June 2002

• [June 28, 2002] "DSDL Examined." By Leigh Dodds. From XML.com. June 26, 2002. ['In his final column Leigh looks at DSDL, the ISO activity to standardise XML document validation.'] "The core of DSDL will be the Interoperability Framework (Part 1): the glue that binds together the other modules. This week Eric van der Vlist, who is the appointed editor of this section, and Rick Jelliffe have separately produced proposals that aim to explore these kind of framework structures in more detail. The two proposals, neither of which have any formal standing, take very different approaches to the same problem. Van der Vlist's XML Validation Interoperability Framework (XVIF) takes the approach of embedding validation and transformation pipelines within another vocabulary. The specification and online demonstrator both show how this could be achieved by embedding the pipelines within a schema language, but in principle the XVIF is language-neutral so could be embedded within an XSLT transformation for example. XVIF elements just rely on their container to provide the context node on which they will interact. The embedded pipelines may generate other nodes or a simple boolean validation flag. Van der Vlist has produced a prototype that supports using pipelines containing XPath expressions, XSLT transformations, and manipulating content with simple regular expressions, or using Regular Fragmentations. In contrast, Rick Jelliffe's proposal, 'Schemachine' is closer to other pipeline frameworks such as XPipe and Cocoon in that the pipelines are defined by a separate vocabulary. In fact Jelliffe notes that the proposal borrows a lot from XPipe and Schematron in that it has a number of similar elements and structures, e.g., phases. Schemachine divides pipeline elements up into particular roles such as Selectors (e.g., XPath expressions), Tokenizers (e.g., Regular Fragmentations) and Validators (e.g., RELAX NG, Schematron). Jelliffe differentiated XVIF and Schemachine as 'innies and outies'. Technology aside, the important aspect of these proposals is the intent: publicly exploring strawman proposals and implementations to gather feedback before considering standardization. That's a path which seems not only likely to produce viable results, but may actually deliver useful tools that others benefit from in the shorter term..." On DSDL, see: "Document Schema Definition Language (DSDL)." For schema description and references, see "XML Schemas."

• [June 28, 2002] "Cataloging XML Vocabularies." By Eric van der Vlist. From XML.com. June 26, 2002. ['Eric's been thinking how to solve the problem of choosing which XML vocabulary to use. The solution involves crawling the web for XML namespaces, doing which has revealed interesting statistics on namespace use.'] "I've been involved recently in many discussions and projects oriented around a simple and common question: 'how do I create an XML vocabulary?' The formulation was often different -- 'how do I create a namespace?' or 'how do I publish an XML schema?' -- but the central issue was always about what infrastructure to create and which methods should be used to advertise the newly created vocabulary. Choosing a XML vocabulary today is a very challenging task, quite similar to finding a web page before the development of the big search engines. The main difference is that it can be much more harmful to choose a 'wrong' vocabulary than a 'wrong' page. When I need to choose a XML vocabulary, I want first to have a comprehensive list of vocabularies which could meet my needs. Ideally, I would be using a search engine like Google or AltaVista, but unfortunately, there is no specialized search engine for XML vocabularies. To choose between those candidates, I need as much information as possible and a directory such as DMoz or Yahoo would be of great value. Unfortunately, there are lots of 'schema repositories' covering vocabularies developed by a number of disjoint communities, and this really doesn't help in comparing those vocabularies. Furthermore, these repositories often publish the descriptions provided by the authors, which usually lacks the critical touch brought by the DMoz or Yahoo editors. Finally, I find it very difficult to judge the dynamics of a vocabulary: to distinguish between a two years old specification abandoned by its authors whose usage is slowly declining, and a brand new one with a sharply rising market adoption. Statistics such as those provided by the Netcraft surveys would be invaluable for this purpose. If the bad news is that none of the tools I have mentioned are available, the good news is that most, if not all, the information I need is available somewhere on the Web. In what follows I describe a solution to retrieve and present this information..."

• [June 28, 2002] "Enforcing Association Cardinality." By Will Provost. From XML.com. June 26, 2002. ['Our main feature this week is the first in a new, ongoing, series focusing on W3C XML Schema, called "XML Schema Clinic." Will Provost will be examining issues in schema design and XML data modeling. In this first installment, Will discusses using W3C XML Schema to control the cardinality of associations between elements in a document type.'] "If you're like me, XML document design brings out your darker side. We like a schema whose heart is stone -- a schema that's just itching to call a candidate document on the carpet for the slightest nonconformity. None of this any-element-will-do namespace validation for us. We enjoy the dirty work: schemas, we think, are best built to be aggressive in ferreting out the little mistakes in the information set that could later confuse the more sheltered and constructive-minded XML application. In this article, we'll practice a bit of that merciless science. Specifically, we'll look at ways to control the cardinality of associations between XML elements. The basic implementation, which we'll review momentarily, of an association between two types is simple enough but is only sufficient for many-to-one relationships. What if multiple references, or zero references, to an item are unacceptable? What if a referenced item may or may not be present? These variations will require other techniques, and these are essential for the truly draconian schema author. This article will use a simple UML notation to illustrate patterns and examples. Knowledge of both XML Schema 1.0 (Part 1 in particular) and UML is assumed, although in developing our notation we'll have a chance to review a little of both... The Unified Modeling Language (UML) provides a basis for a simple notation which will serve our needs in identifying rudimentary design patterns and in illustrating specific examples. Note that many UML-to-Schema mappings are possible; see the 'XMI Production for XML Schema' specification from the OMG for one much more formal option..." See: (1) "XML Schemas"; (2) "XML Metadata Interchange (XMI)."

• [June 28, 2002] "Variables and Paths." By John E. Simpson. From XML.com. June 26, 2002. ['John Simpson returns with our monthly helping of XML Q&A. In an intruigingly mixed bag of problems John tackles the XSLT chestnut "Can I change the value of a variable?" as well as dealing with stock quotes and generation of valid document trees from DTDs.'] [1] 'Can I change the value of an XSLT variable?' - "Of all the hurdles facing people who're learning XSLT, in my opinion the biggest one is the word "variable" when used in this context. That's because XSLT variables do not vary. Rather, the word signifies that a value is not necessarily known until runtime: it may vary every time a stylesheet is consumed by an XSLT processor in order to perform a transformation. But, once set in a given transformation, the variable's value remains unchanged..." [2] 'How do I extract all possible document paths using just a DTD?' [3] 'Where can I get XML-based currency quotes?'

