The Cover PagesThe OASIS Cover Pages: The Online Resource for Markup Language Technologies
SEARCH | ABOUT | INDEX | NEWS | CORE STANDARDS | TECHNOLOGY REPORTS | EVENTS | LIBRARY
SEARCH
Advanced Search
ABOUT
Site Map
CP RSS Channel
Contact Us
Sponsoring CP
About Our Sponsors
NEWS
Cover Stories
Articles & Papers
Press Releases
CORE STANDARDS
XML
SGML
Schemas
XSL/XSLT/XPath
XLink
XML Query
CSS
SVG
TECHNOLOGY REPORTS
XML Applications
General Apps
Government Apps
Academic Apps
EVENTS
LIBRARY
Introductions
FAQs
Bibliography
Technology and Society
Semantics
Tech Topics
Software
Related Standards
Historic
Last modified: July 30, 2002
XML Articles and Papers July 2002

XML General Articles and Papers: Surveys, Overviews, Presentations, Introductions, Announcements

Other collections with references to general and technical publications on XML:

July 2002

  • [July 31, 2002] "VoiceXML Making Web Heard In Call Centers." By Ann Bednarz and Phil Hochmuth. In Network World (July 29, 2002). "Aspect Communications this week will announce call center software that essentially will enable users to navigate Web content via voice commands. The Aspect news comes on the heels of Avaya's announcement last week of interactive voice response (IVR) software that will make data contained in corporate directories and databases available to callers via spoken commands. At the heart of both efforts is support for the latest release of VoiceXML (VXML), Version 2.0. An extension to the XML document formatting standard, VXML streamlines development of voice-driven applications for retrieving Web content. While using voice commands to retrieve information is a routine IVR task, emerging tools support more complex, speech-driven activities, such as filling out forms or retrieving product information, all in a standards compliant rather than proprietary environment. In Aspect's case, customers will be able to use the same databases, application servers and business rules to process voice self-service interactions as they do to process Web self-service transactions. The firm is building the voice-activated service features into its existing software suite, Aspect IP Contact Suite. Avaya is adding VXML capabilities to Version 9.0 of its Avaya IVR server. Previous versions offered speech-recognition features, but 9.0 is the first to embed VXML support. Adoption of standards such as VXML is just one contributor to an overall trend to increase the sophistication of IVR products, making them less dependent on menus that bury information several layers deep and better able to handle queries phrased in natural language, says Martin Prunty, president of consulting firm Contact Center Professionals..." See details in the announcements from Aspect Communications and Avaya. On VXML, see "VoiceXML Forum."

  • [July 31, 2002] "Briefing Book: Inside UDDI." By Richard Karpinski. In InternetWeek (July 31, 2002). "The original vision for the [UDDI] registry and services discovery specification was of automating global e-business by letting companies register themselves, their products and their Web services in a central directory. Trading partners and customers then would dynamically "discover" that information and cut e-business deals on the fly. The big, replicated, public registry services to drive this vision are up and running today. E-commerce may be frictionless, but it's not that frictionless. And so those public registries go mainly unused, a compelling proof of concept on the one hand but a testament to an overambitious vision on the other. That said, UDDI has emerged as a key piece of the Web services software stack, sitting about the core elements such as XML Schemas, SOAP for remote procedural calls and WSDL for defining service interfaces. Tool vendors like Microsoft, Sun, IBM, BEA Systems and others are building the ability to publish and find UDDI-registered Web services into their development tools. They've also begun shipping behind-the-firewall UDDI servers. Developers can use -- and benefit from -- these techniques today. As for the ultimate vision of UDDI, its backers remain hopeful. As for us, we'll see. Better to get started with what UDDI is good at today and worry about the grand e-business prospects later. If it's compelling enough, that day will come... Among the 'Top Features' of the UDDI Briefing Book reference list: "Step By Step: Getting Started With UDDI." References: "Universal Description, Discovery, and Integration (UDDI)."

  • [July 31, 2002] "SIL Three-letter Codes for Identifying Languages: Migrating from in-house standard to community standard." By Gary F. Simons (SIL International). ISO Reference: ISO/TC 37/SC 2/WG 1 N 94. [A paper presented at the International Workshop on Resources and Tools in Field Linguistics, LREC 2002 (26-27 May 2002, Las Palmas, Canary Islands).] "The International Organization for Standardization has published a standard for three-letter codes to identify languages (ISO 1998). Known as ISO 639-2, it provides codes for fewer than 400 languages. Thus language documentation efforts (such as ISLE, E-MELD, OLAC, and Rosetta Project) that embrace endangered languages have had to look elsewhere for language identifiers. They have turned to the most widely known and accessed reference work on language identification, the Ethnologue, now in its 14th edition. With listings for over 7,000 languages, the Ethnologue seeks to give a comprehensive accounting of all known living and recently extinct languages in the world. Other languages, such as ancient and constructed languages, are specifically outside the scope of the Ethnologue; SIL International is pleased to cooperate with the Linguist List initiative to develop standardized codes for these languages that fall outside the scope of the Ethnologue... A foundational aspect of documenting an endangered language and preserving that documentation for long-term access is identifying the language itself. The web version of the Ethnologue has become the de facto standard for identifying the more than 6,800 languages spoken in the world today. The system of three-letter codes that uniquely identify each language has been used within SIL for nearly three decades as an in-house standard, but now there is increasing demand for these codes to be used by other organizations and projects. This paper describes four changes that SIL International is implementing in order to make its set of language identification codes better meet the needs of the wider community. The changes seek to strike a balance between becoming more open while at the same time becoming more disciplined..." See: "Language Identifiers in the Markup Context." [cache]

  • [July 31, 2002] "OASIS Steps Up Web-Services Work." By [Seybold Staff]. In The Bulletin: Seybold News and Views On Electronic Publishing Volume 7, Number 44 (July 31, 2002). "OASIS, the vendor-dominated consortium that focuses on XML-related standards, has undertaken several new efforts related to XML-based Web services. First, OASIS will serve as the steward for the Universal Description, Discovery and Integration (UDDI) specification, which identifies how to catalog Web services so that they can be found online by other software programs... Second, the OASIS standards consortium recently organized a new technical committee to improve the Web-Services Security specification, which was originally published by IBM, Microsoft and Verisign. Representatives from IBM and Microsoft are co-chairs of the committee, but some two-dozen other vendors plan to participate-including Sun Microsystems, which had previously balked at joining the effort... For those who like to get their information firsthand, a forum on Web-services security sponsored by the W3C and OASIS will be held August 26 in Boston at the start of the XML-Web Services One Conference and Expo... If these standards efforts can prove to be more than vendor public-relations efforts, they will be very worthwhile. On the UDDI front, the specification is mature, but the world needs a neutral, trusted party to run the directory. On the security front, the WS-Security effort should be coordinated with the SAML and XACML efforts already well under way at OASIS, rather than duplicating the work in authentication and policy frameworks. Now that all three of the security committees are under the auspices of one consortium, we hope a unified set of security standards for Web services will emerge..." See in depth from Seybold "Web Services Start to Appreciate Security," by Hans Hartman, in Seybold Report: Analyzing Publishing Technology [ISSN: 1533-9211] Volume 2, Number 5 (June 3, 2002), pages 11-16. References: (1) "Web Services Security Specification (WS-Security)"; (2) "OASIS to Host UDDI Project Technical Work"; (3) "W3C/OASIS Forum on Security Standards for Web Services."

  • [July 30, 2002] "Adventures in High-Performance XML Persistence, Part 1. A High-Performance TCL-scripted XSLT Engine." By Cameron Laird (Vice president, Phaseit, Inc.). From IBM developerWorks, XML Zone. July 2002. ['XML storage is too sprawling a topic to offer easy answers. There's no one fastest XML database, nor fastest XML processing language. Still, it's helpful to understand the basic concepts of XML persistence so you can apply them to your specific situation. This article begins a new developerWorks series on high-performance XML by offering an explanation of common industry practices in XML persistence -- that is, storage of data beyond the lifetime of a single process.'] "You're responsible for large, mission-critical XML programs. You have dozens, or maybe thousands, of simultaneous users. Your XML pilot programs have gone well, and you've deployed more and more features. Your systems are in constant use, and response time is starting to stall. You start to wonder, 'What does it take to maximize XML performance?' The answer: You don't want to maximize your XML performance. You need to meet engineering requirements. Perhaps you need to manage scalability, or boost the responsiveness of specific applications. Don't hunt for the fastest XML storage. In that direction lie $700 hammers and the other symptoms of counter-productive obsession. Instead, learn to apply the basic concepts of XML so you can engineer the persistence needed for your own situation... The first principle of designing XML persistence is that any solution must make for a comfortable organizational fit. If your company requires use of Java technology, and a particular XML database has a poor Java binding, don't choose it. No matter how high its performance on standard benchmarks, it's likely that your co-workers will not make good use of it. Working with an unfamiliar technology will annoy them, and they're unlikely to achieve favorable results. On the other hand, suppose you work in an environment that provides a great deal of support for a database such as DB2. However well or poorly your XML content fits the DB2 persistence model, you should seriously consider DB2 storage. Sufficiently enthusiastic, well-equipped, and motivated expertise is likely to overcome modest mismatches on the technical level, as this article will show you. The principal categories of XML persistence center on these technologies: (1) Native file system, (2) Relational database management systems (RDBMS), (3) Special-purpose XML database managers, (4) Other data managers. The easiest XML storage is native: Keep XML document instances as named files in a file system. This is the most transparent and flexible persistence method, and should be your default starting point for new designs. ... No one XML persistence method is right for all scales of problem. Start with familiar technologies for your needs to store XML data. Make a clear distinction between policy requirements for transacting or storing data formatted as XML, and application-specific design requirements for data security and performance. Choose persistence methods compatible with the technologies your organization uses..." See: "XML and Databases."

