns associated with WSDL documents." WS-MessageDelivery is already a W3C Member Submission, contributed by a subset of W3C members companies that drafted the new proposal. Key deliverables from the proposed working group would include a WS-Addressing and Referencing Framework Recommendation and a corresponding primer which introduces the new specification, including use cases and scenarios. As justification for the new activity, the proposers reference the substantial informal discussion about how to bring about industry convergence in the area of web services addressing and are seeking to create a technical activity that "would have the participation of the entire web service community: we believe that the requirements are clear and that substantial contributions exist. With industry recognition of these elements, and contribution of their use, it is apparent that reasonable convergence should be feasible now." According to the a proposed Scope statement, "The ability to identify participants in a Web service message exchange is fundamental to the dynamic and ever changing world of on-line business. WSDL provides mechanisms to define and describe the server side of an interaction (i.e. where to send a one way or a request messages to), but there are no standardized mechanisms to identify other delivery destinations that may exist in a message exchange pattern, such as a reply-to destination." The purpose of the proposed working group would be to "define extensible and reusable mechanisms to reference Web Services, to allow such Web service references to be passed in messages, and to support WSDL Messsage Exchange Patterns. The specification would support the MEPs in WSDL 1.1, the MEPs anticipated in WSDL 2.0 if it is sufficiently progressed, and may define support for other useful MEPS such as basic callback." As proposed, the new working group would "collaborate with W3C efforts within the Web Service Activity including WSD, XMLP, WS-Chor as appropriate. [It would] collaborate with relevant OASIS TCs such as WS-RF, WS-N, WS-CAF, WS-BPEL, ASAP as appropriate." The authors of the proposal welcome debate and comments, either publicly or privately. [Full context]
[June 02, 2004] Email Spoofing Targeted in IETF Draft on MTA Authentication Records in DNS. An updated IETF Internet Draft has been published for MTA Authentication Records in DNS, representing one of several current proposals aimed at design of mechanisms to reduce spoofing of email headers and delivery of (virus-bearing) spam. The MTA Authentication Records in DNS draft borrows heavily from earlier proposals that involve use of a DNS record to check the legitimacy of an email address; it also incorporates ideas proposed by many members of the IETF MARID (MTA Authorization Records in DNS) Working Group. Other IETF draft proposals include: Sender Policy Framework (SPF): A Convention to Describe Hosts Authorized to Send SMTP Traffic; Caller ID for E-mail; The RMX DNS RR and Method for Lightweight SMTP Sender Authorization. The MTA Authentication Records in DNS Internet Draft describes mechanisms by which a domain owner can publish its set of outgoing Mail Transfer Agents (MTAs), and mechanisms by which SMTP servers can determine what email address is allegedly responsible for most proximately introducing a message into the Internet mail system, and whether that introduction is authorized by the owner of the domain contained in that email address. The specification is carefully tailored to ensure that the overwhelming majority of legitimate emailers, remailers and mailing list operators are already compliant." As with other current proposals, this IETF Internet Draft uses XML in its solution. Given an email message and an IP address from which it has been (or will be) received, the decision model tests whether the SMTP client at the host address authorized to send that email message. Part of the authentication process involves finding the E-mail Policy Document for the purported responsible address; this E-Mail Policy Document contains a description of a client authorization function with four arguments (the local-part of an email address; a domain name called the "original domain"; a domain name called the "current domain"; an IP address, either IPv4 or IPv6. An E-mail Policy Document "is modeled by an XML infoset that contains, among other things, a definition of the client authorization function; this function can be used to determine whether a domain owner is willing to take responsibility for e-mail that is sent by a particular SMTP client." The draft specification describes those parts of the XML infoset that define the mail acceptance function, provides a description of the macro expansion performed on the character data in some of the elements, and presents the algorithm by which the XML infoset may be obtained. Appendix B provides an XML Schema for 'urn:ietf:params:xml:schema:marid-1'. This IETF proposal recognizes that "a huge majority of the unwanted email contains headers that lie about the origin of the mail; this is true of most spam and substantially all of the virus email that is sent. The document describes a mechanism such that receiving MTAs, MDAs and/or MUAs can recognize mail in this category and take appropriate action." [Full context]
[May 31, 2004] Open Mobile Alliance Releases Working Drafts for OMA DRM Version 2.0. The OMA Browser and Content (BAC) Download and DRM Sub-Working Group has released several draft specifications as part of the OMA DRM 2.0 Enabler Release, announced in February 2004. The Open Mobile Alliance (OMA) Digital Rights Management technology "enables the distribution and consumption of digital content in a controlled manner, where content is distributed and consumed on authenticated devices per the usage rights expressed by the content owners. OMA DRM work addresses the various technical aspects of this system by providing appropriate specifications for content formats, protocols, and rights expression languages." OMA DRM 2.0 builds upon core DRM functionality specified in the OMA DRM 1.0 Enabler Release, now supported on more that fifty (50) mobile handsets. The new OMA DRM enabler release "takes advantage of expanded device capabilities and offers improved support for audio/video rendering, streaming content, and access to protected content using multiple devices, thus enabling new business models. It enables the protection of premium content such as music tracks, video clips, and games, with enhanced security and improved support to preview and share content." Support for OMA DRM 2.0 has been announced by numerous mobile device vendors and content suppliers. The OMA DRM 2.0 Enabler Release Specification Baseline introduces the five principal documents: DRM Rights Expression Language V2.0 defines the XML/ODRL-based rights expression language used to describe the permissions and constraints governing the usage of DRM protected media objects. The DRM Specification V2.0 defines the the format and semantics of the cryptographic protocol, messages, processing instructions and certificate profiles, including the Rights Object Acquisition Protocol (ROAP) messages, the domains functionality, transport mappings for ROAP, binding rights to user identities, exporting to other DRMs, the certificate profiles, and application to other services"; these features are outlined in the OMA DRM Requirements. A DRM Architecture document defines the overall architecture for DRM 2.0 including informative descriptions of the technologies and their uses. DRM Content Format V2.0 defines the content format for DRM protected (encrypted) media objects. XML schemas are provided for Rights Object Acquisition Protocol (ROAP) protocol data units, Rights Object Acquisition Protocol trigger media type, and the OMA DRM Rights Expression Language. The OMA DRM Rights Expression Language (REL) V2.0 is defined as a mobile profile of the Open Digital Rights Language (ODRL). ODRL is an XML-based rights expression language free of licensing restrictions, providing a lightweight formal mechanism for specifying rights independently of the content type and transport mechanism. [Full context]