• [June 28, 2002] "JXTA v1.0 Protocols Specification." Edited by Michael J. Duigou (Project JXTA) for the JXTA Specification Project. IETF Internet-Draft. June 21, 2002; expires: December 20, 2002. Reference: 'draft-duigou-jxta-protocols-00'. 95 pages. "The JXTA protocols defines a suite of six XML-based protocols that standardize the manner in which peers self-organize into peergroups, publish and discover peer resources, communicate, and monitor each other. The Endpoint Routing Protocol (ERP) is the protocol by which a peer can discover a route (sequence of hops) to send a message to another peer potentially traversing firewalls and NATs. The Rendezvous Protocol (RVP) is used for propagating a message within a peergroup. The Peer Resolver Protocol (PRP) is the protocol used to send a generic query to one or more peers, and receive a response (or multiple responses) to the query. The Peer Discovery Protocol (PDP) is used to publish and discover resource advertisements. The Peer Information Protocol (PIP) is the protocol by a which a peer may obtain status information about another peers. The Pipe Binding Protocol (PBP) is the protocol by which a peer can establish a virtual communication channel or pipe between one or more peers. The JXTA protocols permit the establishment a virtual network overlay on top of physical networks allowing peers to directly interact and organize independently of their network location and connectivity. The JXTA protocols have been designed to be easily implemented on unidirectional links and asymmetric transports..." [cache]

• [June 28, 2002] "SOAP Version 1.2 Email Binding." By Highland Mary Mountain (Intel), Jacek Kopecky (Systinet), Stuart Williams (HP), Glen Daniels )Macromedia), and Noah Mendelsohn (IBM). W3C Note 26-June-2002. Version URL: http://www.w3.org/TR/2002/NOTE-soap12-email-20020626. Latest version URL: http://www.w3.org/TR/soap12-email. The document has been published as a "result of the Transport Binding Task Force (TBTF), which is part of the XML Protocol WG. The document is meant to be an illustration of the SOAP 1.2 Protocol Binding Framework applied to a well known Internet transport mechanism, Email, specifically RFC2822... The motivation for this document is to illustrate the SOAP 1.2 Protocol Binding Framework and the creation of an alternative protocol binding specification to the Default HTTP binding. This second binding is meant to validate the Protocol Binding Framework for completeness and usability; note that this document is a non-normative description of an Email Binding. It is not the responsibility of this SOAP binding to mandate a specific email infrastructure, therefore specific email infrastructure protocol commands (such as SMTP, POP3, etc) are not covered in this binding document. The underlying email infrastructure and the associated commands of specific email clients and servers along the message path are outside the scope of this email binding... This SOAP binding specification adheres to the SOAP Protocol Binding Framework, and as such uses abstract properties as a descriptive tool for defining the functionality of certain features. Properties are named with XML qualified names (QNames). Property values are determined by the Schema type of the property, as defined in the specification which introduces the property..." Note in this connection that the W3C XML Protocol Working Group has released four SOAP Version 1.2 Last Call Working Drafts: the Primer, Messaging Framework, Adjuncts, and Assertions and Test Collection. See "Simple Object Access Protocol (SOAP)."

• [June 27, 2002] "Microsoft, IBM Offer WS-Security Specification to OASIS." By Eric Knorr. In ZDNet Tech Update (June 27, 2002). ['Today is a watershed day for Web services.'] "Microsoft, IBM, and VeriSign have submitted WS-Security, a group of Web services security specs first announced last April, to the OASIS standards group. The growing list of all-star players that have already agreed to serve on the OASIS technical committee includes BEA, Cisco, Intel, Iona, Novell, RSA, SAP, and [...] Sun Microsystems. For those who've watched the promise of Web services falter in the face of the often vitriolic Microsoft-Sun rivalry, the news couldn't be more welcome. Bill Smith, Sun's director of Liberty Alliance technology (and a past president of OASIS) sees the decision to submit WS-Security to OASIS as an unmistakable olive branch from Microsoft. 'We were surprised and very pleased that we were approached to participate,' he says. 'You can expect to see us engaged very heavily.' Just as important as the players involved, however, is the decision by Microsoft, IBM, and VeriSign to ensure WS-Security will be royalty-free. Explicitly, no party will be able to collect licensing fees from the use of WS-Security, a stipulation that Smith told me was a prerequisite for Sun's participation. He believes the proposed royalty-free license is 'sufficient in all regards. Had they not done that, we would not have participated.' [...] Bob Sutor, IBM's director of e-business standards strategy downplays the political implications of choosing OASIS, arguing that the standards organization was selected mainly for its history of evangelizing XML directly to business users... Previously, Microsoft and IBM submitted the basic Web services protocols, SOAP and WSDL, to the W3C for approval. Steven VanRoekel, director of Web services technical marketing for Microsoft, is careful to note that 'this is not a departure from the W3C in any way,' contending that the W3C will almost certainly be on the receiving end of other Microsoft standards proposals -- and that OASIS' previous security work simply made it a more appropriate choice this time around. OASIS' foremost security effort has been the Security Assertion Markup Language (SAML), which provides an XML framework for exchanging authentication and authorization credentials. According to Phillip Hallam-Baker, principal scientist for VeriSign, one of the key goals of the technical committee will be to determine exactly how WS-Security and SAML interact. When Hallam-Baker was involved in writing SAML, he says, it was understood another spec would need to spell out the confidentiality and integrity checks required for Web services messages. 'There was kind of a hole in the spec where we said, 'Put WS-Security here,' although we didn't have the name yet.'..."