  • [July 30, 2002] "Implementing the ebXML Registry/Repository. The Role of the ebXML RegRep (Registry/Repository) in an E-Business Framework." By Chaemee Kim. In XML Journal Volume 3, Issue 7 (July 2002). ['Chaemee Kim is a solution manager for KTNET, an electronic trade service provider.'] "The ebXML initiative has defined a RegRep (Registry/Repository) as providing a shared space for one or more B2B communities. With an ebXML RegRep, companies can submit, update, deprecate, or otherwise manage the parameters required to conduct electronic business. The RegRep also defines standardized APIs to access or otherwise share these parameters across trading communities. You may have heard about the benefits of a B2B business model, a concept that grew out of the electronic trading communities that were defined using EDI (via the X12 and EDIFACT standards). While B2B grew out of the traditional EDI space, many implementation requirements are missing or poorly understood. What are these missing elements? The traditional B2B business model (again, based on the EDI model) assumes that trading partners have advance knowledge of each other's e-business environments, trading protocols, and procedures. The "discovery" phase is traditionally done offline via a manual process (phone calls, legal contracts, etc.). This approach limits companies to conducting business with a relatively small community of well-known trading partners. A well-defined discovery process would enable most companies to significantly expand the size of their trading communities. The current B2B model, however, doesn't support such a process, forcing trading partner configuration to be accomplished offline. The ebXML RegRep is designed to close some of the gaps in traditional B2B business models, as B2B alone isn't enough to establish true collaborative commerce. B2B with an ebXML RegRep provides a more advanced B2B model that we call Business-RegRep-Business, or BRB. ebXML RegRep enables trade parameters to be shared among business peers, and helps to build more dynamic B2B environments based on the discovery and execution of trade agreements with ebXML-enabled trading partners... What distinguishes ebXML RegRep from UDDI in Web services? This is one of the questions most frequently asked by companies interested in both ebXML and Web services. ebXML RegRep and UDDI repository each have a different scope and purpose. An ebXML RegRep, which is more likely to be focused on content management, was designed to store and manage a wide range of electronic trading parameters. UDDI on the other hand was designed to manage the metadata associated with a Web service. In short, ebXML RegRep is the registry for B2B, while UDDI is the registry for Web services. From a UDDI perspective, the UDDI initiative can provide a loosely coupled connection model with an ebXML RegRep. An ebXML RegRep's registry service specification can be published as a SOAP interface, enabling a traditional Web service that describes how to access the ebXML RegRep using a SOAP client. From an ebXML RegRep perspective, the RegRep can include a Web services registry within an ebXML Registry Information Model (RIM). A Web services registry is realized in RIM version 2.0. The ebXML RegRep Technical Committee expanded its RIM to categorize Web services as RegRep-compatible metadata. The ebXML RegRep treats Web services as a set of metadata that B2B community members want to share with their trading partners. It is designed to support a wide variety of objects and metadata, while UDDI focuses exclusively on Web services..." See: "Electronic Business XML Initiative (ebXML)." [alt URL]

  • [July 29, 2002] XML-Signature XPath Filter 2.0. By John Boyer (PureEdge Solutions Inc.), Merlin Hughes (Baltimore Technologies Ltd.), and Joseph Reagle (W3C). W3C Candidate Recommendation 18-July-2002. Version URL: http://www.w3.org/TR/2002/CR-xmldsig-filter2-20020718/. Latest version URL: http://www.w3.org/TR/xmldsig-filter2/. The W3C XML-Signature XPath Filter 2.0 was advanced to Candidate Recommendation status on 18-July-2002. Produced by the IETF/W3C XML Signature Working Group, this Candidate Recommendation "defines an alternative to the XPath transform of the XML Signature Recommendation [XML-DSig]. The goal is to: (1) more easily specify XPath transforms and (2) more efficiently process those transforms." From the abstract: "XML Signature recommends a standard means for specifying information content to be digitally signed and for representing the resulting digital signatures in XML. Some applications require the ability to specify a subset of a given XML document as the information content to be signed. The XML Signature specification meets this requirement with the XPath transform. However, this transform can be difficult to implement efficiently with existing technologies. This specification defines a new XML Signature transform to facilitate the development of efficient document subsetting implementations that interoperate under similar performance profiles.... The specification incorporates the resolution of all last call issues. The WG considers the specification to be very stable and invites implementation feedback during this period. The specification presently has three interoperable implementations as shown in the Interoperability Report; [the WG will] try to obtain one more, but otherwise will advance after the Candidate Recommendation period after three weeks (closing 08-August-2002)." See "XML Digital Signature (Signed XML - IETF/W3C)."

  • [July 29, 2002] "Vignette Joins WS-I, Adds Web Services To Content, Commerce Mix." By Richard Karpinski. In InternetWeek (July 29, 2002). "Vignette said Monday it has joined the Web Services Interoperability Organization (WS-I), hoping to lend its expertise in content management and e-commerce to the effort to standardize an approach to emerging XML-based applications. The WS-I organization is large and growing; the group counts more than 125 companies among its members. WS-I is aiming to develop implementation tools, guidelines, best practices, and online resources to help enterprises deploy Web services in the real world... Vignette is increasingly baking Web services support into its V6 content management and commerce platform. The product currently includes support for the XML Schema, Web Services Definition Language (WSDL), Universal Description Discovery and Integration (UDDI), and Simple Object Access Protocol (SOAP) standards. V6 also spans both J2EE and .Net platforms. Vignette said it plans to join the WSBasic Profile working group, which is defining how to use standards like SOAP, WSDL, and UDDI as a foundation for Web services..." See details in the 2002-07-29 announcement "Vignette Joins Web Services Interoperability Organization. Vignette Supports Effort to Establish Greater Compatibility of Web Services Across Technologies and Applications." Other references: "Web Services Interoperability Organization (WS-I)."

  • [July 29, 2002] "Controlled Trade Markup Language (CTML)." Edited by Kathleen Yoshida (FGM Inc.). Working Draft v0.1.0.0. 25-July-2002. CTML Draft Specification v0.1.0.0. 34 pages. Prepared by members of the OASIS Controlled Trade Markup Language (CTML) Technical Committee. ['This specification defines an XML vocabulary for controlled trade activities. This version of the specification is a working draft of the committee, and as such, it is expected to change prior to adoption as an OASIS standard.'] "The purpose of the CTML TC is to develop a unified trade control vocabulary that supports an international collection of business documents (e.g., trade applications, cases, licenses, delivery verification certificates, etc.) through the extension and expansion of an existing XML vocabulary. A goal of our work will be to incorporate the best features of other XML business vocabularies and provide a clearly articulated interface to other mutually supporting specifications. The CTML specification is intended to become an international standard for controlled trade activities, and together with other XML specifications, allow industry, nongovernmental organizations, and governments to unambiguously identify the essential business and legal documents to be exchanged in particular business contexts and geographic locales (i.e., country). Furthermore, the CTML will align its vocabulary and structures with the vocabulary and structures of other OASIS libraries (like Unified Business Language, Business Transactions, and Customer Information Quality) and implement a mechanism for the generation of context-specific schemas for basic business documents and their components through the application of transformation rules to a common XML source library. The specification will be open to everyone without licensing or other fees..." Also available in Word .DOC format. Other references: "Controlled Trade Markup Language (CTML)." [cache]

  • [July 29, 2002] "Building XML Portals with Cocoon." By Carsten Ziegeler and Matthew Langham. From XML.com. July 24, 2002. ['Matthew Langham, along with Cocoon expert Carsten Ziegeler, explain how to build portals using the Apache Cocoon XML framework. Langham and Ziegeler cover the basics of portal functionality, including authentication and embedding components, using the open source portal component they developed for Cocoon.'] "Cocoon is an Apache open source project originally started by Stefano Mazzocchi in 1998 because he was frustrated by the limitations HTML poses when it comes to separating content from design. He described the current Cocoon version in detail in an article for XML.com in February. Although Cocoon was originally designed as a framework for XML-XSL publishing, we felt that due to the extensibility of the architecture, it would be possible to add components that extended Cocoon so that it could be used in a wider variety of applications. Around the same time we decided to use Cocoon, we were also evaluating available commercial portal solutions for several customers. Portals used in a more commercial environment have varied requirements. Therefore it seemed ideal to extend Cocoon with components for authentication and portals -- and at the same time to retain the original strengths of the platform. The new components were originally developed as part of a commercial offering. In the middle of 2001 we installed the first Cocoon-powered portal at a financial institution in Germany. At the beginning of 2002 we then donated the components to the Cocoon project. The donation consisted of components and tools for authentication (originally called 'sunRise') and portals (originally called 'sunSpot'). Each part can be used without the other; the authentication can be used to protect certain resources on the server. In this article we will look at the Cocoon portal and authentication frameworks... The portal and authentication components were donated to the Cocoon project at the beginning of 2002, and they are already being used by several large companies as the base for Intranet based offerings. We are particularly proud of the fact that NASA and large IT companies such as BASF IT Services have seen the advantages of using an open source, XML-based solution to provide a powerful enterprise portal. Because the portal is tightly integrated into the XML publishing platform, it does not break Cocoon concepts and allows the flexibility of XML-XSL publishing to be utilized. The current portal can be thought of as version 1.0 and has been in production use for over a year. The next version of the portal aims to increase the flexibility of the system and to introduce conformance to existing and emerging portal standards..."

  • [July 29, 2002] "XML Data-Binding: Comparing Castor to .NET." By Niel Bornstein. From XML.com. July 24, 2002. ['Niel Bornstein continues his comparative study of XML programming techniques in Java and .NET. As a prelude to next month's comparison of XML to database mappings, Niel compares the way that Java (in the form of Castor) and .NET handle XML data binding.'] "After the second article in this series was published, several readers said that they would like to learn the .NET way to map data from XML to a relational database management system. I'd like to show you that, but first I've got to lay some groundwork. In this article, I will show how .NET XML data binding works, while investigating the equivalent Java functionality. Java and .NET both have excellent support for data binding, and although they work in slightly different ways, each is just as valid and useful as the other. In my next article, I'll complete the exercise by mapping XML files to an RDBMS... The first side of Castor is its interface for binding XML documents to Java objects... (1) Define the mappings from XML to Java, either procedurally or through configuration files, which may themselves may either be W3C XML Schema documents or in Castor's own format; (2) Either generate Marshaller and Unmarshaller classes specific to our data (for best performance) or allow Castor to manage the marshaling and unmarshaling at runtime (for most flexibility). There are many options to customize your Castor project; for the most balanced comparison to .NET, we'll stick to W3C XML Schema and Castor's built-in runtime marshaling. Unlike many of the other Java databinding frameworks, Castor includes excellent W3C XML Schema support... So, what have we learned this time? First, that, given an W3C XML Schema, we can easily create classes that create XML and load existing XML, for both Java and C#. And, given those classes, it's relatively easy to write code that uses them to write portable data files, using XML. The fact that we used the same schema and data files in Java and C# proves once and for all that XML is a true interoperability language. The xsd tool can do some other things, too. It can generate source code in a variety of languages (Visual Basic .NET and JScript.NET, in addition to C#). It can generate a new W3C XML Schema Description for any .NET source file. Finally, it can generate a DataSet subclass, suitable for use in XML-to-RDBMS mapping. And that's where we'll pick up next time, with a comparison of JDO to ADO.NET..." See also Java and XML Data Binding, by Brett McLaughlin.