[May 28, 2004] Java Web Services Developer Pack V1.4 Supports WSS and WS-I Specifications. Sun Microsystems has announced Java Web Services Developer Pack (Java WSDP) version 1.4 along with Sun Java System Application Server 7 Enterprise Edition. The Java WSDP is a "free integrated toolkit that allows Java developers to build and test XML applications, Web services, and Web applications with the latest Web service technologies and standards implementations. With 1.2 million downloads to date, the Java WSDP from Sun is one of the most popular toolkits for accelerating development of secure and interoperable Web services applications." According to the Sun announcement, Java WSDP 1.4 has been enhanced to support the latest Web services security standards and Web Services Interoperability Organization (WS-I) Basic Profile 1.1 with Attachments Profile 1.0. It also provides support for a full implementation of the OASIS Web Services Security (WSS) specification, providing message level security for SOAP. This technology helps allow developers to build reliable Web services, including XML digital signature (JSR 105), XML message encryption and authentication for Web services applications. The Java WSDP 1.4 will support a broader set of Web containers, allowing choice and flexibility for developers. In addition to Apache Tomcat, developers will be able to deploy to the Sun Java System Application Server and the Sun Java System Web Server." The toolkit is scheduled for general availability in June 2004, downloadable from the Sun Developer Network web site. Sun also announced the immediate availability the new Sun Java System Application Server 7 which features greater enterprise Java technology-based Web services performance, with scalability reaching over 100 linear CPUs and new technology that supports five-nines (99.999%) availability. Java System Application Server 7 EE provides a high performance, scalable and robust enterprise Java platform for delivering enterprise-class application services and Web services. The Application Server offers an economically compelling platform for deploying mission-critical applications that require extremely high availability and massive scalability. New features of the Java System Application Server 7 EE include a reference architecture that provides best practice recommendations for high availability; support for multiple platforms, including the Solaris Operating System, Linux, Red Hat, HP-UX 11i and Windows, and full enterprise Java platform application failover with added Enterprise JavaBeans (EJBs) specification support and Remote Method Invocation over Internet Inter-Orb Protocol (RMI/IIOP) failover." [Full context]
[May 26, 2004] Industry Shows Heightened Interest in Federated Identity-Based Web Services. Recent announcements about the adoption of identity federation standards and demonstrated interoperability of enterprise-level products reveal a growing interest in deploying secure, identity-based Web Services across company boundaries. The Liberty Alliance consortium has released a new overview document describing the general applicability of its Identity Web Services Framework (ID-WSF) to Web services. Finalized in November 2003, Liberty's ID-WSF suite of specifications supports the development of Web services which "typically require a number of standard functions, including authentication, security, service discovery, and the communication of service policy. Liberty ID-WSF provides such functionality, allowing the development of secure, privacy-protected Web services. AOL, Nokia and Vodafone are among approximately thirty (30) member companies that have announced products and services or plans for products and services based on Liberty specifications. Federated, identity-based Web services allow companies to connect their applications with their partners' or customers' applications by granting trusted entities access to services and information protected by firewalls." Microsoft announced that six companies participating in a WS-Federation interoperability workshop completed testing of their products; the solution was demonstrated in the Microsoft Interoperability Pavilion Microsoft at the TechED conference. Several participating companies have issued announcements describing the implementation of federated identity specifications in their products, including support for Web Services Federation (WS-Federation), OASIS Web Services Security (WSS) 1.0, SAML, and Liberty Alliance. WS-Federation (from BEA, IBM, Microsoft, RSA Security, and Verisign, July 2003) "defines mechanisms that are used to enable identity, account, attribute, authentication, and authorization federation across different trust realms. The mechanisms can be used by passive and active requestors; the Web service requestors are assumed to understand the new security mechanisms and be capable of interacting with Web service providers." RSA Security's announcement reports that Dan Blum of Burton Group counts "approximately 200 organizations currently implementing browser-based federated identity solutions, primarily utilizing the SAML (Security Assertion Markup Language) specification." Ping Identity Corporation has founded an open source community project (SourceID.org) for federated identity management based upon the SAML, Liberty Alliance, and WS-Federation specifications. Its goal is to promote education about a federated identity infrastructure that "enables cross-boundary single sign-on, dynamic user provisioning and identity attribute sharing; by providing for identity portability, identity federation affords end-users with increased simplicity and control over the movement of personal identity information while simultaneously enabling companies to extend their security perimeter to trusted partners." [Full context]
[May 24, 2004] Updated WS-Trust and WS-SecureConversation Specifications Accompany Microsoft WSE 2.0. On May 24, 2004 Microsoft announced the final release of Web Services Enhancements 2.0 and revised specifications for Web Services Trust Language (WS-Trust) and Web Services Secure Conversation Language (WS-SecureConversation). According to Microsoft's summary Fact Sheet, WSE 2.0 is a "supported add-on to Microsoft Visual Studio .NET and the Microsoft .NET Framework that enables developers to build security-enhanced Web services based on the latest Web services protocol specifications and standards. Today more than 250,000 developers use WSE to create security-enhanced connected systems that help improve business processes within and beyond corporate trust boundaries and create new revenue-generating opportunities." These "latest Web services specifications and standards" include WS-Security 2004, WS-Policy, WS-SecurityPolicy, WS-Trust, WS-SecureConversation, and WS-Addressing; WS-Security 2004 became an OASIS Standard in April 2004, while the other five protocol specifications are proprietary. The revised Version 1.1 drafts of WS-Trust and WS-SecureConversation update the previous Version 1.0 specifications published by IBM, Microsoft, RSA, and VeriSign on December 18, 2002. These two documents are featured prominently in Microsoft's WSE 2.0 announcements. "What's New" says that WSE's support of the WS-Trust and WS-SecureConversation specifications "provides the capability to programmatically request a security token using a SOAP message, and that token can be used for a series of SOAP messages between a SOAP message sender and a target Web service. WSE allows you to build a security token service or configure one that issues security context tokens. When configured to issue security context tokens, a SOAP message sender can use the token to sign and/or encrypt a series of SOAP messages, known as a conversation, between a SOAP message sender and the target Web service." According to Martin Gudgin's new article "Using WS-Trust and WS-SecureConversation," the Web Services Enhancements (WSE) Toolkit Version 2.0 "provides implementations of both specifications to enable Web Service producers and consumers to secure their applications"; it implements the latest version of WS-Trust, providing a SecurityTokenService class as the base class for processing issuance, renewal, and validation requests for security tokens; it also implements the latest version of the WS-SecureConversation specification, providing a SecurityContextTokenService class for issuing Security Context Tokens. WSE 2.0 is said to work "in concert with another new addition to Microsoft's Web services offering, Microsoft Office Information Bridge Framework 1.0. Information Bridge Framework is an integrated set of tools that uses eXtensible Markup Language (XML) and Web services to enable information workers to view and act on enterprise business data from within familiar Microsoft Office System programs." [Full context]
[May 21, 2004] SWRL: A Semantic Web Rule Language Combining OWL and RuleML. W3C has acknowledged receipt of a Member Submission from the National Research Council of Canada, Network Inference, and Stanford University for SWRL: A Semantic Web Rule Language Combining OWL and RuleML. The submission has been made in association with the Joint US/EU ad hoc Agent Markup Language Committee. The SWRL submission package contains three components in addition to the principal prose document: (1) an RDF Schema partially describing the RDF Concrete Syntax of SWRL; (2) an OWL ontology partially describing the RDF Concrete Syntax of SWRL; (3) an XML Schema for the SWRL XML Concrete Syntax. The document "contains a proposal for a Semantic Web Rule Language (SWRL) based on a combination of the OWL DL and OWL Lite sublanguages of the OWL Web Ontology Language with the Unary/Binary Datalog RuleML sublanguages of the Rule Markup Language. SWRL includes a high-level abstract syntax for Horn-like rules in both the OWL DL and OWL Lite sublanguages of OWL. A model-theoretic semantics is given to provide the formal meaning for OWL ontologies including rules written in this abstract syntax. An XML syntax based on RuleML and the OWL XML Presentation Syntax as well as an RDF concrete syntax based on the OWL RDF/XML exchange syntax are also given, along with several examples." Statements concerning copyrights, trademarks, service marks, and patents related to the submission have been made by W3C members and non-members, including the National Research Council of Canada, Network Inference, Stanford University, Lucent Technologies, Macgregor, Inc., Massachusetts Institute of Technology, and BBN Technologies; each of these organizations has granted to the W3C "a perpetual, nonexclusive, royalty-free, world-wide right and license under any of its copyrights in this contribution to copy, publish and distribute the contribution under the W3C document licenses." [Full context]