• [June 27, 2002] "Microsoft Boosts RosettaNet Support." By Carolyn A. April. In InfoWorld (June 27, 2002). "Microsoft on Thursday [2002-06-27] will bolster its support for business-to-business data exchange among high-tech companies when it ships Version 2.0 of its BizTalk Accelerator for RosettaNet. The latest iteration of the product aims to facilitate RosettaNet implementations through an enhanced suite of development and deployment tools and pre-built support for all of the RosettaNet PIPs (Partner Interface Processes), according to Microsoft officials, who plan to announce the product at the Microsoft High Tech Solutions event in Mountain View, Calif. PIPs provide a standard way for partners to securely conduct such transactions as ordering parts or forecasting inventory. The new BizTalk tools let users import new, customized PIPs from trading partners, as well as integrate their own applications and partners into a RosettaNet hub. A new wizard is featured that enables companies to add and deploy new processes created by a trading partner. Microsoft officials said the wizard gives users the ability to more quickly change, update, and test the processes. BizTalk Accelerator for RosettaNet 2.0 also sports support for additional e-business industry standards, including the Chemical Industry Data Exchange (CIDX) and the Petroleum Industry Data Exchange (PIDX). Defined by an e-business standards consortium of the same name, RosettaNet is a set of XML standards to help technology companies exchange data across suppliers, manufacturers, and partners and drive more b-to-b automation. Along with other XML-based e-business standards, RosettaNet is seen as a cheaper, easier alternative to traditional EDI (electronic data interchange) implementations, according to observers. EDI and RosettaNet can co-exist among companies that need to handle both types of transactions..." Details are in the announcement: "BizTalk Accelerator for RosettaNet Version 2.0 Launched At the Microsoft Silicon Valley High-Tech Solutions Launch. New Version Includes Support for All Current PIPs And Improved Suite of Development, Management and Deployment Tools; Broad Adoption by Industry Leaders Including Intel and Others." See "RosettaNet."

• [June 27, 2002] "Sun Switches Gears On Encryption." By Wylie Wong. In CNET News.com (June 27, 2002). "Microsoft, IBM and VeriSign have submitted a security specification for Web services to an industry standards body, a move that has won the backing of an unlikely supporter: Sun Microsystems. WS-Security is a 2-month-old technology that encrypts information and ensures that data passed between companies remains confidential. Its three creators -- Microsoft, IBM and VeriSign -- said Thursday they have submitted the specification to a standards body called the Organization for the Advancement of Structured Information Standards (OASIS). Sun had been devising its own rival Web services security specification, but the royalty-free licensing of WS-Security specifications allayed Sun's concerns, a source familiar with the negotiations said. Sun will now focus all its development work on WS-Security and work with its rivals to improve the specification through the OASIS group, said Bill Smith, Sun's director of Liberty Alliance technology. 'They're taking WS-Security into a recognized, open industry organization, and Web infrastructure on a royalty-free basis is an important thing as well,' Smith said. 'You should expect Sun to actively participate in this forum. We will bring whatever we have that can help fill out WS-Security. This is where (the security work) is being done.' Sun's support of WS-Security alleviates concerns about a possible standards war over Web services security. Proponents of Web services have feared that industry squabbling could derail the much-hyped movement. Every software maker has touted Web services as the future of software because such services allow companies to interact and conduct business via the Internet. But Web services won't work unless the entire tech industry coalesces around a single set of standards. Analysts have said lack of security is the biggest obstacle to the adoption of Web services -- and that WS-Security took a big step in addressing the issue. Besides WS-Security, IBM, Microsoft and VeriSign plan to build five more security specifications in the next year and a half to provide additional security measures that businesses may need for Web services. Although Smith declined comment on it, sources said Sun had been quietly working on its own security specification that was royalty free. Over the past several months, Sun executives had expressed concern that IBM and Microsoft might charge 'tolls' to developers -- in the form of royalties on patents -- for using two existing Web services specifications: the Simple Object Access Protocol (SOAP) and Web Services Description Language (WSDL). Neither Microsoft nor IBM has formally stated a desire to charge royalties on the standards, which are in part based on patents held by them..." See: (1) "Web Services Security Specification (WS-Security)"; (2) the announcement "IBM, Microsoft and VeriSign Submit WS-Security Specification to OASIS for Standardization. Advanced Web Services Security Specification Broadly Supported by Industry."

• [June 27, 2002] "WS-Security Specification Sent to OASIS." By Darryl K. Taft. In eWEEK (June 27, 2002). ['IBM, Microsoft and VeriSign announce they will push their Web services security standard through OASIS.'] "Moving ahead on promises made when they formed the initiative in April, IBM, Microsoft Corp. and VeriSign Inc. Thursday announced that they will submit the latest version of the Web Services Security (WS-Security) specification to the Organization for the Advancement of Structured Information Standards for ongoing development. The WS-Security specification is a leading Web services standards effort to support, integrate and unify multiple security models, mechanisms and technologies, allowing a variety of systems to interoperate in a platform- and language-neutral manner, the companies said. Eric Newcomer, chief technology officer of Iona Technologies Inc., in Waltham, Mass., and a founding member of the working group that will handle the WS-Security standards effort within OASIS, said from his perspective IBM and Microsoft grew 'impatient' with the efforts of the Worldwide Web Consortium (W3C) to deliver a standard around security and Web services... In addition to Iona, many OASIS member companies pledged support for WS-Security, including Baltimore Technologies plc., BEA Systems Inc., Documentum Inc., Entrust Inc., Netegrity Inc., Novell Inc., Oblix Inc., RSA Security Inc., SAP AG, Sun Microsystems Inc., Systinet Corp., Vodafone Group plc. and webMethods Inc... The WS-Security specification, which provides the foundation for that road map, defines a standard set of Simple Object Access Protocol (SOAP) extensions, or message headers, which can be used to implement integrity and confidentiality in Web services applications. Web services are applications that can be accessed through XML and SOAP-based protocols, making them platform- and language-independent. WS-Security provides a foundation layer for secure Web services, laying the groundwork for higher-level facilities such as federation, policy and trust." See: (1) "Web Services Security Specification (WS-Security)"; (2) the announcement "IBM, Microsoft and VeriSign Submit WS-Security Specification to OASIS for Standardization. Advanced Web Services Security Specification Broadly Supported by Industry."