  • [July 29, 2002] "Look Ma, No Tags." By Kendall Grant Clark. From XML.com. July 24, 2002. ['Kendall Clark's XML-Deviant column this week looks at YAML. Over the last few years XML has spawned several competitors: XML.com covered the SML (Simplified Markup Language) debate in some detail. Recently, another approach to marking up data has appeared in the shape of YAML, and appears to be gaining some software support.'] "YAML -- short for: YAML Ain't Markup Language; rhymes with 'camel' -- popped up on my radar screen last week as a result of an interesting thread on comp.lang.python about the uses and abuses of XML, a conversation which I commend to your attention on its own merits. In rummaging around for a plain, concise description of YAML, I kept stubbing my toe on a felt need to define it by referring to XML in some way. That was a mistake. YAML stands on its own very nicely, even if its most immediate point of contrast is XML. In other words, if there were no XML, there could still be a YAML, but it would have a different public face. If the XML world tends to get divided into data and documents, a distinction which is probably more pedagogically useful than it is necessarily true, YAML corresponds more to the data part of XML than to the document part. As the YAML specification puts it, 'YAML is more closely targeted at messaging and native data structures' than at structured documents. Accordingly, my plain, concise description of YAML is that it's a processing model and a wiki-markup-esque way to represent relatively arbitrary, high-level language data structures... the two leading selling points of YAML over XML are that it's more lightweight, and that it uses native processing models and data structures. The most serious YAML detractions are that it isn't XML, and it isn't nearly as ubiquitous as XML; though YAML is very well supported in Perl, the support in Python, Java, and Ruby is maturing, and there are rumors of a forthcoming libyaml in C, too. It bears repeating that ubiquity of tool support is not an absolute value; it is context-dependent and goal-specific. You may be able to sacrifice it for the sake of using YAML and securing its virtues, depending on what you need to do and where you need to do it... There is a lot to YAML. The specification fits in one HTML document, but it is neither short nor simplistic. For example, if you're interested in YAML but circumstances prevent you from moving away from XML all at once or altogether, you might want to look at YAXML ['XML Binding for YAML'], which is the YAML conceptual model with XML's familiar syntax bolted on..."

  • [July 29, 2002] "OASIS Swallows UDDI.org." By Tom Sullivan. In InfoWorld (July 29, 2002). "Along with a new address, the UDDI specification is undergoing something of a facelift. Standards body OASIS on Tuesday [2002-07-30] will subsume UDDI.org, the consortium driving the UDDI (Universal Description, Discovery, and Integration) technology that forms the foundation of Web services directories. OASIS on Tuesday also will formally introduce the third iteration of UDDI, with a new focus on internal corporate deployments. When it was first introduced, UDDI was hailed as an online global yellow pages that would indiscriminately connect businesses, regardless of infrastructure... in the nearly two years since it was first announced, only a handful of public UDDI-based directories have been born. What's more, those are hosted by Microsoft and IBM -- two of UDDI's three founders -- as well as SAP, and NTT Communications in Japan. Ariba, the third founding member of UDDI, opted not to follow through with its plans to host a public directory... Analysts have been saying nearly since its inception that UDDI would first gain traction inside the firewall and, eventually, as Web services more commonly cross firewalls and span multiple organizations, UDDI would follow suit. 'In the past two years, there has really been a shift in the way we think about UDDI,' said Chris Kurt, UDDI.org program manager and a group product manager for Web services standards at Redmond, Wash.-based Microsoft. 'We're seeing more and more internal adoptions of UDDI.' To that end, UDDI 3 includes several improvements that tune it for internal deployments. Version 3 makes it easier for applications to exchange information in clustered configurations, increases security, improves searching capabilities, and includes a set of APIs that enable notifications and updates to be sent out when changes occur. Kurt said that OASIS, and the UDDI folks within, have not given up on the idea of UDDI for dynamically discovering and connecting Web services to each other. Instead, they have come to believe that the original vision will be realized as consumer Web services emerge..." On UDDI version 3, see the announcement of July 03, 2002: "UDDI Working Group Publishes UDDI Version 3.0 Specification." General references: "Universal Description, Discovery, and Integration (UDDI)."

  • [July 29, 2002] "UDDI Gets Needed Enterprise Upgrade." By Richard Karpinski. In InternetWeek (July 29, 2002). "UDDI, long thought to be one of the main building blocks of Web services, got some much-needed improvements that could help drive its use among enterprise developers. The Universal Description, Discovery and Integration project aims to create a registry in which developers can sign in their Web services and have customers or trading partners discover and consume them. UDDI has gotten off to a slow start. That's at least in part because Web services are still in their infancy, so a registry that tracks them may be a bit premature. It's also because early versions of the UDDI specs were more focused on supporting large, replicated public versions of a UDDI registry. To right that course, the UDDI.org group on Monday published version 3 of the UDDI specs. It also moved its work into the OASIS standards body, a group that is emerging as a key holding place for an array of Web services standards. UDDI v3 includes a variety of new features that should prove appealing to enterprises, said George Zigelow of IBM, head of the operational group that manages the public UDDI registries. For instance, version 3 includes improved security, including support for XML-based digital signatures. That should make it more appealing for companies to publish interfaces to mission-critical Web services. The new spec also makes it easier to find services described using the Web Services Description Language (WSDL)... The public UDDI nodes -- run by IBM, Microsoft, SAP, and soon NTT -- just went to version 2 of UDDI last week. IBM's Zigelow said those registries would begin to implement version 3 within 90 days.." On UDDI version 3, see the announcement of July 03, 2002: "UDDI Working Group Publishes UDDI Version 3.0 Specification." General references: "Universal Description, Discovery, and Integration (UDDI)."

  • [July 29, 2002] "Web Services Specification Gets Makeover." By Wylie Wong. In ZDNet News (July 29, 2002). "A Web services directory effort spawned by Microsoft, IBM and Ariba has been updated before its submission to an industry standards body. The specification, called Universal Description, Discovery and Integration (UDDI), identifies and catalogs Web services so they can be easily found online. A consortium of 220 companies is releasing a third version of the specification on Tuesday and submitting the technology to a standards body known as the Organization for the Advancement of Structured Information Standards (OASIS). Microsoft, IBM and Ariba proposed the directory technology nearly two years ago as sort of a Yahoo for business services. The idea was to build an online database using UDDI that would help companies find Web-based software services that could be used as part of their own business systems. For example, an e-commerce site could use the directory to search for a business that handles credit card transactions. If a match were found, all the elements of the transaction -- even the price and payment -- could be handled electronically. But UDDI-based public Web-services directories created by IBM, Microsoft, SAP and Hewlett-Packard have been slow to catch on. Instead, the specification is beginning to find a home in big companies as a way to build directories for internal Web services projects, allowing the companies to better catalog services and communicate across departments. Recognizing that trend, Microsoft, Sun Microsystems, Oracle, IBM and others have been building private UDDI directory capabilities into their software products... OASIS CEO Patrick Gannon said the standards body had previously built directory technology similar to UDDI as part of its ebXML work. But Gannon said UDDI and ebXML do not compete and can co-exist and work together. 'They solve different problems,' Gannon said. 'We can help jointly promote and position them.' Steve Holbrook, IBM's program director for emerging e-business standards, said UDDI was built for businesses that want to use Web services, while the ebXML registry technology was built for computer-science types, for example, as a place to store XML vocabularies used by various industries. XML (Extensible Markup Language) is a standard for exchanging data. The latest version of UDDI will offer several new features, including improved security and the ability for businesses to receive automatic notifications when UDDI registries are changed or updated, Holbrook said. The biggest improvement, he said, is a technology called 'multi-registry topologies,' which allow businesses using an internal UDDI directory to migrate their directory to a public or industry-specific UDDI directory..." On UDDI version 3, see the announcement of July 03, 2002: "UDDI Working Group Publishes UDDI Version 3.0 Specification." General references: "Universal Description, Discovery, and Integration (UDDI)."

  • [July 29, 2002] "Closing In On 3D Web Standards." By Paul Festa. In CNET News.com (July 23, 2002). "A group pushing for industry standards for 3D on the Web released its final working draft of a key specification, bringing the technology one step closer to international standardization. The Web3D Consortium (W3DC) made its draft of Extensible 3D (X3D) and an accompanying software development kit available for download and solicited comment on the specification. The technology is a descendant, expressed in XML (Extensible Markup Language), of the pioneering but ultimately unsuccessful Virtual Reality Modeling Language (VRML). The consortium plans to submit the specification to the International Organization for Standardization (ISO) in October [2002]. X3D could follow VRML 97 in becoming an ISO standard by 2004. The release of the final X3D draft, designed for entertainment, educational and e-commerce uses, comes as the consortium launches its second major initiative, the more industrially focused Computer Aided Design (CAD) 3D working group..." See also the news item of 2002-07-29: "Web3D Consortium Publishes X3D Final Working Draft."

  • [July 29, 2002] "Introduction to RELAX NG." By Michael Classen. In WebReference.com (July 23, 2002). ['Whether you prefer compact or full size definitions, one recent schema specification has you covered. Michael Classen introduces you to both the short and long forms of RELAX NG syntax.'] "In the last installment we discussed the different approaches to schema definition put forward by the W3C and OASIS. More specifically, we followed the criticism surrounding XML Schema, and looked at some improvements offered in the alternative, RELAX NG. Today we'll explain the basics of RELAX NG by example..." See earlier ""Schema Wars: XML Schema vs. RELAX NG." References: (1) "RELAX NG"; (2) "XML Schemas."

  • [July 27, 2002] "Data Modeling using XML Schemas." By Murali Mani (Computer Science Dept, UCLA). Presentation to be given Wednesday, August 7, 2002 as a Nocturne at the Extreme Markup Languages Conference 2002. "XML appears to have the potential to make significant impact on database applications, and XML is already being used in several database applications. One of the main reasons for this is the 'superiority' of XML schemas for data modeling - recursion and union types are easily specified using XML schemas. In order to do data modeling effectively, we should be study it systematically. A data model has three constituents to it - structural specification, constraint specification, and operators for manipulating and retrieving the data. Regular tree grammar theory has established itself as the basis for structural specification for XML schemas. Constraint specification is still being studied, and we have approaches such as 'path-based constraint specification' and 'type-based constraint specification', with strong indications of type-based constraint specification as a very suitable candidate. Operators are available as part of XPath, XSLT, XQuery etc. In this talk, we would like to mention about the two ways of specifying contraints - path-based and type-based. Then we would like to describe how we can specify entities and relationships using regular tree grammar theory, and with type-based constraint specification. Furthermore, we would like to talk about an issue which is attracting attention of late -- subtyping required for XML processing. There are two techniques for subtyping in XML Schemas -- explicit as in W3C XML Schema or implicit as in XDuce. The main results here are: (a) The two subtyping schemes are incompatible with each other, and (b) There are open and interesting issues in doing implicit subtyping..." Extreme 2002 Conference will be held August 4 - 9, 2002 in Montréal. For general references on XML schema languages, see "XML Schemas."