[May 20, 2004] IETF Releases QA Checklist Document for Specification Production Using XML. Technical specifications produced by committees with multiple phases of editorial review and feedback are susceptible to myriad QA risks, clerical and otherwise. The Internet Engineering Steering Group (IESG) has announced the publication of a technical memo which "defines a list of often called 'ID-NITS' that need to be checked before an Internet-Draft will be accepted for IESG consideration. The intent is that Working Group chairs check an I-D for any nits before submitting a request-for-publication. All Internet Drafts which are offered for publication as RFCs must conform to the stated requirements or they will be returned to the author(s)/editor(s) for revision." Several items in the checklist related to ABNF and XML syntax used in formal definitions and examples. Additionally, as a suggestion for productivity improvement, the Checklist document strongly recommends following RFC 2629 (Writing I-Ds and RFCs using XML) in the creation of XML source files for generating an Internet Draft. There is an online xml2rfc tool to generate the nroff and Internet Draft files; this tool automatically takes care of most of the formatting, administrative and bureaucratic rules." According to the new Checklist document, all ABNF grammars must be checked, and an online tool is available for validating IETF ABNFs. "Protocol specifications that use XML should always use well-formed XML at a minimum. Sample XML instances included in a specification have to be well-formed, and if the XML is supposed to be valid (according to the current W3C definition of validity), the samples must reference and be validated using an appropriate XML Schema, DTD, or other standard validation mechanism that is structurally and syntactically correct. XML provides structures, such as the <any> element information item in XML Schema, to allow element extensions. If these structures are included in a protocol, the protocol specification must include clear guidance on how, when, and where the extension structures, such as versioning, can be used. All XML Schemas, Namespaces, and Resource Description Framework (RDF) Schemas should be registered with the IANA using the procedures described in Best Current Practice 81, The IETF XML Registry." [Full context]
[May 19, 2004] XML Silicon: The Tarari Random Access XML (RAX) Content Processor. Tarari Inc. recently announced the availability of its RAX Content Processor which can "easily process millions of XPaths per second." The Random Access XML Content Processor solution was demonstrated at the NetWorld+Interop Las Vegas 2004 event, and represents the latest technology achievement in hardware-accelerated XML processing. Tarari's purpose-built silicon for XML processing is enabled by a core technology called a Simultaneous XPath engine which "produces results directly from the input XML document, whereas DOM or SAX-based systems need to create an in-memory representation of the document." According to a white paper authored by Michael Leventhal, Simultaneous XPath "is vastly faster than any software-based XPath engines (e.g., Saxon, Xalan, libxml) because its performance is insensitive to the number of XPaths in an evaluation group and the complexity of the XPath expressions. Simultaneous XPath handles XML namespaces and namespace prefixing on the fly without pre-scanning and declaration of prefixes; its execution time increases linearly with the file size, without any performance degradation and without memory thrashing." Random Access XML (RAX) "represents a breakthrough in accelerating and simplifying XML processing. Using XPaths as indices, RAX gives applications direct access to any data within an XML message without parsing and without tree or streaming traversal. RAX can be used for any XML application that would traditionally be handled by DOM, SAX, JAXB, BEA's XMLBeans, or any other approach. It enables network switch, server, blade, and appliance vendors to create a variety of new applications such as gigabit message classification and routing, high transaction rate publish and subscribe systems, advanced SOAP message processing, high performance XML security firewalls and real-time telecommunications billing solutions." The Tarari RAX Content Processor hardware device "sits on a 4.2Gbps PCI bus, communicating with main memory through multiple and interleaved DMA channels; this standard PCI card into servers, appliances, and network devices to allow control and inspection of complete messages. The complete Tarari technology solution includes acceleration of XML security, XML compression, and Unicode character conversion." Tarari participated in W3C's September 2003 Binary XML Workshop, and is currently studying how to propose RAX as an industry standard. [Full context]
[May 18, 2004] WS-I Releases Basic Security Profile Version 1.0 Working Group Draft. The Web Services Interoperability Organization (WS-I) has announced the availability of a Basic Security Profile Version 1.0 Working Group Draft. Publication of the Basic Security Profile follows a February 2004 release of WS-I Security Scenarios Working Group Draft which defined the requirements and scope for the WS-I Basic Security Profile. The WS-I Basic Security Profile Version 1.0 consists of "a set of non-proprietary Web services specifications, along with clarifications and amendments to those specifications which promote interoperability. The Security Profile WD addresses Transport Layer Security, SOAP Message Security, Username Token Profile, X.509 Certificate Token Profile, XML-Signature, XML Encryption, Algorithms, Relationship of Basic Security Extension Profile to Basic Profile, and Attachment Security. The Profile's Guiding Principles articulated in Section 1.1 clarify that testable statements are made when possible, but that "such testability is not required; preferably, testing is achieved in a non-intrusive manner (e.g., examining artifacts 'on the wire,' but due to the nature of cryptographic security, non-intrusive testing may not be possible." Similarly, the Basic Security Profile provides no guarantee of interoperability: "Although it is impossible to completely guarantee the interoperability of a particular service, the Profile attempts to increase interoperability by addressing the most common problems that implementation experience has revealed to date." Requirements from a number of specifications are incorporated into the Profile by reference, as enumerated in Appendix I: HTTP over TLS; Web Services Security: SOAP Message Security; Web Services Security: Username Token Profile; Web Services Security: X.509 Token Profile; XML-Signature Syntax and Processing; Web Services Security: SOAP Message Security Section 9; XML Encryption Syntax and Processing. The WS-I announcement reports that the the WS-I Basic Security Profile Working Group is "planning to incorporate the Web Services Security: Kerberos Token Profile into the Basic Security Profile upon completion of the technical work by the OASIS Web Services Security Technical Committee. In addition, WS-I is considering incorporating other token profiles, such as the Web Services Security: SAML Token Profile and the Web Services Security: XRML Token Profile into the Basic Security Profile." [Full context]
[May 13, 2004] W3C Releases Candidate Recommendation for CSS3 Basic User Interface Module. A CSS3 Basic User Interface Module Candidate Recommendation edited by Tantek Çelik has been published by the W3C CSS Working Group as part of the W3C Style Activity. This CR "describes those user interface related selectors, properties and values that are proposed for CSS level 3 to style HTML and XML, including XHTML and XForms. It includes and extends user interface related features from the selectors, properties and values of CSS level 2 revision 1 and Selectors specifications." Three other CSS Candidate Recommendations were released by the CSS Working Group earlier this year: Cascading Style Sheets, Level 2 Revision 1. CSS 2.1 Specification, CSS Print Profile, and CSS3 Paged Media Module. CSS (Cascading Style Sheets) is "a language for describing the rendering of HTML and XML documents on screen, on paper, in speech, etc. It uses various selectors, properties and values to style basic user interface elements in a document." The CSS3 Basic User Interface Module will remain at Candidate Recommendation level at least until 11-November-2004, providing opportunity for additional interoperability testing. "A test suite and a report on implementations will be provided before the document becomes a Proposed Recommendation. One of the Candidate Recommendation Exit Criteria for this CSS specification is that there must be at least two interoperable implementations for every feature." [Full context]