• [June 27, 2002] "Web Services Security Spec Sent to OASIS." By Thor Olavsrud. In InternetNews.com (June 27, 2002). "Aiming to address critical security issues that still hang over Web services, the powerhouse triumvirate of VeriSign, IBM, and Microsoft Thursday submitted their Web Services Security (WS-Security) specification to the OASIS standards body. Analysts have long considered security one of the missing pieces hampering the adoption of Web services technologies, which allow the rapid integration of disparate platforms and legacy systems, applications and information. Even more tantalizing is the possibility of supply chain integration by tying together the systems of partners, customers and suppliers. But before that can happen on a large scale, the security issues must be addressed. WS-Security defines a set of SOAP (define) extensions which can be used to implement integrity and confidentiality in Web services applications, laying the groundwork for higher-level facilities like federation, policy and trust. The three companies are making the specification available royalty-free, and even Sun Microsystems, which has been opposing IBM and Microsoft by backing the development of rival specifications, threw its support behind the WS-Security specification and said it would participate in the OASIS development effort..."

• [June 27, 2002] "Combining UDDI and DNS: A Step Towards a Better E-Commerce?" By Anders Rundgren (OBI Express Project Manager). White paper. June 2002. ['The paper describes how OBI Express' Web Service Discovery functions augmented by DNS, contribute to the creation of a convenient, robust, and secure peer-to-peer-based computing environment for business-to-business applications. Or P2P4B2B as we sometimes call this. A similar solution where DNS and Web Service Discovery are used to create a better user experience, and richer functionality, is featured in an enhanced version of VISA's 3D Secure payment system, tentatively called .PAY (pronounced dot-pay). This should be regarded as input to UDDI V3, currently in development.'] "The following is a spin-off from our work with OBI Express, a secure, plug-and-play, Web Services-based, B2B e-commerce standard in development. The adoption of public UDDI-registers have so far been rather limited, indicating that maybe the UDDI-model itself needs some 'adjustments' to ever become mainstream. One weakness seems to be the mixing of 'Yellow Pages' (YP) type of information that is relatively uncritical, with 'e-business interface descriptions' (a.k.a. 'Green Pages') as the latter most likely need frequent and secure updates to work, which is hard to achieve on a global scale using a centralized approach. Although replication can reduce some of the technical problems, the business case for running commercial subordinate UDDI-nodes remains unclear. By splitting registry responsibilities as described below, you get a considerably more scalable model, both technically and business-wise. Another issue is that DNS, rather than UDDI, is probably the most natural 'placeholder' for organizations' e-business interfaces, now, as well as in the future. Therefore we suggest that YP-registers (that do not have to use UDDI) either keep URLs, or (to achieve highest possible 'information robustness'), keep DNS-names to locally maintained and directly accessed repositories containing the actual interface definitions. By eliminating replication, you limit both errors and security issues. It is true that DNS uses replication, but this replication has a more limited scope than required by UDDI..." See: "Universal Description, Discovery, and Integration (UDDI)."

• [June 26, 2002] "Sun, Others Propose New Web Services Standard." By Matt Berger. In InfoWorld (June 26, 2002). "Sun Microsystems and a group of software vendors are proposing to add another standard to the recipe for building Web services. On Wednesday, the companies detailed a specification that would allow developers to "choreograph" events and transactions that take place between computers when applications and services are accessed over the Internet. The specification is called the Web Service Choreography Interface (WSCI), and it is designed to work with Web services based on the standard data format XML (Extensible Markup Language). Joining Sun in drafting and publishing the specification are software makers SAP, BEA Systems and Intalio. For Web services that make use of several existing Web-based applications, the specification aims to define a standard way for developers to describe which actions must occur and in what order they must take place, so that the Web service they are building can process information in an orderly manner, said Karsten Riemer, an XML architect with Sun. For example, a Web site where users can book airline tickets online might require an application that combines existing Web services for various tasks, such as determining whether the user is a member of a frequent flier program, figuring out which airlines fly to the destination being requested, and checking that the user has sufficient funds in his or her bank account to purchase the ticket..." See: (1) the announcement: "BEA, Intalio, SAP, Sun Publish Web Services Choreography Interface, Take Web Services Collaboration to New Level. New XML-Based Specification Helps Developers Build Web Services for Open Application to Application Collaboration."; (2) the reference page "Web Service Choreography Interface (WSCI)."

• [June 26, 2002] "BizTalk Accelerator for RosettaNet 2 Ships." By Renee Boucher Ferguson. In eWEEK (June 26, 2002). "Working hard to garner further industry support for RosettaNet, Microsoft Corp., with the Gartner Group, a research firm out of Boston, Mass., surveyed 18,000 suppliers to find out what some of their basic needs are in moving forward with a RosettaNet implementation. The results are wrapped into Microsoft's BizTalk Accelerator for RosettaNet 2.0, to be released tomorrow. Three main design goals emerged from the survey. It turns out suppliers are looking for speed in implementing a standards-based solution, flexibility of change management, and complete support for the standard -- in this case RosettaNet -- according to Microsoft officials. In regard to rapid deployment, Microsoft added a Wizard user interface that allows users to quickly set up new partner relationships and PIPs [partner interface processes] as defined by RosettaNet. Likewise, if a customer or partner modifies or customizes a PIP, the user can deploy the new PIP through the wizard-based UI, according to officials. For more flexible change management, a RosettaNet Console is included in the second iteration, which allows a user to manage trading partnerships, again using a Wizard-based UI. In response to the supplier's need for fuller support of the standard, Microsoft now supports each of the 77 PIPs defined by RosettaNet. It also added support for CIDX [Chemical Industry Data Exchange] and PIDX, the petroleum industry data exchange. Both industries are working hard to utilize RosettaNet in their business-to-business transactions. However, like others in the high-tech manufacturing space for which RosettaNet was originally formed, getting partners to use the XML-based business process standard proves often to be an expensive and difficult undertaking..." See "RosettaNet."