  • [July 26, 2002] "UDDI.org To Become OASIS Member." By Elizabeth Montalbano. In Computer Reseller News (CRN) (July 26, 2002). "UDDI.org will become a member of the OASIS technology standards consortium next week, officials for both organizations confirmed Friday. Officials said OASIS will publish the third version of the UDDI specification next week and that all further developments of the specifications will fall under OASIS's jurisdiction. Currently, Microsoft, IBM and Hewlett-Packard offer UDDI registries, and SAP and NTT Docomo have registries in development. It has not yet been decided whether the registries also will fall under OASIS control, said Chris Kurt, program manager for UDDI.org and a Microsoft official. Kurt said that OASIS taking the reins of the UDDI technology should give the industry assurance that UDDI is here to stay... The next step for UDDI 3.0 will be for OASIS members to form a technical committee charter around the technology, said Patrick Gannon, CEO and president of OASIS. Once that is passed, the first committee meeting will happen within 45 days, he said. Another Web services standard in OASIS, ebXML, also features a standard registry for Web services. Gannon said UDDI's inclusion in OASIS will not affect that work... UDDI.org was first launched as a joint initiative by Microsoft, IBM and Ariba in September 2000 to provide a standard way to identify trading partners' Web services. The group recently submitted its third version for review. Since UDDI's inception, a wide array of companies, among them Microsoft, IBM, Sun Microsystems and BEA Systems, have built and sold products that support UDDI. It is one of several XML-based standards for Web services, including WSDL and SOAP, that solution providers say will be key for the broad adoption of Web services in the industry..." See: "Universal Description, Discovery, and Integration (UDDI)."

  • [July 26, 2002] "UDDI V.3 Coming Soon (To a Web Service Near You)." By [ComputerWire Staff]. In The Register (July 26, 2002). "... UDDI has been adopted by the Organization for the Advancement of Structured Information Standards (OASIS) for ratification as an independent standard. That announcement will also be made Tuesday [2002-07-30]. Backing from OASIS should ensure broader industry input into future versions of UDDI and potentially encourage broader up-take. UDDI has been the mandate of UDDI.org, whose members include American Express, BEA Systems Inc, Boeing, Cisco Systems Inc, Ford Motor Company and Fujitsu. UDDI was launched by Microsoft, IBM and Ariba Inc to describe and register businesses using XML, in an online database. Since its launch in September 2000 - the apex of the b2b, b2c and online market places boom - UDDI has seen mixed fortunes... This week public UDDI Business Registries from IBM, Microsoft and SAP AG adopted UDDI 2.0. NTT Communications is expected to launch its own registry this fall. Doubts remain, though. Hewlett-Packard Co signed an agreement to operate a registry, but that registry's future is in doubt after HP pulled out of Java middleware and web services. HP failed to return Computerwire calls for comment. Meanwhile, some early adopters are bypassing UDDI entirely. Deloitte Consulting principal and e-business chief technology officer Michael DeBellis reports early adopters are hard-coding together web services, by-passing UDDI and defeating the vision. UDDI faces an additional threat from Lightweight Directory Access Protocol (LDAP). Anecdotal evidence says some early adopters are putting web services data into directories based on LDAP, a well-established directory technology, instead of UDDI. Observers feel UDDI is in danger of being sidelined by events. 'We are seeing very few public UDDI registries. Where it is being used is behind the firewall,' DeBellis said. UDDI.org's answer is UDDI 3.0. The specification improves interoperability and replication between registries behind those firewalls. Siva Darivemula, strategic initiatives marketing manager for IBM's WebSphere marketing, said 3.0 is richer and contains more detailed descriptions than previous specifications..." See "UDDI Working Group Publishes UDDI Version 3.0 Specification" and the reference document "Universal Description, Discovery, and Integration (UDDI)."

  • [July 26, 2002] "The Evolution of UDDI." By The Stencil Group, Inc. UDDI.org White Paper. July 19, 2002. 15 pages. "Although many aspects throughout the UDDI specification have matured in the version 3.0 release, the chief architectural change is the concept of 'registry interaction.' This shift reflects the increasing recognition that UDDI is one element of a larger set of web services technologies that support the design and operations of myriad software applications within and among business organizations. In short, just as each enterprise application embodies the specific characteristics of the business process it supports, so should the enabling technologies like UDDI support a variety of infrastructural permutations. For UDDI, this business requirement dictated an increased emphasis on providing a means to define the relationships among a variety of UDDI registries, not simply access to one, public registry of business services, the UBR. Although the UDDI specification included from the start concepts like replication and distribution among server peers, earlier definitions of the standard did not fully address the nuts-and-bolts required for the more sophisticated, hierarchical model now dictated... The Version 3 specification addresses several features that support an emphasis on registry interaction. While relatively little of the existing features have changed, a handful of key functional concepts have been added or expanded to accommodate the variety of new taxonomies. Some of the most important issues addressed in the Version 3 specification include: (1) Registration key generation and management; (2) Registration subscription API set; (3) XML digital signatures... Most elements of a registry record optionally may be signed using the DSIG specification maintained by the W3C. Thus, while the specification does not define specific policies around security and authorization, it does provide the means for specific implementations to provide for these needs. The primary benefit of digital signatures is to ensure that data has not been altered since it was signed and published, that ownership of a particular registry entity can be validated, and confidence that data transferred among registries can be assured..." See "UDDI Working Group Publishes UDDI Version 3.0 Specification" and the reference document "Universal Description, Discovery, and Integration (UDDI)." [cache]

  • [July 26, 2002] "XML No Magic Bullet." By Dave Kearns. In Network World (July 24, 2002). "If there's one thing attendees should have taken away from last week's Catalyst conference, it's the notion that XML is not the magic bullet for identity management, Web services or any other technology initiative. Burton Group CEO Jamie Lewis tried to emphasize this point is his closing remarks, and I hope everyone was listening when he said, 'Products that support XML won't interoperate automagically.' XML is, at its base, a listing of ordered pairs. One of each pair is a descriptor or identifier, while the second element is a value. The identifiers are defined in the syntax, and there's an infinitely extensible list of them available to the person coding the application... Long ago I was involved with instituting Electronic Data Interchange (EDI) in my company... EDI was not an extensible language the way XML is. Each ordered pair, each new document had to be approved by the governing standards body, and this was only done after long deliberation to remove any ambiguity from the definition. The deliberation was also needed to determine which elements were required to be used in the document and which were optional...before two enterprises (called 'trading partners') could begin to exchange EDI documents, such as a purchase order, a document called a Trading Partner Agreement (TPA) had to be drawn up. In it, each side specified the documents and versions they would use, as well as which of the optional elements. But even further, each party would specify in excruciating detail exactly what sort of values would show up in each ordered pair - even though the standard supposedly defined them. Negotiating the TPA could easily take many months because the lawyers had to get involved to determine what would happen in each instance that the rules laid out in the TPA weren't followed... XML was supposed to free us from all of that negotiation. Instead, though, it requires a whole new layer of negotiation as documents are constructed in an ad hoc manner between trading partners..."

  • [July 24, 2002] "Networking With Coworkers. Turn your office phone network into an application platform with VoIP and XML." By Veronika Megler (Consulting IT Architect, IBM eServer pSeries Solutions Development). From IBM developerWorks, Wireless. July 2002. ['Wireless developers have long been using XML-derived technologies to build applications for handheld devices with limited interface and storage capabilities. In this article, Veronika Megler shows you a new arena for those skills: the office telephone handset. With improvements in Voice over IP (VoIP) technologies, many enterprises will soon be using the phone that sits on an employee's desk as an application platform. Here, you'll walk through an example and see how you can use XML to build simple and useful small-footprint applications.'] " The Cisco 7940 and 7960 IP phones include a minimal XML browser. This browser understands a subset of the HTTP protocol and a very small number of predefined XML tags. These tags can, with a little ingenuity, be used to build new applications or new interfaces to existing applications. The phones user can interact with the display using the phone keypad and the additional buttons provided. Here are the functions that can be performed by the set of XML tags that the phones understand: [1] Show a menu and select an item from it (<CiscoIPPhoneMenu>); [2] Show some text (<CiscoIPPhoneText>); [3] Accept input (<CiscoIPPhoneInput>); [4] Show phone directory entries, and allow the user to call a number associated with one of those entries (<CiscoIPPhoneDirectory>); [5] Show a picture (<CiscoIPPhoneImage>); [6] Show a menu, built using graphics (<CiscoIPPhoneGraphicMenu>) Cisco provides a document, 'Cisco IP Phone Services Application Development Notes that describes these XML tags in detail... Note that the browser provides no scripting language and does not maintain state. It does not recognize <META> tags, and so cannot apply stylesheets to create the required XML. Therefore, the server must provide the appropriate XML tags. Only the HTTP GET method can be used; POST is not available..." See also the DTMF FAQ - Telephone Tone Dialing chips V1.20."

  • [July 24, 2002] "Locally Linked Infosets." By Francis Norton. Original Posting: 2002-07-04. Referenced on W3C's list 'xmlschema-dev@w3.org'. The aim of this note is to propose a minimally invasive and maximally flexible mechanism for accessing Post Schema Validation Information. It was partly inspired by proposals from Rick Jelliffe (Schemachine) and Eric van del Vlist (xvif)... The basic idea is to make Post Validation information available through a small API rather than through structural changes to the infoset. In order to avoid schema engine bias, and to keep the specification as simple as possible, LLI does not include a general specification of Post Validation Information structure, it simply requires Validation results to be returned as a node-set, in the same way as the XSLT document() function. The implementors or designers of individual schema engines would be responsible for specifying or agreeing how their result data should be represented. Using Locally Linked Infosets provides a framework for validation processing which permits sequential or parallel application of relevent schema using suitable schema engines to appropriate source nodes. It offers flexibility and simplicity by avoiding the providing a loosely coupled linking between data and meta data. Adopting this proposal would make it possible to access post validation metadata from within tools such as XSLT or the DOM at - I believe - a reasonably low cost of implementation, would not discriminate against non-XSDL schema engines, and would make the resulting metadata simple to comprehend, use, and serialise..."