[May 12, 2004] OGC Interoperability Experiment for LandXML and Geography Markup Language (GML). The Open GIS Consortium has announced its first Interoperability Experiment involving the Geography Markup Language (GML) Version 3.1 and LandXML Version 1.0. OGC Interoperability Experiments are "brief, inexpensive, low-overhead initiatives led and executed by OGC members to achieve specific technical objectives that further the OGC Technical Baseline; three or more OGC members launch and run an initiative without the more substantial sponsorship that supports OGC's traditional testbeds and pilot projects. These initatives can be for specification development, refinement, or testing or for other purposes." LandXML Version 1.0 is "an industry-driven, open XML data exchange standard that provides interoperability in more than 40 software applications serving the civil engineering, survey and transportation industries. The LandXML.org Industry Consortium, initiated by Autodesk and now comprised of 190 companies, government agencies and universities, developed the standard. LandXML is now broadly supported in online cadastral applications, GIS applications, Survey field instruments, Civil Engineering desktop and CAD-based applications, instant 3D viewers and high end 3D visualization rendering applications." LandXML XML Schema root nodes include Alignments, Application, CgPoints, CoordinateSystem, GradeModel, Monuments, Parcels, PipeNetworks, PlanFeatures, Project, Roadways, Surfaces, Survey, and Units. OGC's Geography Markup Language (GML) is a "widely supported open specification for representation of geographic (spatial and location) information. It defines XML encoding for the transport and storage of geographic information, including both the geometry and properties of geographic features." The LandGML IE initiated by US Army Corps of Engineers ERDC, Autodesk and Galdos Systems "will test a GML 3.0 application schema for encoding LandXML 1.0 documents (LandGML) and will provide a tool to transform LandXML 1.0 documents into LandGML documents. In a second phase, a tool will be developed to transform LandGML documents to LandXML 1.0 documents." [Full context]
[May 11, 2004] OASIS Forms Open Building Information Exchange (oBIX) Technical Committee. A new Open Building Information Exchange (oBIX) Technical Committee has been formed at OASIS to "define a standard web services protocol to enable communications between building mechanical and electrical systems and enterprise applications. This protocol will enable facilities and their operations to be managed as full participants in knowledge-based businesses. The oBIX specification will utilize web services for exchange of information with the mechanical and electrical systems in commercial buildings." The TC will continue work previously hosted by the Continental Automated Building Association (CABA) in an XML/Web Services Guideline Committee. Motivation for the technical work is provided in the TC Call for Participation: "most mechanical and electrical systems are provided with embedded digital controls (DDC) and most of these devices are low cost and not enabled for TCP/IP. They are installed with dedicated communications wiring. Larger DDC controllers provide network communications for these dedicated controllers. There are several well established binary protocols (BACnet, LonTalk, Modbus, DALI) that are used on these dedicated networks in addition to numerous proprietary protocols. While these binary protocols can be used over TCP/IP networks — they have challenges with routers, firewalls, security, and compatibility with other network applications. There is an added challenge in that the industry is split between several largely incompatible protocols." The oBIX TC therefore proposes to "develop a publicly available web services interface specification that can be used to obtain data in a simple and secure manner from HVAC, access control, utilities, and other building automation systems, and to provide data exchange between facility systems and enterprise applications. In addition, the TC will develop implementation guidelines, as needed, to facilitate the development of products that use the web service interface." [Full context]
[May 07, 2004] OMG Membership Approves Adoption of Reusable Software Assets (RAS) Standard. The Object Management Group (OMG) announced that its members have voted to adopt the Reusable Asset Specification (RAS), which "defines a standard way to package reusable software assets. A reusable software asset is, broadly speaking, any cohesive collection of artifacts that solve a specific problem or set of problems encountered in the software development life cycle." A reusable asset, which "provides a solution to a problem for a given context, may have a variability point with a value provided or customized by the asset consumer, and rules for usage which are the instructions describing how the asset should be used. Artifacts are any workproducts from the software development lifecycle, such as requirements documents, models, source code files, deployment descriptors, test cases or scripts, etc." RAS describes assets as part of asset-based development (ABD) which complements the Model Driven Architecture (MDA) by describing asset production, asset consumption, and asset management. An RAS manifest document is an XML document; the authoritative description of the RAS manifest document structure is provided as an XML Schema. Every reusable asset must contain at a minimum one manifest file, which are described below, and at least one artifact to be considered a valid reusable asset. The manifest file is an XML document that validates against one of the known RAS XML Schemas, and passes an additional set of semantic constraints described in the profile document. An asset package is the collection of artifact files plus a manifest." Several tool vendors have implemented the currently released RAS XML schema in their tools and other companies have implemented internal tools based on the RAS specification. [Full context]
[May 06, 2004] HL7 Approves Web Services Profile and ebXML as 24-Month DSTUs for Messaging Standard. Health Level Seven (HL7) has announced the approval of a Web Services Profile and ebXML Message Service Specification 2.0 as Draft Standards for Trial Use (DSTUs) as Version 3 Transport Specifications within the HL7 Messaging Standard. The Web Services and ebXML transport specifications are two of over two dozen specifications that make up the HL7 Version 3 Messaging Standard. The HL7 V3 project "represents a new approach to clinical information exchange. It is XML-based and built from the ground up around a single object model, the HL7 Reference Information Model (RIM) and a rigorous methodology that ties model to message and finally to syntax." A Version 3 HL7 Patient Administration Standard is also being published for a twelve-month period of trial use within the HL7 V3 project. This Version 3 specification is "built around subject domains, for each of which it provides storyboard descriptions, trigger events, interaction designs, domain object models derived from the RIM, hierarchical message descriptors (HMDs) and a prose description of each element. Implementation of these domains further depends upon a non-normative V3 Guide and normative specifications for data types, the XML implementable technical specifications (ITS) or message wire format, message and control wrappers, and transport protocols." The Web Services Profile for HL7 has been designed "in response to an industry need for increased interoperability between implementations; it focuses on basic Web services protocols and technologies like SOAP (Simple Object Access Protocol) and WSDL (Web Services Description Language), which lay the groundwork for more complex interactions based on higher-level Web services specifications." The purpose of the HL7 ebXML transport specification is to "provide secure, flexible transport for exchanging HL7 messages between message handling interfaces or ebXML Message Service Handlers (ebXML MSH). It specifies an HL7-specific implementation of the ebXML Message Service specification, providing transport to move HL7 content, messages and documents over a variety of lower level transports, such as TCP/IP, HTML, and SMTP. This protocol optionally supports important features such as Duplicate Message handling, Reliable Messaging, Message Routing, Sequencing, and Digital Signatures. When using this protocol in combination with a certificate based TLS (Transport Layer Security) or SSL (Secure Sockets Layer) TCP/IP lower level transport it provides a robust, secure and authenticated communications infrastructure for exchanging HL7 V2 and V3 messages and content between organizations." HL7 is a "not-for-profit, ANSI-accredited standards developing organization dedicated to providing a comprehensive framework and related standards for the exchange, integration, sharing, and retrieval of electronic health information that supports clinical practice and the management, delivery and evaluation of health services. HL7's more than 2,000 members represent over 500 corporate members, including 90 percent of the largest information systems vendors serving healthcare." [Full context]