• [June 26, 2002] "Sun, BEA, Others Publish New Web Services Specification. Sun to Offer Free Tool Around WSCI." By Elizabeth Montalbano. In Computer Reseller News (June 26, 2002). ['Several industry vendors Wednesday unveiled a new XML-based specification to facilitate Web services interoperability.'] "Sun Microsystems, BEA Systems, Intalio and SAP have made the new spec, Web Service Choreography Interface (WSCI), available for review on their Web sites, said Susy Struble, manager of XML industry initiatives at Sun. To help solution providers and developers become familiar with WSCI, Sun will release a new tool, the Sun ONE Web Service Choreography Interface Editor, on its Web site Friday for free download, she added. Karsten Riemer, a Sun XML architect, said WSCI picks up where WSDL leaves off in describing what a Web service does. For instance, WSDL will describe the functions of a particular service, but not how those functions relation to each other, said Riemer. 'WSCI describes all the relationships between all the things you can do [with a Web service],' said Riemer. 'It's the sequence of steps, the glue around individual WSDL operations.' Struble said Sun and the companies that developed WSCI hope to submit the spec to a standards body such as the W3C once companies have had a chance to review WSCI... Struble said Sun is 'pleased to be taking a leadership' role in promoting Web services interoperability with the WSCI spec. She would not comment on whether the spec would become a part of the blueprints WS-I is developing to promote interoperability..." See (1) the announcement: "BEA, Intalio, SAP, Sun Publish Web Services Choreography Interface, Take Web Services Collaboration to New Level. New XML-Based Specification Helps Developers Build Web Services for Open Application to Application Collaboration."; (2) the reference page "Web Service Choreography Interface (WSCI)."

• [June 26, 2002] "SAN Management Using CIM and WBEM." By Steve Jerman and John Crandall. In InfoStor Volume 6, Number 6 (June 2002), pages 22-24. ['Two standards may alleviate management headaches for both end users and management software developers.'] "Today, a SAN (storage area network) administrator may have a SAN network management tool, storage resource management (SRM) software, and multiple device-specific management tools. All of these tools have various management interfaces (SNMP, Fibre Channel Services, vendor-specific APIs, etc.), resulting in multiple vendors replicating development work and potentially providing inconsistent and incomplete information to SAN administrators. A promising solution to this problem is an interoperable, open environment for storage management based on the Web-Based Enterprise Management (WBEM) standard and the Common Information Model (CIM), both of which were developed by the Distributed Management Task Force (DMTF). WBEM ('webem') is a set of standards developed to unify the management of enterprise computing environments. The DMTF has developed a core set of standards that make up WBEM, including a data model, the CIM standard, an encoding specification using XML, and a transport mechanism using HTTP. The Storage Networking Industry Association (SNIA) has decided to use WBEM as the basis for a standard SAN management interface. The organization has worked with the DMTF to define the necessary modeling extensions to manage a SAN and all of the storage devices in it WBEM is an XML-based management interface using CIM. WBEM consists of three elements: [1] An object model (CIM); [2] An XML encoding specification (xmlCIM), which is written in Document Type Definition (DTD); xmlCIM defines XML elements representing CIM classes and instances; and [3] A transport mechanism, (CIM Operations over HTTP), which describes how to access a CIM model using xmlCIM over HTTP... Today, the SAN management model includes: Device discovery, Topology, Device configuration, Device statistics, Zoning configuration, Asset management, and Software management... The SNIA (Storage Networking Industry Association) believes WBEM is a key technology for SAN management. Designed for heterogeneous SAN and storage management, leveraging existing technologies such as XML and HTTP, WBEM can evolve as new transports and protocols come along..." Note in this connection the proposal for an OASIS Management Protocol Technical Committee which would produce a Management Protocol Specification by June 2003; "the proposed initial scope of this committee will be to develop open industry standard management protocols to provide a web-based mechanism to monitor and control managed elements in a distributed environment based on industry accepted management models, methods, and operations, including, OMI, XML, SOAP, DMTF CIM, and DMTF CIM Operations..." See "DMTF Common Information Model (CIM)."

• [June 26, 2002] "The Web's Future Passkey." By Lawrence M. Walsh. In Information Security Magazine (June 2002). ['SAML supporters say the standard could provide ubiquitous, transparent Web authorization.'] "Baltimore Technologies recently designed its security management suite, SelectAccess 5.0, as an XML-based application to leverage its access control functions for the emerging world of Web services. A key element of SelectAccess is the Security Assertion Markup Language (SAML), a relatively new standard that's rapidly becoming the de facto means for exchanging user credentials between trusted environments... Developed by the Organization for the Advancement of Structured Information Standards, SAML could be the success story for the next generation of online computing. As Web services and trusted online relationships continue to evolve, many see SAML as the mechanism that will bring single sign-on (SSO) to B2B and B2C environments... SAML's infrastructure is rather simple. To make it work, a Web-based network must have a SAML server deployed on its perimeter. The server sits alongside the Web server and interacts with its back-end access control database. Once a user authenticates to the site, the SAML server will transparently transmit his credentials to every partner site. The SAML server on the other end will automatically accept him as being a trusted user... Given the extent of a partner community, users can transparently pass from site to site without ever touching an access control or authorization mechanism. This transparency, developers believe, will facilitate greater use of online services and information sharing, since users won't have to remember and enter a myriad of authentication information... Granting trust between SAML servers isn't done blindly. SAML doesn't grant users access, say how they should be authenticated or enable automated provisioning for new services. Essentially, it's nothing more than an exchange of information between trusted, known parties. That's where things get a little tricky. While an enabled SAML system will create transparent exchanges of authorization information, the establishment of those trusted relationships must still be done out of band... SAML typically uses digital certificates to authenticate servers to one another--preventing a rogue SAML server from spoofing access rights--and encrypts all data passed between networks. However, the standard doesn't authenticate users; rather, it relies on existing access control and authentication solutions. It also does nothing to protect user identification information stored locally. All of this means partner sites must develop mutual requirements for user authentication and data protection... In addition to Baltimore, other security vendors are incorporating SAML in their products. Waveset and Netegrity are each integrating SAML in their access control products, and Netegrity has already released a toolkit for making existing SiteMinder applications SAML-compliant..." See: (1) "Security Assertion Markup Language (SAML)"; (2) Burton Catalyst Conference 2002 ['Day Two examines industry support for the Security Assertions Markup Language (SAML), Microsoft's proposal to apply Kerberos to the security federation problem, and whether PKI is ready to deliver on its promise of an interoperable public trust network.']