  • [July 24, 2002] "Schemachine. A Framework For Modular Validation of XML Documents." By Rick Jelliffe. June 21, 2002. [See previous entry. "This note specifies a possible framework for supporting modular XML validation. It has no official status whatsover. It is for discussion purposes only. Review comments are welcome... This has been developed as a strawman for the ISO DSDL effort. For another strawman using a different basis, see Eric van der Vlist's Xml Validation Interoperability Framework (xvif)..."] "The strawman has the following features: (1) based on XML Pipeline structures, but with rearrangement and renaming, (2) embedded in Schematron-like superstructure with titles and phases, (3) a minimal implementation is possible, where all validators and translators are command- line executable programs, and the framework document is translated into BAT files or Bourne shell scripts (i.e., validators etc. are treated as black boxes) , (4) the purpose is validation rather than declarative description per se. (In particular, the further down a transformation chain that data gets, the more difficult it will be to tie the effect of a schema to the original document. ) (5) this framework supports both validation of explicit structure and validation of complex data values. It leaves issues of simple datatyping to particular validators, (6) validation is a tree of processes, (7) supports inband signalling (@exclude) and out-of-band signalling ()@haltOnFail)..." See: "Document Schema Definition Language (DSDL)."

  • [July 24, 2002] "Public Nodes Implement UDDI V2 Specification." By [InternetWeek Staff]. In InternetWeek (July 24, 2002). "The Universal Description, Discovery, and Integration (UDDI) project said Wednesday [2002-07-24] that the public nodes making up the UDDI Business Registry are now compliant with Version 2, the latest, of the UDDI specification. UDDI defines a uniform way for businesses to describe their services, find other companies' services, and understand how to conduct e-commerce with another business. With the added support for V2, UBR is now a multi-version UDDI registry with support for V1 and V2. More than 10,000 businesses have registered with the three public UBR nodes, as have 4,000 individual Web services, with all registered data being replicated between the UBR nodes. This means services registered in one node can be discovered in others. The number of public node operators is now at three with a fourth to make its node publicly available this fall..." See (1) the announcement, "UDDI.org Announces an Enhanced UDDI Business Registry. Multi-version UDDI Business Registry Goes Live."; (2) "Universal Description, Discovery, and Integration (UDDI)."

  • [July 23, 2002] "OASIS Forms WS-Security Committee." By Brian Fonseca. In InfoWorld (July 23, 2002). "Microsoft and IBM moved one step closer to turning their security specification into a standard on Tuesday. Clearing a significant hurdle for the WS-Security standard to gain recognition as a trusted means for applying security to Web services, standards body OASIS (Organization for the Advancement of Structure Information Standards) formed a technical committee to give vendors a crack at the immature specification. First published in April as part of a working partnership between Microsoft, IBM, and VeriSign, the WS-Security specification defines a standard set of SOAP extensions, or message headers, which can be used to set and unify multiple security models, mechanisms, and technology -- such as encryption and digital signatures for instance -- onto Web services applications which traverse the Internet. Aside from an initial WS-Security road map, the trio also proposed specifications yet to come that address a variety of other security, policy, messaging, and trust issues associated with Web services security. They include WS-Policy, WS-Trust, WS-Privacy, WS-Secure Conversation, WS-Federation, and WS-Authorization..." See the news item of 2002-07-23.

  • [July 23, 2002] "XML and Bibliographic Data: the TVS (Transport, Validation and Services) Model." By Joaquim Ramos de Carvalho (IHTI Faculdade de Letras, Universidade de Coimbra, Portugal) and Maria Inês Cordeiro (Art Library, Calouste Gulbenkian Foundation, Portugal). Paper prepared for the 68th IFLA General Conference and Council 'Libraries for Life: Democracy, Diversity, Delivery', August 18-24, 2002, Glasgow, Scotland. 13 pages, with 44 references. "This paper discusses the role of XML in library information systems at three major levels: as a representation language that enables the transport of bibliographic data in a way that is technologically independent and universally understood across systems and domains; as a language that enables the specification of complex validation rules according to a particular data format such as MARC; and, finally, as a language that enables the description of services through which such data can be exploited in alternative modes that overcome the limitations of the classical client-server database services. The key point of this paper is that by specifying requirements for XML usage at these three levels, in an articulated but distinct way, a much needed clarification of this area can be achieved. The authors conclude by stressing the importance of advancing the use of XML in the real practice of bibliographic services, in order to improve the interoperable capabilities of existing bibliographic data assets and to advance the WWW integration of bibliographic systems on a sound basis... By 'transport format' we mean an XML format designed to take a role similar to that of ISO 2709. Its purpose is to allow the efficient transport of bibliographic data. Like ISO 2709 such a format contains the necessary information for representing the morphological structure of the MARC record, i.e., without aiming at validation of the complete syntax/semantics of the MARC format, but rather mapping directly to the MARC record main structural levels. ISO 2709 was modelled to the needs of the technological environment of its time; an XML equivalent for the current technological context must target the interoperability paradigms of today: Web services. So far, most of the approaches to encoding bibliographic records in XML have been based on the assumption that the use of XML would imply the expression of the whole syntax/semantics of MARC, enforcing validation. Not only this approach has proved difficult (very complex and long DTDs or schema) but also it does not facilitate the transport and reuse of data in practical applications. This is because in such a way only valid records can be represented, and also because it is difficult to rebuild MARC data from the very complex MARC XML records generated in such a model..." From a posting: "A web page with various examples and sample code is available; the page proposes a mapping that is targeted to Web Services development. Sample web services are available at the National Library of Portugal, allowing experimental access to over one million records..." See "MARC (MAchine Readable Cataloging) and SGML/XML." [cache]

  • [July 23, 2002] "IBM Details Next Version of DB2 Database, Ships Beta." By Richard Karpinski. In InternetWeek (July 23, 2002). "With increased Web services support and improved management tools, IBM on Monday released a general beta of its DB2 database it hopes represents the next weapon in its battle with database rivals Oracle and Microsoft... Standards support for Web services is building in DB2. The database supports the basics -- such as XML schemas and Simple Object Access Protocol (SOAP) -- as well as SQL-X, its own effort to link SQL and XML in what Jones calls a 'semi-standard' way. Overall, IBM has extended SQL in more than 100 was to better support XML-style content. DB2 8.0 also includes automated, built-in support for XML transformations that programmers typically are required to write, enabling XML documents to be viewed on a Web browser. The ultimate way for dealing with XML in databases, however, is via proposed standard X-Query, which will not be supported in DB2 8.0. IBM has demonstrated support for X-Query in a prototype of a future version of DB2. V8.0 features new 'multi-dimensional clustering' capabilities that enable customers to reorganize information in one easy step, so that it can be retrieved quickly, from any view the customer may require. Also on tap are new online utilities to perform tasks such as table reorganization, index maintenance, and database loads online. DB2 8.0 is available now as a free beta..."

  • [July 22, 2002] "Keeping Web Services Royalty-Free." By Anne Chen. In eWEEK (July 22, 2002). "Tim Berners-Lee, director of the World Wide Web Consortium, opened The Open Group Conference ['Boundaryless Information Flow: The Role of Web Services'] on Monday by asking his colleagues to preserve the universality and openness of the Web as they build Web services as the foundation for the future of the Internet. And, said Berners-Lee, a key to preserving openness on the Web is to keep standard Web protocols patent and royalty-free. 'Remember that the ways to use Web services will not only be wide, but will be the base for all kinds of things people will build for the Web in the future,' Berners-Lee said. 'We have to be generic in design because Web services, if done well, will be flexible and apply to everything from mainframes to cell phones.' [...] Berners-Lee said maintaining an open, royalty-free approach will be important for both Web services and semantic Web standards. (Web services standards like SOAP and UDDI focus on how online services are found and how they interact, while semantic Web standards include industry-specific markup languages that help define the nature and behavior of objects online.) Although the two sets of standards are currently being pursued in separate, parallel tracks, Berners-Lee predicted that the semantic Web will become increasingly important as Web services mature. As such, the future of the Internet, he said, will revolve around Web services, voice routing, and the semantic Web. Berners-Lee said that, in order for all or any of those capabilities to see market growth, the base standards need to be patent- free. How that will happen is an issue the W3C has been grappling with over the past year... 'The W3C is working on a process so people used to using patents to protect themselves can sit around a table and come to an agreement where no one will charge royalties regardless of whether they have a patent...' For the conference The Open Group partnered with organizations including the W3C, OASIS (Organization for the Advancement of Structured Information Standards), OMG (Open Management Group), OGC (Open GIS Consortium), OAG (Open Applications Group) and DMTF (Distributed Management Task Force) to address the future and the development of Web services and associated standards." For background on W3C's RF Patent policy, see the document on Patents and Open Standards.

  • [July 20, 2002] "XMLTangle - Literate Programming in XML." By Jonathan Bartlett. July 2002. "Literate Programming is a style of programming in which the programmer writes an essay instead of a program. The essay's code fragments are then merged together to form a full program which can be compiled or interpretted. This article is a literate program designed to perform this task with XML documents. Donald Knuth's Literate Programming is a wonderful system for writing programs which are understandable and maintainable. It allows the programmer to not just communicate to the computer, but also communicate the ideas behind the program to current and future programmers. This idea has not caught on, but I believe it is still a worthy goal. The current literate programming tools are problematic, however. They are still too wedded to individual programming languages and document formats. This program is a version of the tangle program which has the following features: (1) Works with any programming language (2) Uses XML as the documentation language (3) Is not tied to any specific DTD - instead it relies on processing instructions to perform its tasks. It does not include every feature of literate programming - specifically it does not include any macro facility. Originally this program was written in C, only worked with the DocBook DTD, and only had a very primitive subset of the literate programming paradigm. Specifically, the code could only be broken up into files - it was not possible to include named code fragments which would be defined elsewhere - you could only append to files. This version is written in Python and captures much more of the literate paradigm... See: (1) the SourceForge XMLTangle project page; (2) "SGML/XML and Literate Programming."