[May 05, 2004] IESG Announces Proposal for IETF Atom Publishing Format and Protocol Working Group. The Internet Engineering Steering Group (IESG) has announced the proposal for a new IETF Atom Publishing Format and Protocol Working Group within the IETF Applications Area. An informational document about the proposed ATOMPUB Working Group describes the motivation for the WG, the essential features of Atom, the group's proposed focus, and technical background to the Atom Publishing Format. Atom currently "defines a feed format for representing and a protocol for editing Web resources such as Weblogs, online journals, Wikis, and similar content. The feed format enables syndication, that is, provision of a channel of information by representing multiple resources in a single document. The editing protocol enables agents to interact with resources by nominating a way of using existing Web standards in a pattern." The proposed IETF Working Group would "use experience gained with RSS (variably used as a name by itself and as an acronym for 'RDF Site Summary', 'Rich Site Summary', or 'Really Simple Syndication') as the basis for a standards-track document specifying the model, syntax, and feed format. The feed format and HTTP will be used as the basis of work on a standards-track document specifying the editing protocol. The goal for the working group is to produce a single feed format and a single editing protocol. The working group's primary focus will be on delivering an interoperable format and corresponding protocol; it is expected that all but the most basic, generic metadata and functions will be accommodated through extensions, rather than in the core documents." Interoperability is a key concern for the design initiative; in order to ensure interoperability the WG will unambiguously identify required elements in formats, clearly nominate conformance levels for different types of software, and provide clear extensibility mechanisms and constraints upon them. Public comment on the proposed Atom Publishing Format and Protocol Working Group may be sent to the IESG mailing list by May 12, 2004. [Full context]
[May 04, 2004] Microsoft Releases Devices Profile for Web Services Specification. A new Devices Profile for Web Services: A Proposal for UPnP 2.0 Device Architecture edited by Jeffrey Schlimmer (Microsoft) "defines a minimal set of implementation constraints to enable secure Web service messaging, discovery, description, and eventing on resource-constrained endpoints." The profile has been jointly authored with Intel, Lexmark, and Ricoh. Description in a technical overview clarifies that the Devices Profile relies upon other Web service specifications, allowing devices "to participate in the Service Oriented Architecture (SOA) fabric. Sharing a common protocol framework allows devices to contribute to Web service scenarios that are traditionally beyond the reach of individual devices. Moreover, this commonality allows ISVs to leverage development tooling when writing applications for devices, and it allows IT departments to leverage service management infrastructure. By leveraging factored Web service specifications built on a common foundation of SOAP and XML, device implementations can support rich functionality in a pay-as-you-go manner. The Devices Profile represents a new foundation for application protocols; it frees vendors and their standards organizations to concentrate on designing messages for specific device classes. The well-factored architecture and significant extensibility of the Device Profile enables as-yet-unforeseen messaging patterns, transports, metadata, and capabilities and requirements." The three principal goals of the Devices Profile specification are to: (1) "Identify a minimal set of Web service specifications needed to enable secure messaging, dynamic discovery, description, and eventing; (2) Constrain Web services protocols and formats so Web services can be implemented on peripheral-class and consumer electronics-class hardware; (3) Define minimum requirements for compliance without constraining richer implementations." Namespaces are provided for several WS-* specifications, in addition to XML Schema, SOAP, and WSDL: the unpublished Web Services Metadata Transfer (WS-MetadataTransfer), WS-Addressing, WS-Discovery, WS-Eventing, and WS-Policy. [Full context]
[April 30, 2004] Universal Business Language (UBL) 1.0 Approved as an OASIS Committee Draft. The approval of the Universal Business Language (UBL) Version 1.0 as an OASIS Committee Draft represents a major publication milestone in the arena of e-business message exchange standards development. Freely available to everyone without legal encumbrance or licensing fees, UBL "defines a generic XML interchange format for business documents that can be extended to meet the requirements of particular industries. The specification is designed to provide a universally understood and recognized commercial syntax for legally binding business documents and to operate within a standard business framework such as ISO 15000 (ebXML) to provide a complete, standards-based infrastructure that can extend the benefits of existing EDI systems to businesses of all sizes." The UBL v1.0 Committee Draft release is distributed for public review as a ZIP archive with some 244 files, containing prose documentation, normative XML Schemas, UML diagrams, spreadsheet models, formatting specifications, sample instances, and other components. A UBL ASN.1 specification provides an alternative schema definition for UBL documents in accordance with ITU-T X.680-X.693. The UBL v1.0 release provides a library of XML schemas for reusable data components, small set of XML schemas for common business documents useful in a generic order-to-invoice trading context, and support for the customization of UBL in specific trading relationships. The UBL schemas are "modular, reusable, and extensible in XML-aware ways. Designed as an implementation of ebXML Core Components Technical Specification 2.01, the UBL Library is based on a conceptual model of information components known as Business Information Entities (BIEs). These components are assembled into specific document models such as Order and Invoice. These document assembly models are then transformed in accordance with UBL Naming and Design Rules into W3C XSD schema syntax. This approach facilitates the creation of UBL-based document types beyond those specified in the version 1.0 release." Special Projects undertaken by members of the UBL Technical Committee in reaching the Committee Draft level include design, development, and QA projects for Business Modeling, XSD Schema Generation, XSD Schema Validation, XSD Rules Review, ASN.1 Generation, UML Generation, UN Layout Key Formatting, CCTS Alignment, and Quality Assurance. The UBL effort has been directed by Jon Bosak (TC Chair) and Mark Crawford (Vice Chair), together with leadership provided in sixteen (16) UBL Subcommittees. The approved UBL v10 Committee Draft is being submitted to OASIS for public review in preparation for OASIS standardization. [Full context]