• [June 26, 2002] OpenTravel Alliance 2002A Message Specification. Public Review Draft 3. OpenTravel Alliance, Inc. Prepared in partnership with Data Interchange Standards Association (DISA). 21-June-2002. 23 pages. The OpenTravel Alliance 2002A Message Specification overview presents "a brief description of the OTA 2002A Specification RQ/RS message pairs. For a more detailed definition of the messages, one should refer to the OTA XML Schema Definition files (XSDs). Major contents: Section 1 - The Air Working Group; Section 2 - The Car Working Group; Section 3 - The Hotel Working Group; Section 4 - Package Tour Messages; Section 5 - Golf Messages ; Section 6 - Travel Insurance Messages. Mapping documents that demonstrate the changes between 2001B and 2002A messages for the Car Working Group, Hotel Working Group, Package Tour Messages, and Golf Messages will accompany this final specification." See the news item of 2002-06-26 "OpenTravel Alliance XML Specification Supports Multiple Travel Verticals." [cache]

• [June 26, 2002] "Is the JCP Adequately Preparing Java for Web Services? A look at the recently released and forthcoming Web services APIs." By Jennifer Orr. In JavaWorld Magazine (June 21, 2002). ['The official release of the newest Java Web Services Developer Pack introduces the Java API for XML Registries and Java API for XML Remote Procedure Call, recently approved through the Java Community Process. The JCP is currently reviewing additional Web services APIs that should prove important to Java Web services development. In this article, Jennifer Orr spotlights the latest Web services technologies and examines how the JCP is responding to Web services.'] "In April 2002, the JCP released the final JAXR version, which gives developers an API for building Web services that interact with standard XML registry specifications, including the two dominant registries: Universal, Description, Discovery, and Integration (UDDI) and ebXML. Regardless of whether a service has been published in a UDDI registry or an ebXML registry, with JAXR, a Web service can discover that service and publish its own services to either registry...Peter Kacandes, senior product manager for Java XML APIs in the Java software products division at Sun praises JAXR for helping developers work more efficiently. 'You learn JAXR and now you have full access to the full range of both the ebXML standard and UDDI spec,' he says. 'With IBM's UDDI4J, for example, programmers have to learn the UDDI4J API, and when they want to use ebXML, they'd have to use some other specific API.' This ability to leverage multiple underlying standards with one API makes developers more efficient says Sun. JAX-RPC, just finalized in June, features similar capabilities. JAX-RPC allows developers to build Web applications that incorporate XML-based RPC (remote procedure call). The RPC mechanism lets a client communicate a remote procedure call to a server. JAX-RPC uses the Web services standards SOAP (Simple Object Access Protocol), WSDL (Web Services Description Language), and XML Schema, and defines how to develop and deploy portable and interoperable Web services with Java..."

• [June 25, 2002] "IBM to Sharpen Web Services Toolkit." By Ed Scannell. In InfoWorld (June 25, 2002). "IBM on Wednesday [2002-06-26] is expected to roll out a spruced-up version of its WebSphere Software Developer Toolkit for Web Services that contains a UDDI (Universal Description, Discovery, and Integration) repository, the latest APIs for XML, and a built-in database upon which developers can host applications and Web services. One aim of this latest version, which is a follow-up to IBM's first Web services toolkit just more than a year ago, is to hasten the adoption of Java-based Web services among developers in both the Windows and Linux communities... The new version weaves together both tools and core runtime infrastructure that most developers need to design, build, and test Java-based Web services, said Hebner. The resulting services can be deployed to any open Web services platform, he said... In related news IBM will announce on Wednesday that it is contributing two Web services technologies to the Apache Software Foundation in hopes of advancing the adoption of Web services in the open-source world. The first is called the WSIF (Web Services Invocation Framework), a technology for invoking services that are compliant with the WSDL (Web Services Description Language) across a number of different network protocols including SOAP (Simple Object Access Protocol), JMS, and RMI (Remote Methods and Invocation). The second is called the WSIL4J (Web Service Inspection Language for Java), which will allow Java programmers to both access and process Web Services Inspection Language documents on a Web site. Co-developed by IBM and Microsoft, the WS-Inspection specification defines how an application can examine a Web site for those Web services that are available. It is intended to be a complement to UDDI global directory technology by helping discover services on Web sites that are not listed in the UDDI registries... While he declined to say specifically when, Hebner said future versions of the Web services toolkit will integrate new Web services features and functions that support the WS-I's (Web Services Interoperability Organization's) upcoming reference profiles and scenarios. WSIF and WSIL4J have both been open-sourced through the Apache Software License." Both technologies can be downloaded; see WSIF. See: (1) "Universal Description, Discovery, and Integration (UDDI)"; (2) "IBM alphaWorks Releases Web Services Invocation Framework (WSIF)."