  • [July 20, 2002] "Financial Products Markup Language (FPML) Messaging Structure." FPML Technical Note. Version 1-0. April 09, 2002. Version URI: http://www.fpml.org/spec/tech-note-fpml-messaging-1-0-2002-04-09. "The FpML TaskForce, a working group with members from all other working groups, was formed in January 2002 to address and proposed recommendations on issues that cut across all working groups. This work was concluded in April 2002 and the recommendations incorporated into the FpML 3.0 Working Draft. One of the items to address was the messaging structure required within FpML...This technical note documents the work done on the messaging framework by the Taskforce and is intended to provide the starting point for the work of a future Messaging Working Group... The workflow model should ideally be documented in the form of UML sequence diagrams, with accompanying text. The Task Force felt that this was the best vehicle for analysing, agreeing and publicising the overall workflow structure. Detailed definition of the document schema would follow from the workflow model. The workflow model and the resultant schema structure should take into account the requirements of both business-to-business (B2B) and internal application-to-application (A2A) usage... As well as covering the pre- and post-trade workflow, the model should address modification and cancellation events at each stage of the life cycle. Some form of message header will be required. This will pertain to the FpML document itself, and will be independent of any trade-specific header information. ... The following three diagrams illustrate the exchanges involved in three standard workflow scenarios: requesting a price, making an order, and seeking a valuation of a position or portfolio..." Section 4 provides the reworked experimental DTDs. See "Financial Products Markup Language (FpML)." [Source .DOC]

  • [July 20, 2002] "Keeping Pace With James Clark. An interview (and analysis) with the leading authority on markup languages." By Uche Ogbuji (Principal Consultant, Fourthought, Inc. From IBM developerWorks, XML Zone. July 2002. Note: a comment was heard from Uche Ogbuji on XML-DEV to the effect that "The interview [with James Clark] was actually conducted several months ago. There were some editorial delays. I think it's still timely..." ['James Clark is arguably the most accomplished developer in the world of markup languages. In his distinguished career of contributing to both SGML and XML, he has served on standards bodies, provided important practical perspectives on where markup meets traditional code, and most importantly, written many of the programs that have moved XML (and SGML before it) from the world of abstract speculation into hard practicality. In this article, Uche Ogbuji interviews James Clark, concentrating on a discussion of practical developments, current and future, in the world of XML. The author also provides his own analysis of the issues raised.'] "In December of 2001, James Clark was awarded the inaugural XML Cup by the XML 2001 conference committee. This award was in honor of his many accomplishments for the XML community, and no one was in doubt of his deserving it. If you have done anything at all with markup languages, you have probably used code written by James Clark... Notably, all this work is open source, and has been since before open source came into high fashion. Clark received the award for his recent contributions as well. In 2001, he pioneered TREX, an alternative XML schema language which has since merged with the RELAX language, to form RELAX NG. The latter is proving extremely popular with developers despite competition from the W3C-sanctioned schema definition language. And to prove his grasp of XML's future, Clark followed his award with a speech on the five technical challenges currently facing XML. In this speech, he highlighted many technical issues that have caused much grumbling among developers, and he struck a cautionary note about some XML developments that might cause technical difficulties down the road... This article is based on an interview with James Clark, in which I followed up on these technical challenges. The questions and answers are presented, and in some cases, they are followed by my own explanation and analysis. Readers should be very familiar with XML and reasonably familiar with the various XML processing technologies..." See "James Clark First Recipient of the IDEAlliance XML Cup Award." [Article also in PDF format.]

  • [July 20, 2002] "The Essence of XML." By Jérôme Siméon (Bell Laboratories) and Philip Wadler (Avaya Labs). Invited paper prepared for presentation at the Sixth International Symposium on Functional and Logic Programming (FLOPS 2002), University of Aizu, Aizu, Japan, September 15-17, 2002. 14 pages, with 22 references. Referenced on Philip Wadler's XML page. "The World-Wide Web Consortium (W3C) promotes XML and related standards, including XML Schema, XQuery, and XPath. This paper describes a formalization XML Schema. A formal semantics based on these ideas is part of the official XQuery and XPath specification, one of the first uses of formal methods by a standards body. XML Schema features both named and structural types, with structure based on tree grammars. While structural types and matching have been studied in other work (notably XDuce, Relax NG, and a previous formalization of XML Schema), this is the first work to study the relation between named types and structural types, and the relation between matching and validation. The dichotomy between names and structures is not quite so stark as at first it might appear. Many languages use combinations of named and structural typing. For instance, in ML record types are purely structural, but two types declared with 'datatype' are distinct, even if they have the same structure. Further, relations between names always imply corresponding relations between structures. For instance, in Java if one class is declared to extend another then the first class always has a structure that extends the second. Conversely, structural relations depend upon names. For instance, names are used to identify the fields of a record... Our aim is to model XML and Schema as they exist -- we do not claim that these are the best possible designs. Indeed, we would argue that XML and Schema have several shortcomings. First, we would argue that a data representation should explicitly distinguish, say, integers from strings, rather than to infer which is which by validation against a Schema. (This is one of the many ways in which Lisp S-expressions are superior to XML.) Second, while derivation by extension in Schema superficially resembles subclassing in object-oriented programming, in fact there are profound differences. In languages such as Java, one can typecheck code for a class without knowing all subclasses of that class (this supports separate compilation). But in XML Schema, one cannot validate against a type without knowing all types that derive by extension from that type (and hence separate compilation is problematic). Nonetheless, XML and Schema are widely used standards, and there is value in modeling these standards. In particular, such models may: (i) improve our understanding of exactly what is mandated by the standard, (ii) help implementors create conforming implementations, and (iii) suggest how to improve the standards..." See also the previous/preliminary version. General references: "XML Schemas." [cache]

  • [July 20, 2002] "OMG Models for Web Services." By Carolyn A. April. In InfoWorld (July 17, 2002). "Standards stalwart Object Management Group (OMG) is accelerating its drive for a modeling-based approach to enterprise collaboration with a recent overture aimed at Web services. The OMG is currently developing a standard way to use mapping to connect Web services to its ECA (Enterprise Collaboration Architecture), a framework for modeling complex business processes that tie together systems, customers, and partners electronically. ECA is based on UML (Universal Modeling Language) and is tools-agnostic in terms of development. Essentially, the ECA gives developers a way to create meta-models that define common ways for representing shared business processes, such as agreeing on a sales contract, as well as the multi-formatted data behind those processes, according to OMG officials. It also defines a common way to store this information, including within a UDDI (Universal Description, Discovery, and Integration) directory or a meta-object repository. By defining and storing business collaborations as models, companies are provided immunity to the ongoing evolutions of underlying middleware, data formats, and other infrastructure, said Jon Siegel, vice president of technology transfer at OMG, based in Needham, Mass... Web services standards are just one set of middleware technologies that the OMG intends to link to ECA through mapping, according to Siegel. Currently, OMG is working to extend its mapping to ebXML (e-business XML), J2EE (Java 2 Enterprise Edition), .Net, and other environments..." See also "Object Management Group Issues Web Services for Enterprise Collaboration (WSEC) RFP."

  • [July 20, 2002] "Enterprise Collaboration Architecture (ECA). MDA for Enterprise Collaboration and Integration." By Cory Casanave (President, Data Access Technologies). Presented at the Interoperability Summit Series meeting June 26-27, 2002 in Orlando, Florida. 42 pages. ['The OMG has recently adopted the Enterprise Collaboration Architecture (ECA) as part of the UML for EDOC set of specifications. ECA describes how to model enterprise collaborations with UML and use model driven development to implement collaborative business processes using a variety of middleware technologies.'] "ECA is a profile of UML, providing a way to use UML for the specific purpose of Internal and B2B collaboration and integration. ECA is an OMG standard. You can also think of this as a modeling framework for enterprise computing. ECA is part of the OMG's Model Driven Architecture (MDA). It uses precise modeling techniques as part of the development lifecycle to speed development and provide technology independence. ECA can represent and map to the semantics for multiple technologies, integrating the relevant technologies and standards; the mappings can include Corba, .NET, J2EE, WSDL, WSFL, WS-I, etc. Much of the ECA conceptual foundation was worked out by Trygve Reenskaug (Oslo), particilarly OORAM (Object Oriented Role Analysis)..." Adapted from the text of the presentation. [cache]

  • [July 20, 2002] "TransactionMinder v5.5. Securing Web Services and Business-to-Business Integration Environments." A Netegrity White Paper. July 12, 2002. 17 pages. [TransactionMinder is one of the products announced at the SAML Interop Summit] "... For all their benefits, Web services are not without challenges. One of them is security. Today, Web services platforms are limited to basic transport-level security. The XML messages that are exchanged in Web services requests and responses must include security information that goes beyond the transport layer. Transport-level security enables point-to-point sessions. However, in Web services environments, many intermediaries can be involved in a transaction. For example, XML documents may be routed through various servers and they can be processed by multiple backend business applications necessary to complete a transaction. Each intermediary involved in a transaction can be a Web service in its own right. Intermediaries require security information from incoming requests and may need to provide additional security information to the next intermediary involved in the transaction process. Transport-level security by itself falls short of such requirements. What is needed in addition to transport-level security is a way to provide security information for the XML messages exchanged in Web services and other business-to-business transactions. In other words, in addition to securing the communication of messages (which transport-level security does well), we need to be able to selectively secure the content of the documents used in that communication, thus providing support for fine-grained access-control and dynamic authorization decisions... TransactionMinder provides a policy-based platform for securing the content of XML documents and messages used in Web services and market-leading, XML-based, business-to-business integration (B2Bi) infrastructures. TransactionMinder builds upon Netegrity's shared-services vision embodied in SiteMinder, Netegrity's flagship product for securing access to Web-based documents and business applications within a single enterprise and across multiple partners. [It provides] support for user credentials embedded in XML documents, XML Digital Signature, and the Security Assertion Markup Language (SAML); for user and trading-partner directories stored in Lightweight Directory Access Protocol (LDAP) environments or relational databases... It supports fine-grained access control, allowing for authorization policies based on information provided at any layer of the XML message (transport, envelope, or business payload)..." See: (1) "Security Assertion Markup Language (SAML)"; (2) the announcement: "Netegrity Announces New TransactionMinder Product. Provides Missing Link for Authentication and Authorization of Web Services."

  • [July 19, 2002] "A Realist's SMIL Manifesto, Part II." By Fabio Arciniegas. From XML.com. July 17, 2002. ['Using SMIL 2.0 to implement narrative strategies in multimedia. In this two-part series Fabio has invited us to take another look at SMIL, the Synchronized Multimedia Integration Language. The trouble with most of the current SMIL literature, maintains Fabio, is that it fails to cater properly to either of its two potential audiences: Web developers and multimedia creatives. In the first half of this article, Fabio introduces the basics of the SMIL technology. In part 2, he brings the focus onto the creative techniques, and shows, with the aid of examples, how SMIL can be used to achieve common narrative devices in multimedia and movies.'] "In the first part of this article series, I mentioned two big problems -- and addressed the first -- obstructing widespread adoption of SMIL: Confusion about terminology, versioning, and structure Lack of business and artistic orientation from current literature The second problem has been key in making SMIL a tough sale because -- just like Flash and SVG -- it is a creative-oriented technology. It lives in the middle of the programmer-designer spectrum, where technocrat literature fails to attract many people from either side. On one hand, web designers seeing a bouncing ball on the screen tend to react with a simple 'I can easily do that in Flash', which is true. On the other hand, programmers, who appreciate the tech-appeal of the way in which the ball is made to bounce, are not being educated about the possibilities SMIL offers for expression. As a result, people on both ends tend to dismiss the whole technology as a nice toy. The goal of this article is to show SMIL's potential as a technology in service of narrative strategies, adding something extra to the media rich Web... In what follows I will explore three narrative strategies and how to implement them using three important features of SMIL 2.0. The features explained are transitions, declarative animation, and SMIL 2 events. The narrative strategies are condensation, synecdoche, and spatial montage..." See: "Synchronized Multimedia Integration Language (SMIL)."