[April 30, 2004] W3C Publishes Last Call Working Draft for CCXML Version 1.0. The W3C Voice Browser Working Group has issued a last call Working Draft for Voice Browser Call Control: CCXML Version 1.0, incorporating some major changes in the Sections for Session Variables Documentation, Session Life-Cycle Details, Element and attribute name re-factoring, Meta and Metadata Features, Expanded Conferencing Events/Options, <dialogprepare>, Event I/O Updates, and VoiceXML Appendix. The Call Control Extensible Markup Language (CCXML) is designed "to provide telephony call control support for VoiceXML or other dialog systems. CCXML has been designed to complement and integrate with a VoiceXML interpreter. Because of this there are many references to VoiceXML's capabilities and limitations. There are also details on how VoiceXML and CCXML can be integrated. However it should be noted that the two languages are separate and are not required in an implementation of either language. For example CCXML could be integrated with a more traditional Interactive Voice Response (IVR) system and VoiceXML or other dialog systems could be integrated with some other call control systems." According to the WD Introduction, CCXML "can provide a complete telephony service application, comprised of Web server CGI compliant application logic, one or more CCXML documents to declare and perform call control actions, and to control one or more dialog applications that perform user media interactions. Since platforms implementing CCXML may choose to use one of many telephony call control definitions (e.g., JAIN Call Control, ECMA CSTA, S.100), the call control model in CCXML has been designed to be sufficiently abstract so that it can accommodate all major definitions. For relatively simple types of call control, this abstraction is straightforward. The philosophy in this regard has been to 'make simple things simple to do.' Outdial, transfer (redirect), two-party bridging, and many forms of multi-party conferences fall within this classification." [Full context]
[April 29, 2004] OASIS TC Approves Application Vulnerability Description Language (AVDL) Draft. The OASIS Application Vulnerability Description Language TC has approved a Committee Draft of its version 1.0 specification and has submitted it for consideration as an OASIS Standard. The AVDL specification defines "a standard XML format that allows entities (such as applications, organizations, or institutes) to communicate information regarding web application vulnerabilities. The OASIS AVDL Technical Committee was formed to create an XML definition for exchanging information about the security vulnerabilities of applications exposed to networks. For example, the owners of an application use an assessment tool to determine if their application is vulnerable to various types of malicious attacks. The assessment tool records and catalogues detected vulnerabilities in an XML file in AVDL format. An application security gateway then uses the AVDL information to recommend the optimal attack prevention policy for the protected application. In addition, a remediation product uses the same AVDL file to suggest the best course of action for correcting the security issues. Finally a reporting tool uses the AVDL file to correlate event logs with areas of known vulnerability." According to a declaration presented by the AVDL TC Chairs, some features of the AVDL specification design were inspired by Mitre's Open Vulnerability Assessment Language (OVAL), which uses the Common Vulnerabilities and Exposures (CVE) database. Related technical work is being done within the OASIS Web Application Security TC based upon Application Security Attack Components (ASAC) and VulnXML, developed by the Open Web Application Security Project (OWASP). Application Vulnerability Description Language version 1.0 Committee Draft will be balloted to the OASIS membership during the period May 16-31, 2004. [Full context]
[April 28, 2004] Delivering Classics Resources with TEI-XML, Open Source, and Creative Commons Licenses. The Center for Hellenic Studies of Harvard University has adopted an innovative technological program for free online publication of books, articles, and databases designed to make resources in the classics more visible and accessible. A second issue of the online Classics@: The Electronic Journal of the Center for Hellenic Studies of Harvard University features articles about "Ancient Mediterranean Cultural Informatics." It is published under the Creative Commons 'Attribution-NonCommercial-ShareAlike' license allowing others to copy, distribute, display, and perform the authored work, and to create derivative works in non-commercial settings. The Harvard CHS publication process is based upon TEI-XML encoding and "uses open source tools to convert proprietary word-processing files to TEI-XML and to publish the result." Consistent with the intellectual mission of the CHS editorial group to expedite online publication and collaborative research, the team is developing a process and tools "that others can adopt or modify to produce online and print books rapidly, beautifully, and accurately." Erik Ray and Benn Salter have assisted the CHS technical team in the development of Perl and XSLT transformation tools to convert word-processor data into TEI-XML format; publication of the materials online involves the use of the open source Apache Cocoon web development framework. Classics@ Issue Two was published directly from source files encoded in TEI-conformant XML, using publication mechanisms available in the CHS TextServer protocol. CHS is also "committed to experimental uses of online publication to complement print publication as well as innovative arrangements with traditional academic publishers in the interest of generalizing its goals to the academic community and of making creative classical scholarship available to the widest possible audience." [Full context]
[April 27, 2004] W3C Publishes Web Services Choreography Description Language (WS-CDL). An initial Public Working Draft of the Web Services Choreography Description Language Version 1.0 has been released by W3C. This document, the first in a series of WS-CDL working drafts, has been produced by members of the W3C Web Services Choreography Working Group as part of the Web Services Activity. The WS-CDL XML-based language "describes peer-to-peer collaborations of Web Services participants by defining, from a global viewpoint, their common and complementary observable behavior, where ordered message exchanges result in accomplishing a common business goal. The Web Services Choreography specification is targeted for composing interoperable peer-to-peer collaborations between any type of Web Service participant regardless of the supporting platform or programming model used by the implementation of the hosting environment." According to the W3C announcement, the Web Services Choreography Description Language is a "necessary complement to end point languages such as BPEL and Java. WS-CDL provides them with the global model they need to ensure that end point behavior — the 'rules of engagement' — is consistent across cooperating services. Business transactions, especially those envisioned by Web services, grow from complex interactions. These interactions can be viewed from a variety of points in the transaction chain, not simply the start or the expected endpoint. Modeling these interactions from a global viewpoint allows software developers to take into account the distributed race conditions (unexpected dependence on the sequence of events) that may exist — in much the same way they exist in non-Web business processes. Choreography provides the set of rules that explains how different components may act together, and in what sequence, giving a flexible systemic view of the process." [Full context]
[April 26, 2004] WS-MessageDelivery Specification Integrates with WSDL Message Exchange Patterns. W3C has acknowledged receipt of a WS-MessageDelivery Version 1.0 specification which defines an abstract set of message delivery properties enabling message delivery for Web services that utilize Message Exchange Patterns associated with WSDL documents. The W3C Member Submission has been prepared by Oracle, Arjuna, Cyclone Commerce, Enigmatec, IONA, Nokia, SeeBeyond, and Sun Microsystems. According to the W3C staff comment, the WS-MessageDelivery proposal is similar to the WS-Addressing proposal from BEA, IBM, and Microsoft: "while addressing the same scope as the WS-Addressing document, WS-MessageDelivery is more fully integrated with WSDL, by defining its relations with the WSDL Message Exchange Patterns or by introducing a WSMD description for WSDL. It also follows the current work of the W3C Web Services Description Working Group, and the service references introduced in WSDL 2.0. WS-Addressing, while relying on the WSDL concepts, does not use the WSDL service element as a service reference. WS-MessageDelivery relies on the implicit open content model of WSDL for extensions, while WS-Addressing uses an explicit 'reference properties' extension mechanism." The WS-MessageDelivery Version 1.0 specification abstract summarizes: "[This] specification defines a mechanism to reference Web services (WSRef), essential abstract message delivery properties (AMDP), a SOAP binding for those properties, and the relationship of those properties to WSDL definitions and message exchange patterns. These properties enable SOAP messages to be transport independent — extending messaging capability to use separate transport protocol sessions or even using different transport protocols within the context of a message exchange pattern (MEP). Message delivery details are surfaced to the application layer, extending SOAP processors to use a wider range of message patterns and transport protocols to accomplish a Web service interaction. The abstract message delivery properties include web service references, message identification and message references. This specification outlines in detail how to build message exchange patterns consistent with WSDL 1.1 or WSDL 2.0 using the definitions in the specification. The semantics and mapping for the Callback Pattern, a commonly used message exchange pattern as a composite pattern, is defined. The Web service References (WSRef), Abstract Message Delivery Properties and a SOAP binding are designed for interoperability and extensibility." The submission request provides royalty-free license terms from the eight sponsor companies for use of the WS-MessageDelivery technology. [Full context]