• [June 25, 2002] "Efficient Filtering of XML Documents with XPath Expressions." By Chee-Yong Chan, Pascal Felber, Minos Garofalakis, and Rajeev Rastogi (Bell Laboratories, Lucent Technologies). Pages 235-244 (with 19 references) in Proceedings of IEEE ICDE 2002 [18th International Conference on Data Engineering], San Jose, California, February 2002. "We propose a novel index structure, termed XTrie, that supports the efficient filtering of XML documents based on XPath expressions. Our XTrie index structure offers several novel features that make it especially attractive for large scale publish/subscribe systems. First, XTrie is designed to support effective filtering based on complex XPath expressions (as opposed to simple, single-path specifications). Second, our XTrie structure and algorithms are designed to support both ordered and unordered matching of XML data. Third, by indexing on sequences of element names organized in a trie structure and using a sophisticated matching algorithm, XTrie is able to both reduce the number of unnecessary index probes as well as avoid redundant matchings, thereby providing extremely efficient filtering. Our experimental results over a wide range of XML document and XPath expression workloads demonstrate that our XTrie index structure outperforms earlier approaches by wide margins... Indexing on a carefully-selected set of substrings (rather than individual element names) in the XPEs [XPath expressions] is a key ingredient of our approach that enables us to minimize both the number and the cost of the required index probes. The key intuition here is that a sequence of element names has a lower probability (compared to a single element name) of matching in an input document, resulting in fewer index probes. In addition, since there are fewer indexed XPEs associated with a 'longer' substring key, each index probe is likely to be less expensive as well. To support online filtering of streaming XML data, our XTrie indexing scheme is based on the event-based SAX parsing interface, to implement XML data filtering as the XML document is parsed. This is in contrast to the alternative DOM parsing interface, which requires a mainmemory representation of the XML data tree to be built before filtering can commence. To the best of our knowledge, the only other SAX-based index structure for the XPE retrieval problem is Altinel and Franklin's XFilter ['Efficient Filtering of XML Documents for Selective Dissemination of Information,' VLDB 2000], which relies on indexing the XPE element names using a hashtable structure. By indexing on substrings rather than individual element names, our XTrie index provides a much more effective indexing mechanism than XFilter. A further limitation of XFilter is that its space requirement can grow to a very large size as an input document is parsed, which can also increase the filtering time significantly. Our experimental results over a wide range of XML document and XPath expression workloads validate our claims, demonstrating that our XTrie index structure significantly outperforms XFilter (by factors of up to 4)...[source PS.gz, slides]

• [June 24, 2002] "UBL and Web Services." By Matthew Gertner. In XML Journal Volume 3, Issue 6 (June 2002). "In this article we examine the question of standardizing Web service semantics... The challenge of representing all but the most trivial Web service semantics in a machine-readable way was well exposed last fall in an article by Clay Shirky. Existing Web service standards, specifically SOAP, WSDL, and UDDI, provide little more than a way for applications to invoke a Web service once they already know what its interface looks like. This is all very well for Web services whose purpose is sufficiently transparent, but it's exactly these services that are the least interesting. After all, we're talking about revolutionizing computing...By far the most comprehensive effort was launched last year under the name Universal Business Language. Structured first as an independent group, UBL was formally accepted as an OASIS Technical Committee last October. UBL brings to the table a number of strengths, including experienced and proven leadership, broad industry and vendor support, and a solid technical foundation. UBL takes as its starting point xCBL, widely accepted as one of the most comprehensive XML-based business libraries. UBL's Library Content subcommittee has been entrusted with the task of harmonizing xCBL with the fruits of EDI's Joint Core Components initative and with other business libraries, including vocabularies for industry verticals. Official liaisons have been appointed to UBL from several vertical standards organizations to ensure that the basic UBL business documents will work across multiple industries. At the same time, UBL's technical subcommittees are specifying the nuts and bolts that will underpin the document library. These include tricky but important decisions about which schema features to use and how to name tags in a clear, concise, and consistent manner. The ebXML context extension methodology is also being adopted and improved in order to produce an automated procedure for creating extended schemas (e.g., for a specific industry, region, or company) that interoperate with the base schemas in the document library. A first version of the UBL document library is scheduled to be completed 12 months into the effort (a draft of the first schema, for Purchase Order, has recently been released). The context extension methodology will be released approximately one year later - sooner if it turns out that this work can be performed in parallel with the creation of the document library... By defining what in essence are the basic interfaces for a complete set of business processes, the UBL effort will have huge implications for Web services. Consider, for example, a Web service for online payment. The core functionality of this service is to receive invoices, create payment request documents based on these invoices, and settle the payment through a bank payment gateway. The defining principle of Web services is that a service of this type should be able to interact in a plug-and-play manner with other Web services, and that it should be replaceable by any other Web service targeting the same functionality. Without UBL this goal isn't achievable because the exact formats of the invoice and payment documents would have to be determined by the implementer of the system, so they wouldn't be interoperable with Web services from other vendors. UBL solves this problem by providing standard formats for the invoice and payment documents. Any Web service that produces an invoice (a billing service, for example) can thus interface with the payment service. By using the context methodology, subtle differences in invoice and payment formats can be handled without invalidating the overall approach. In addition, the payment service can be swapped for another one, perhaps with some advantages, such as better terms, higher availability, or interfaces to more banks..." See: "Universal Business Language (UBL)."

• [June 24, 2002] "Mapping XML and Relational Schemas with Clio." By Lucian Popa, Mauricio A. Hernández, Yannis Velegrakis, Renée J. Miller, Felix Naumann, and Howard Ho. In Proceedings 18th International Conference on Data Engineering (ICDE) [San Jose, CA, USA; February 26, 2002 - March 1, 2002] "Merging and coalescing data from multiple and diverse sources into different data formats continues to be an important problem in modern information systems. Schema matching (the process of matching elements of a source schema with elements of a target schema) and schema mapping (the process of creating a query that maps between two disparate schemas) are at the heart of data integration systems. We demonstrate Clio, a semi-automatic schema mapping tool developed at the IBM Almaden Research Center. In this paper, we showcase Clio's mapping engine which allows mapping to and from relational and XML schemas, and takes advantage of data constraints in order to preserve data associations." See the news item 2002-06-24 "IBM Clio Tool Supports Mapping Between Relational Data and XML Schemas."