  • [July 19, 2002] "Processing SOAP Headers." By Rich Salz. From XML.com. July 17, 2002. ['Rich Salz examines the how and why of SOAP header processing. Rich takes last month's Google Web service example further and introduces an intermediary into the SOAP message chain.'] "Last month we built a simple client for the Google API. In this month's column we'll look at how SOAP headers can be used to talk to an intermediate server that adds value to the basic search service. The value-add is actually pretty silly: we'll send the query, pick one of the results at random to return, and send it back as an HTML page in Pig Latin. Our goal, however, is to understand how to process SOAP headers, and why you'd want to do so. But first I want to thank Google for providing a wonderful Web API, which it is, module the concerns I addressed in my first column. SOAP structures a message into two main parts: the headers and the body. I'll go out on a limb and say that almost all SOAP messages so far use the body. Very few put anything in the SOAP headers. I think the recent flurry of activity in SOAP security standards means that this will soon change, however, so it's worth understanding when and how to use SOAP header elements. SOAP is more than just a sender-receiver protocol, although that, too, is certainly the dominant use today. SOAP supports the concept of a message passing from a recipient, possibly through one or more intermediaries, and ending up at its destination, more precisely known as the ultimate receiver... Along the way, the intermediaries may perform processing on the message or its side-effects. For example, a message may pass through a transaction service, providing a client with guaranteed invocation in the presence of network failures; a security service may sit at an enterprise portal, providing authentication information; and so on. An important aspect of these examples is that the basic operation is unchanged. While this isn't made explicit in the SOAP specifications, it's commonly accepted that intermediaries are intended to work primarily on the metadata of the SOAP message. SOAP headers are the ideal place for such data. SOAP headers are also a good place to put optional information, and a good means to supporting evolving interfaces..." See "Simple Object Access Protocol (SOAP)."

  • [July 19, 2002] "The True Meaning of Service." By Kendall Grant Clark. From XML.com. July 17, 2002. ['One oft-discussed topic is whether the future of the Web belongs to Web services or to the Semantic Web. Kendall Clark discovers that a new project, DAML-S, sets out to unify the two, and indeed could reach further into distributed computing in general.'] "At some point over the past 18 months the future direction of the Web began to be seen widely as a struggle between 'Web Services' and the 'Semantic Web'. The former was thought to be rooted in the W3C and academia, the latter in IBM-Microsoft-Sun and industry... Part of the debate between services and semantics is a replay of the debate about what makes the Web an interesting place: commerce or content? In the conventional wisdom, services represent the commerce part of the Web, while semantics represent its content... DAML-S is much more than a thought experiment... DAML-S, presently at version 0.6, is an upper ontology of web services being built on top of DAML+OIL (which is morphing into WebOnt, a W3C project). The idea is that high-level ontologies of web resources can be very useful things and, here's the kicker, web services are just a kind of web resource. Web services are resources that, as The DAML Services Coalition puts it, 'allow one to effect some action or change in the world, such as the sale of a product or the control of a physical device'... The first bit about DAML-S to grasp is that it's a high-level ontology, one that sits at the application level and is meant to answer the what- and why-questions about a web service, as opposed to the how-questions, which are the domain of WSDL... The motivations for creating DAML-S include discovery, invocation, interoperation, composition, verification, and monitoring. A part of the practical cash value of any web technology labeled 'semantic' is that the Web ought to provide something relatively useful in response to vague or even cryptic input from the end-user. If the end-user inputs "airline reservation" to her autonomous web agent, among the outputs ought to be, for example, the starting point of a web service which will guide her into making a flight reservation..." [DAML-S from the website description: "DAML-S supplies Web service providers with a core set of markup language constructs for describing the properties and capabilities of their Web services in unambiguous, computer-intepretable form. DAML-S markup of Web services will facilitate the automation of Web service tasks including automated Web service discovery, execution, interoperation, composition and execution monitoring. Following the layered approach to markup language development, the current version of DAML-S builds on top of DAML+OIL."] References: "DARPA Agent Mark Up Language (DAML)."

  • [July 19, 2002] "Implementing XPath for Wireless Devices, Part II." By Bilal Siddiqui. From XML.com. July 17, 2002. ['In the second of a two-part series, we explore the implementation of XPath on wireless devices using the WAP family of standards. Bilal introduces more XPath functionality and provides the rest of the pseudo-code for its implementation.'] "In the first part of this article, we introduced XPath and discussed various XPath queries ranging from simple to complex. By applying XPath queries to sample XML files, we elaborated upon various important definitions of XPath such as location step, context node, location path, axes, and node-test. We then discussed complex XPath queries that combine more than one simple query. We also discussed the abstract structure of Wireless Binary XML (WBXML), which is the wireless counterpart of XML. Finally we presented the design of a simple XPath processing engine... In this part, we will discuss the features of XPath which allow for complex search operations on an XML file. We will discuss predicates or filtered queries and the use of functions in XPath. We will present various XPath queries for the processing of WSDL and WML. We will also enhance the simple design of our XPath engine to include support for predicates, functions, and different data types... We discuss the syntax and use of predicates and functions in XPath, present various WSDL and WML processing examples and demonstrated how to form complex XPath queries, and enhanced the design of the XPath engine introduced in the first article..."

  • [July 19, 2002] "Catalyst 2002 SAML InterOp." By Prateek Mishra (Netegrity). July 15, 2002. Document used as part of a press-briefing at Catalyst2002, San Francisco. It provides a (very)-short overview of SAML and the interOp event. Provides a SAML Introduction, Report on SAML Status, SAML InterOp Details, Relationship of SAML to other efforts. SAML (Security Assertion Markup Language) is a framework for exchange of security-related information e.g., assertions. These assertions about authentication and authorization are expressed as XML documents. SAML solves two problems: (1) Identity Federation: Provides technology to allow a business to securely interact with users originating from its vendors, suppliers, customers etc. (2) Fine Grained Authorization: Users may authenticate at one site and be authorized by another. A SAML 'profile' describes how SAML should be used to solve some business problem, e.g., Web browser profiles for Single-Sign On (part of SAML 1.0) or WS-Security profile for securing web services (currently under development by the SSTC). SAML is NOT A new form of authentication, an alternative to WS-Security, limited to legacy applications, limited to web browser applications, limited to web services security..." Details: see "Burton Group's Catalyst Conference Features SAML Interoperability Event."

  • [July 19, 2002] "Five Things You Should Know About Internet Identity." By Richard Karpinski. In InternetWeek (July 18, 2002). "Think of this as the week that Internet Identity moved from conception to reality. To be sure, many of the pieces necessary to help companies manage user identities -- and to begin to wrestle with how to make use of customer and trading partner profiles -- have been around for some time. Enterprise directories, access management, and control systems and authentication/digital signatures have been around for years. But this week saw some real progress in next-generation identity management. Vendors demonstrated interoperability using Security Assertion Markup Language (SAML), which will allow different systems to exchange standards-based identity tokens that will enable single sign-on to become a reality. The Liberty Alliance launched the first version of its specifications, which define how companies can deliver federated identity management capabilities. A slew of vendors -- including Oblix, Netegrity, OpenNetwork, Sun, Novell, Waveset and others -- detailed plans to support these emerging standards. And even Microsoft made some news, showing up at the Liberty announcement and floating a detente balloon by agreeing to support SAML across its identity and Web services security plans. So let's boil things down. What do enterprises need to know? Here's our list of the top five things we think we've culled from this week's events [...] The Three Layers Of Identity: Enterprise, B-To-B, And Public: (1) Already today, many large enterprises are rolling out major enterprise sign-sign on projects; corporate single sign-on really doesn't require any of the standards that are emerging; administration is centralized so so-called federation standards like Liberty aren't a must-have; (2) The next use case is B-to-B, and this is where SAML becomes to come in. Consider, for example, Boeing Corp., which runs a corporate extranet that sees literally thousands of trading partners looking to gain access to its collaborative applications at any time. By deploying an SAML-based solution, Boeing can let is access systems exchange SAML security information with other, non-Boeing systems -- essentially stitching together a single identity network that spans its enterprise and its trading partners. (3) Finally, the third model is the world of public identity. And this is where the concept of federation comes in. Consider a user sitting on the Dell or IBM Web site. He's looking to buy a PC. In a Liberty scenario, the site would issue a SAML token -- Liberty is strongly based on SAML -- which would not only log the user in on that site but could potentially be passed on to other parties, such as a shipping company like FedEx or UPS, without requiring the user to log in again..." References: (1) "Liberty Alliance Specifications for Federated Network Identification and Authorization"; (2) "Security Assertion Markup Language (SAML)."

  • [July 19, 2002] "Web Services Breeds Teamwork." By Vivienne Fisher. In ZDNN (July 19, 2002). "Two international standards bodies have teamed up on a forum about Web services, in a bid to clarify what's really going on. Web services has been a hot topic among businesses this year. Earlier this month, analysts told ZDNet Australia that they saw security issues as the number one roadblock to the takeup of Web services. The World Wide Web Consortium (W3C) and the Organization for the Advancement of Structured Information Standards (OASIS) have decided to organize a forum to try to educate users about the work both standards organizations have been doing. In particular, W3C's Web foundation work on XML-SIG, XKMS, Xenc, and its model for Web services architecture and the security segment. Also under discussion will be OASIS's security-related technologies such as SAML, WS-Security, and standards for access control, provisioning, biometrics and digital rights. Earlier this month it was announced that a Web services security technical committee was being formed. This followed IBM, Microsoft and VeriSign agreeing to submit the latest version of the WS-Security specification to OASIS for development, a move industry analysts predicted as a positive one for the Web services arena... Patrick Gannon, president and CEO at OASIS, said that there were a number of technical committees outside the core profile area, with most of the vendors involved in Web services having been long-standing members of the organization... Gannon described it as 'the ROI factor' -- relevance, openess and implementability. He said that this means that members work on standards that are relative to the needs of the marketplace, often within relatively short timeframes..." See the news clipping on the W3C/OASIS Security Forum.