[April 23, 2004] W3C Director Tim Berners-Lee Awarded Millennium Technology Prize. An announcement from the Finnish Technology Award Foundation describes the selection of Tim Berners-Lee by unanimous vote of the International Award Selection Committee as recipient of the first Millennium Technology Prize. A graduate of Oxford University, England, Tim Berners-Lee "holds the 3Com Founders chair at the Laboratory for Computer Science and Artificial Intelligence Lab (CSAIL) at the Massachusetts Institute of Technology (MIT). He directs the World Wide Web Consortium, an open forum of companies and organizations with the mission to lead the Web to its full potential." The Finnish Millennium Technology Prize is awarded every other year for innovation based on scientific research in any of four disciplines: Health Care and Life Sciences, Communications and Information, New Materials and Processes, and Energy and the Environment. It is a technology award granted "for outstanding technological achievements that directly promote people's quality of life, are based on humane values, and encourage sustainable economic development." Berners-Lee was selected for the Millennium Technology Prize 2004 from a group of 78 nominees representing twenty-two countries and four continents. The Award Ceremony will be held on June 15, 2004 at Finlandia Hall in Helsinki, Finland. Ms Tarja Halonen, President of the Republic of Finland and Patron of the Millennium Technology Prize, has been invited to present the Prize, which carries a value of one million euros. [Full context]
[April 23, 2004] OASIS Members Form New CGM Open WebCGM Technical Committee. A new CGM Open WebCGM Technical Committee has been formed at OASIS to accelerate the further adoption, application, and implementation of the Computer Graphics Metafile (CGM). CGM is an "international standard for open interchange of structured graphical objects and their associated attributes. The WebCGM Profile of CGM was developed by CGM Open and is a current recommendation of the W3C. WebCGM is focused on presenting dynamic technical graphics in the web environment." New work for the OASIS TC, according to the scope statement, includes possible releases of new versions of WebCGM, WebCGM DOM development, Web-based CGM interoperability reporting and tracking system, alignment of WebCGM functionality with ATA and other graphics profile requirements, definition of semantics of XML companion data associated with WebCGM, and production of an XML encoding of WebCGM. The group may identify additional interoperability topics in response to the evolution of world markets, target application sectors, and CGM/WebCGM implementations. It will develop an education program for users and implementers of CGM and WebCGM technology as needed. The CGM Open WebCGM TC Convenor and Proposed Chair are Dave Cruikshank (Boeing). The first meeting of the TC will be held May 24-27, 2004 as a F2F meeting in Cologne, Germany, hosted by ITEDO. [Full context]
[April 21, 2004] Unicode Consortium Hosts the Common Locale Data Repository (CLDR) Project. An announcement from the Unicode Consortium describes new sponsorship for the CLDR Project and its Locale Data Markup Language (LDML), designed to facilitate standardized methods for software globalization. The project is now organized under the Unicode Locale Technical Committee (LTC). The Common Locale Data Repository (CLDR) "provides a general XML format for the exchange of locale information for use in application and system software development, combined with a public repository for a common set of locale data generated in that format." A locale, as described in the Draft Unicode Technical Standard, is "an id that refers to a set of user preferences that tend to be shared across significant swathes of the world. Traditionally, the data associated with this id provides support for formatting and parsing of dates, times, numbers, and currencies; for measurement units, for sort-order (collation), plus translated names for timezones, languages, countries, and scripts. They can also include text boundaries (character, word, line, and sentence), text transformations (including transliterations), and support for other services." An LDML specification has been produced by the Free Standards Group's LADE Workgroup, with support from workgroup founding members IBM, Sun and OpenOffice.org; the project was chartered "to devise a general XML format for the exchange of linguistically and culturally sensitive (locale) information for use in application and system development, and to gather, store, and make available data. With LDML, for example, collation rules can be exchanged, allowing two implementations to exchange a specification of collation. Using the same specification, two different implementations will achieve the same results in comparing strings." [Full context]
[April 20, 2004] Technology Companies Form Enterprise Grid Alliance (EGA) Consortium. Twenty-some leading technology companies have launched a new Enterprise Grid Alliance (EGA) consortium to develop enterprise grid solutions and accelerate the deployment of grid computing in enterprises. The EGA consortium has been formed to "encourage and accelerate movement to an open grid environment through interoperability solutions. It will work on grid computing specifications by endorsing and supporting existing specifications, assembling and profiling component specifications, and defining new specifications where needed." When specifications needed in enterprise grids are not available, EGA will create new specifications within the EGA consortium or by initiating efforts in other specification forums. EGA working groups have been proposed to address: (1) Reference model; (2) Component provisioning; (3) Data provisioning; (4) Utility accountingl (5) Grid security. Companies having representatives on the EGA Board of Directors include EMC, Fujitsu-Siemens, HP, Intel, NEC, Network Appliance, Oracle, and Sun. Initial Sponsor members of EGA include AMD, Ascential Software, Optena, and Paremus; they are joined by other companies as founding participants in Contributor and Associate member categories. Technology submitted to EGA and produced within its working groups is intended to me made available royalty-free: "EGA believes in the open disclosure of intellectual property interests and a commitment to royalty-free licensing of essential patents associated with foundational grid technology specifications. As part of their membership obligations, EGA members preparing specifications, test cases or reference implementations agree to license their essential patents under royalty free, reasonable and non-discriminatory terms." EGA intends to liaise with other consortia and SDOs, creating MOUs and harmonizing IPR norms; it will seek to work with organizations like DMTF, GGF, OSDL, SNIA, and others (W3C, OASIS). The EGA consortium is "an open, independent and vendor-neutral community addressing the near-term requirements for deploying commercial applications in a grid environment. Initial focus areas include reference models, provisioning, security and accounting. The Alliance will address obstacles that organizations face using enterprise grids, by looking at best practices and solutions that are open and interoperable. By focusing exclusively on the needs of enterprise users, the EGA will enable businesses to realize the many benefits of grid computing such as faster response to changing business needs, better utilization and service level performance and lower IT operating costs." [Full context]