  • [July 19, 2002] "Amazon Offers Free Web Services to Help Drive Site Traffic." By Whit Andrews and Dean Lombardo (Gartner). Gartner Note Number FT-17-4938. ['Free Web services will enable Amazon affiliates to offer Amazon.com content and features. The technology will work, but affiliate Web sites considering the service should temper any extravagant expectations.'] "... Amazon's choice of Web services to boost its formidable affiliate sales program, Amazon.com Associates, demonstrates: (1) The technology's resiliency and appeal as a method of creating richer integration than can be done using simple HTML hyperlinking; (2) The easy development Web services allow, when compared to many other forms of business-to-business application integration... Enterprises and would-be affiliates (which Amazon terms 'associates') should be on guard against their own inflated expectations of the development model. Amazon's decision to expose product display and shopping cart functions as XML-based services via SOAP links is not equivalent to profitable exploitation of such a model. Rather, it more likely will reveal which of Amazon's claimed 800,000 affiliates are genuinely creative and willing to add value to the shopping experience, as opposed to those that simply want to grab a cut of friends' and relatives' Amazon goods purchases. Participants in the Amazon.com Associates Program can earn up to 15 percent of sales generated by referring visitors to Amazon.com. Enterprises that use Amazon's affiliate sales program to make products available for sale should consider AWS as a way to improve their links to the merchandiser. Retailers for whom affiliate sales models have proven effective should enrich them by adding Web services to improve partner interfaces and functionality. Although Amazon is using the Web Services Description Language (WSDL) for long-term service maintenance and definition, developers should not assume the deployment is synonymous with stability. Web services remain fairly nascent, and deployments should reflect the caution with which Gartner has advised enterprises to approach them in general..." Also in PDF format. See details in the news item "Free Amazon.com Web Services Facility Supports XML/HTTP and SOAP." [cache]

  • [July 18, 2002] "DON XML WG XML Developer's Guide." Version 1.1. From the DON [US Department of Navy] XML Working Group. Edited by Brian Hopkins. May 2002. 97 pages. "This document is an early deliverable of the overall DON XML strategy for employing XML within the department. It provides general development guidance for the many XML initiatives currently taking place within the DON while the DON XML Work Group (DON XML WG) is in the process of developing a long-term strategy for aligning XML implementations with the business needs of the department. It is intended to be a living document that will be updated frequently. This version of the guidance is primarily written to assist developers in creating schemas that describe XML payloads of information. It should be noted that payloads represent only one component required for secure, reliable information exchange. Other components include a specification for reliable messaging (including authentication, encryption, queuing, and error handling), business service registry and repository functions, and transport protocols. Emerging technologies and specifications are, or will shortly, provide XML-based solutions to many of these needs. The DON XML WG is developing an XML Primer that will describe each of these components and bring together the overall strategy for capitalizing on XML as a tool for enterprise interoperability... This document is primarily intended for developers already familiar with XML; however, it has a comprehensive glossary that provides good starting points for XML beginners. Some of this document focuses on XML Schemas as a tool for interoperability... This guidance applies to all activities in the DON that are implementing applications that use XML for the exchange of information with other applications via public interfaces. This version of the developers guide contains guidance of a general nature that is applicable to both document-centric and data-centric information exchanges. It also contains specific guidance for data-centric exchanges necessary for enterprise interoperability. Specific guidance for document-centric applications will be forthcoming in the next version. These recommendations are not intended to restrict the use of XML internal to systems; the DON XML WG recommends that applications separate internal XML grammars processed by application code from that used for external communications. This decoupling of internally processed XML with that which is communicated externally insulates application code from XML vocabulary evolution and allows such loosely coupled applications to stay current with the latest schemas and components promulgated by communities of interest and Voluntary Consensus Standards." References: (1) Department of the Navy XML Quickplace; (2) "US Federal CIO Council XML Working Group"; (3) "Navy Issues XML Guide"; (4) following bibliographic entry.

  • [July 18, 2002] "Navy Steams Forward on XML Standardization." By Patricia Daukantas. In Government Computer News (July 17, 2002). "Less than a year into the Navy's effort to standardize the use of Extensible Markup Language, the service's XML working group recently published the second edition of its developers' guide. Since May 1, Navy developers have had Version 1.1 of the 41-page guide that the working group published last November as Version 1.0. Both are available online. The Navy is committed to participating in XML standards organizations, said Michael Jacobs, data architecture project lead for the Navy CIO's office. The service has already joined the Organization for the Advancement of Structured Information Standards (OASIS) and is applying for membership in the World Wide Web Consortium. ... It's critical for the Navy to stay involved in development of the standards, because the Defense Department has a history of having to modify off-the-shelf applications after they are acquired, Jacobs said...The group's near-term goals include drawing up an XML implementation plan and documenting the requirements for a Navywide repository of XML schemas and code... In the developers' guide, the Navy aims to present a balance between being overly restrictive and being so loose that developers use nonstandard components at their discretion, said Brian Hopkins, an engineering consultant working with the Navy CIO's office. It's supposed to provide general guidance on XML component selection, component naming conventions and design of XML schema..."

  • [July 17, 2002] "Towards XML Based Management and Configuration." By Ted Goddard (Wind River Systems). IETF Internet-Draft. Reference: 'draft-goddard-xmlconf-survey-00.txt'. June 2002, expires: December 2002. 16 pages. "This informational document surveys a variety of existing technologies relevant to the exploration of an XML-based technology for network management and configuration. The technologies surveyed include SOAP, WSDL, SyncML, WBEM, RDF, CC/PP, and JUNOScript. The data representation capability of XML with and without schemas and DTDs is compared with SMIv2... Technologies for management and configuration cover a broad spectrum, from abstract information models, to model representation languages, to encodings, to protocols. XML itself focuses on structured data encoding, but specifications such as SOAP or WSDL use XML to represent data and to describe the communication semantics. Some specifications, such as SyncML and WBEM include explicit communication bindings, such as to OBEX or HTTP... Several of the specifications (SOAP, RDF, SyncML) use URLs or URIs to specify the target of an operation. Thus, a basic issue for an XML based management system may be a scheme for identifying network elements and their components by URIs... When combined with schemas, XML can be used to encode and validate data of arbitrary complexity in a way that is verbose but faithful to application design. XML encoded data can be easily compressed, transformed, or embedded into container formats by a wide variety of emerging tools. A standardized XML encoding for network management and configuration could be used for both persistent storage and interactive management, and could be transported over higher level protocols such as SOAP or SyncML, or directly over lower level protocols like HTTP..." [cache]

  • [July 17, 2002] "Microsoft Warms to SAML." By Cathleen Moore. In InfoWorld (July 17, 2002). "Microsoft revealed plans on Tuesday [2002-07-16] to support an emerging security standard that also forms the technology underpinnings for rival Liberty Alliance's federated identity management specification. In a talk here at the Burton Group Catalyst Conference 2002, Praerit Garg, Microsoft group program manager, detailed the company's vision for federated security, which will in the future include room for SAML (Security Assertion Markup Language). Meanwhile, Liberty Alliance on Monday announced Version 1.0 of its federated identity management specification, which is based on SAML. SAML allows authentication and authorization information to be exchanged among multiple Web access management and security products, according to OASIS (Organization for the Advancement of Structured Information Standards) officials. The specification also addresses secure single sign on, and leverages Web services standards such as XML and SOAP (Simple Object Access Protocol). In addition to its support for X509 certificates and Kerberos, Microsoft will support SAML in the WS-Security paradigm, Garg said. WS-Security is an OASIS security specification backed by Microsoft, IBM, and Verisign. 'WS-Security is a very simple model that lets you carry multiple assertions, SAML and Kerberos,' Garg said. 'It reduces friction.' SAML is just another security token format, Garg said, and WS-Security provides the common envelope to carry multiple tokens... In response to questions from the audience about what took the company so long to embrace SAML, Garg said that last year Microsoft did not really understand what SAML was about. Also, he added that the company wanted to protect existing investments in X509 and Kerberos. Garg added that Microsoft should have participated more actively in the standards development process. With a common SAML-based bridge erected, the gap between Microsoft's identity efforts and the Liberty Alliance may be shrinking. In fact, Microsoft gave its strongest indication yet that it may join forces with the Liberty Alliance..." See details of the Liberty Alliance release in the 2002-07-16 news item "Liberty Alliance Project Publishes Version 1.0 Specifications for Federated Network Identification and Authorization"; on SAML: "Security Assertion Markup Language (SAML)." On the Liberty Alliance, see: "Liberty Alliance Specifications for Federated Network Identification and Authorization."

  • [July 17, 2002] "Datatypes for Document Content Validation." By Martin Bryan (The SGML Centre). July [17], 2002. Draft proposal for DSDL Part 5. "Part 5 of the Document Schema Description Language (DSDL) defines a set of primitive datatypes, a set of DSDL datatypes, a set of commonly required derived datatypes and a method for defining customized datatypes that can be used to validate the contents of specific elements and attributes within DSDL document instances. The specification also includes a set of constraints that can be used to limit the range of primitive datatypes and their derivatives. References: (1) "Document Schema Definition Language (DSDL) Proposed as ISO New Work Item" [announcement 2001-12]; (2) "RELAX NG Published as ISO/IEC DIS 19757-2 (DSDL Part 2)"; (3) DSDL.org web site; (4) "Document Schema Definition Language (DSDL)" [main reference document]

  • [July 17, 2002] "Sun's Java-Liberty Moves Risk Industry Scuffles." By [ComputerWire Staff]. In The Register (July 17, 2002). "A potential dispute is opening over proposed integration of Sun Microsystems Inc-backed web services security specifications with Java, writes Gavin Clarke. Sun is lending support to inclusion of Liberty Alliance Project specifications for federated single sign-in to web services in future versions of the Java platform. Jonathan Schwartz, Sun software group executive vice president, said the goal is to 'Liberty-enable the client and server.' Schwartz spoke as he announced Liberty-enabled Sun directory and network servers yesterday. With specifications embedded in the Java platform technologies like Java 2 Enterprise Edition (J2EE) for example, products like J2EE-based application servers could theoretically ship Liberty-enabled. This would minimize development efforts for ISVs and end-users as developers would not need to add Liberty-compliant APIs to Java products and applications. And with APIs shipping in popular products like application server, Liberty could also achieve pervasiveness virtually overnight. Sun's decision, though, risks re-opening old industry wounds. IBM told Computerwire it will not support addition of Liberty specifications unless they are first passed to an independent standards group, like the Organization for the Advancement of Structured Information Standards (OASIS). IBM -- like Microsoft -- remains a non-Liberty member having promoted the alternative WS-Security model. Bob Sutor, director of e-business standards, said: 'IBM will not support this until the work Liberty does is moved to a real standards organization.' IBM is also concerned at the degree of control Sun wields over the Java Community Process (JCP), a 300-member body that debate