[April 16, 2004] Java System Application Server Platform Edition 8 Supports Web Services Standards. Sun Microsystems has announced the general availability of its small-footprint Java System Application Server Platform Edition 8, designed for developer productivity with tools to help deploy applications quickly. It is completely free of license fees for development, deployment, and redistribution, "making it suitable for broad adoption and embedding in third-party systems and applications. The platform is the first commercially available version of the Java 2 Platform, Enterprise Edition (J2EE) 1.4 specification, featuring rigorous J2EE standard compliance and Web services interoperability through support of the WS-I Basic Profile. It offers a complete Web services infrastructure, including the Java API for XML Messaging (JAXM), Java API for XML Processing (JAXP), Java API for XML Registries (JAXR), Java API for XML-based RPC (JAX-RPC), SOAP and WSDL. Its high-performance Java Message Service (JMS) provider delivere enterprise-class application services and Web services. The new J2EE Connector Architecture version 1.5 featuring bi-directional connectivity for access to enterprise applications supports standardized J2EE deployment APIs, making it easier to deploy to the application server using industry-standard Java technology IDEs such as NetBeans. Java System Application Server Platform Edition 8 supports the new JavaServer Faces 1.0 APIs for building powerful GUIs for J2EE technology-based applications. It also supports the JavaServer Pages (JSP) Standard Tag Library (JSTL), which encapsulates core functionality common to applications that use JSP pages." A migration tool is available for migrating J2EE applications that were developed on other J2EE application servers. An updated version of the popular J2EE 1.4 SDK, free for both development and deployment, is also available for download. [Full context]
[April 15, 2004] Microsoft Releases Royalty-Free XML Reference Schema for Office Visio 2003. Microsoft has announced incorporation of the DataDiagramML XML Schema used by Microsoft Office Visio 2003 into the Microsoft Open and Royalty-Free Office 2003 XML reference schema program, announced in November 2003. Visio 2003 is a drawing and diagramming solution that helps users transform business and technical concepts into visual diagrams, automatically creating database diagrams, UML software diagrams, Web maps, timelines, calendars, organizational charts, and related types using data within other tools. Because the DatadiagramML XML Schema defines a text-based format, the user "can take advantage of all the text-based tools available for document management, including text utilities for archiving, differencing, searching, indexing, or versioning. One can create a multifile utility to search all the text in a DatadiagramML documents without running Visio; index files and search on more than just document properties; post DatadiagramML files on the Web to easily share data; and retrieve data embedded in the documents and run offline data processing and data analyzing applications." Microsoft has provided documentation for use of the DataDiagramML schema, together with a royalty-free license, so that "customers and partners can take advantage of the XML schema in its diagramming and data visualization tool. The availability of the Visio schema builds on Microsoft's commitment to XML by providing a complete and W3C-compliant description of the Visio Extensible Markup Language (XML) file format, enabling organizations to access information captured in their Visio diagrams and use it with other XML-enabled applications, such as customer relationship management (CRM) and enterprise resource planning (ERP) systems, as part of their business processes." [Full context]
[April 15, 2004] Systinet WASP Server for Java Supports WS-Addressing and WS-ReliableMessaging. Systinet has announced the availability of WASP Server for Java 5.0 Beta, featuring new functionality and standards support. Systinet's WASP Server for Java is a "modular, easy to use, high performance Web services runtime environment for creating, deploying and managing Web services in Java and J2EE applications. WASP implements the latest SOAP, WSDL, UDDI and Java standards such as JAX-RPC, JAXM, and SAAJ. The WASP Server for Java 5.0 Beta provides reliable messaging with WS-ReliableMessaging support, including one-way, synchronous (request/response), and asynchronous messaging. WASP offers message persistence, support for multiple exchange patterns, and API or policy-based configuration. WASP also fully supports the WS-Addressing specification, which defines transport independent addressing and enables the creation of reliable, asynchronous Web services. The WASP administration console has been redesigned and extended to make Web service configuration, management, and testing even easier. New functionality includes an HTML Invocation Console that automatically creates HTML forms from WSDL definitions for testing deployed Web services. WASP now fully integrates with Netegrity SiteMinder so that it can accept security information propogated by Netegrity using a wide range of authentication credentials." [Full context]
[April 13, 2004] W3C Working Draft Proposes Universal Markup Mechanism for Identifers. An initial public working draft for xml:id Version 1.0 has been released by the W3C XML Core Working Group. The proposal provides a mechanism for annotating markup elements with unique identifiers. It 'unreserves' the attribute xml:id which otherwise cannot be declared for use in a well-formed XML document. The draft specification proposes xml:id "as a universal spelling for ID attributes, and defines processing of this attribute to identify IDs in the absence of validation." The document proposes that a parser would "validate that the ID value matches the allowed lexical form, that the value is unique within the XML document, and that each element has a single unique identifier." The new working draft takes into account the W3C's xml:id Requirements document published in August 2003 and an earlier W3C Technical Architecture Group (TAG) finding, "How should the problem of identifying ID semantics in XML languages be addressed in the absence of a DTD?" The draft TAG finding summarized the problem and sketched a solution space in terms of applying ID semantics universally for XML processors. The xml:id Requirements document framed the problem thus: Since XML 1.0, the ability of processors to identify an XML element by an explicit identifier ('IDness') has depended upon validation: both DTDs and XML Schema have mechanisms to identify the structures containing unique identifiers, but neither XML Schema nor DTDs are required by all processors. A common processor type does not perform validation, nor fetch external resources for the purpose of acertaining whether the document contains unique identifiers." The authors of the xml:id Version 1.0 document note that the Working Draft "does not yet fully address specific interactions between this specification and others. The intent is for this specification to compose smoothly with other specifications, but some specifications, particularly those not based on the XML Information Set, may require errata to realize the full benefits of xml:id. These interactions are a topic of study by the Working Group and will be documented in future Working Drafts." [Full context]
[April 09, 2004] TMAPI 1.0 Alpha Release: Common Topic Map Application Programming Interface. A first major public release of TMAPI has been made available from the project's SourceForge website. TMAPI is a "proposed programming interface for accessing and manipulating data held in a topic map. The TMAPI specification defines a set of core interfaces which must be implemented by a compliant application as well as a set of additional interfaces which may be implemented by a compliant application or which may be built upon the core interfaces." According to the project announcement of April 8, 2004, the goal of TMAPI is "to allow developers to learn and use just one programming API for work with any topic map processing engine — improving code portability and reducing learning curve. TMAPI has been developed in an open process by developers working on topic map processors and topic map applications, and has been placed into the public domain; there are no restrictions on its use." Motivation for the TMAPI development effort is provided on the project home page: "[Though] commercial and non-commercial topic map processing applications are available, each of these applications has a different programming interface, reflecting the slightly different ideas that each developer has had about the best way to represent the information in a topic map. For an application developer, this leads to non-portable code; the need to learn a new API for every topic map implementation he or she uses and the lack of a community of supporting developers. TMAPI hopes to do for topic maps what SAX and DOM did for XML: provide a single common API which all developers can code to and which means that their applications can be moved from one underlying platform to another with minimum fuss." [Full context]
[April 08, 2004] OASIS Web Services Security Specification Approved as an OASIS Standard. On April 6, 2004 the co-chairs of the OASIS Web Services Security (WSS) Technical Committee announced the TC's unanimous decision to request that the WSS TC's Web Services Security specification, as successfully balloted to the OASIS membership, be advanced to OASIS Standard status. The Web Services Security specification set includes: Web Services Security: SOAP M


SEARCH \| ABOUT \| INDEX \| NEWS \| CORE STANDARDS \| TECHNOLOGY REPORTS \| EVENTS \| LIBRARY