• [June 24, 2002] "A Better XML Parser Through Functional Programming." By Oleg Kiselyov (Software Engineering, Naval Postgraduate School). Presented at the Fourth International Symposium on Practical Aspects of Declarative Languages (PADL 2002). 49 pages (slides). Also == pages 209-224 (with 14 references) in the Proceedings, edited by S. Krishnamurthi (Lecture Notes in Computer Science, Number 2257. Berlin: Springer-Verlag). "This paper demonstrates how a higher-level, declarative view of XML parsing as folding over XML documents has helped to design and implement a better XML parser. By better we mean a full-featured, algorithmically optimal, pure-functional parser, which can act as a stream processor. By better we mean an efficient SAX parser that is easy to use, a parser that does not burden an application with the maintenance of a global state across several callbacks, a parser that eliminates classes of possible application errors. This paper describes such better XML parser, SSAX. We demonstrate that SSAX is a better parser by comparing it with several XML parsers written in various (functional) languages, as well as with the reference XML parser Expat. In the experience of the author the declarative approach has greatly helped in the development of SSAX. We argue that the more expressive, reliable and easier to use application interface is the outcome of implementing the parsing engine as an enhanced tree fold combinator, which fully captures the control pattern of the depth-first tree traversal." [See also SSAX and SXML at Sourceforge: "A SSAX functional XML parsing framework consists of a DOM/SXML parser, a SAX parser, and a supporting library of lexing and parsing procedures. The procedures in the package can be used separately to tokenize or parse various pieces of XML documents. The framework supports XML Namespaces, character, internal and external parsed entities, attribute value normalization, processing instructions and CDATA sections. The package includes a semi-validating SXML parser : a DOM-mode parser that is an instantiation of a SAX parser (called SSAX). SSAX is a full-featured, algorithmically optimal, pure-functional parser, which can act as a stream processor. SSAX is an efficient SAX parser that is easy to use . SSAX minimizes the amount of application-specific state that has to be shared among user-supplied event handlers. SSAX makes the maintenance of an application-specific element stack unnecessary, which eliminates several classes of common bugs. SSAX is written in a pure-functional subset of Scheme. Therefore, the event handlers are referentially transparent, which makes them easier for a programmer to write and to reason about..."] Source PS.gz.

• [June 24, 2002] "Patently Absurd." By Gary L. Reback. In Forbes ASAP (June 24, 2002). ['Patents are no longer invention stimulants, but have become widely abused revenue-generating vehicles. The U.S. Patent and Trademark Office (USPTO) has aided those who abuse the system by allowing anyone to get a patent for almost anything.'] "Too many patents are just as bad for society as too few. There are those who view the patent system as the seedbed of capitalism -- the place where ideas and new technologies are nurtured. This is a romantic myth. In reality, patents are enormously powerful competitive weapons that are proliferating dangerously, and the U.S. Patent and Trademark Office (USPTO) has all the trappings of a revenue-driven, institutionalized arms merchant. My own introduction to the realities of the patent system came in the 1980s, when my client, Sun Microsystems -- then a small company -- was accused by IBM of patent infringement. Threatening a massive lawsuit, IBM demanded a meeting to present its claims. Fourteen IBM lawyers and their assistants, all clad in the requisite dark blue suits, crowded into the largest conference room Sun had. The chief blue suit orchestrated the presentation of the seven patents IBM claimed were infringed, the most prominent of which was IBM's notorious 'fat lines' patent: To turn a thin line on a computer screen into a broad line, you go up and down an equal distance from the ends of the thin line and then connect the four points. You probably learned this technique for turning a line into a rectangle in seventh-grade geometry, and, doubtless, you believe it was devised by Euclid or some such 3,000-year-old thinker. Not according to the examiners of the USPTO, who awarded IBM a patent on the process. After IBM's presentation, our turn came. As the Big Blue crew looked on (without a flicker of emotion), my colleagues -- all of whom had both engineering and law degrees -- took to the whiteboard with markers, methodically illustrating, dissecting, and demolishing IBM's claims. We used phrases like: 'You must be kidding,' and 'You ought to be ashamed.' But the IBM team showed no emotion, save outright indifference. Confidently, we proclaimed our conclusion: Only one of the seven IBM patents would be deemed valid by a court, and no rational court would find that Sun's technology infringed even that one. An awkward silence ensued. The blue suits did not even confer among themselves. They just sat there, stonelike. Finally, the chief suit responded. 'OK,' he said, 'maybe you don't infringe these seven patents. But we have 10,000 U.S. patents. Do you really want us to go back to Armonk [IBM headquarters in New York] and find seven patents you do infringe? Or do you want to make this easy and just pay us $20 million?' After a modest bit of negotiation, Sun cut IBM a check, and the blue suits went to the next company on their hit list. In corporate America, this type of shakedown is repeated weekly. The patent as stimulant to invention has long since given way to the patent as blunt instrument for establishing an innovation stranglehold. Sometimes the antagonist is a large corporation, short on revenue-generating products but long on royalty-generating patents. On other occasions, an opportunistic 'entrepreneur' who only produces patent applications uses the system's overly broad and undisciplined patent grant to shake down a potential competitor...' Note: While IBM's name appears here as 'threatening a massive lawsuit,' I understand that any number or large companies could be named in this slot: Reback's argument is not against any one company, but against all companies that (ab)use the US patent system in this way. See related articles in Forbes: (1) "The Smother of Invention" and (2) "Search 500,000 Documents, Review 160,000 Pages in 20 Hours, and Then Do It All Over Again. The detailed life of a patent examiner." References: "Patents and Open Standards."

• [June 24, 2002] "VoiceXML and the Future of SALT. [Voice Data Convergence.]" By Jonathan Eisenzopf. In Business Communications Review (May 2002), pages 54-59. ['Jonathan Eisenzopf is a member of the Ferrum Group, LLC, which provides consulting and training services to companies that are in the process of evaluating, selecting or implementing VoiceXML speech solutions.'] "The past year has been eventful for VoiceXML, the standard that application developers and service providers have been promoting for the delivery of Web-based content over voice networks. Many recent developments have been positive, as continued improvements in speech-recognition technology make voice-based interfaces more and more appealing. Established vendors are now validating VoiceXML, adding it to their products and creating new products around the technology. For many enterprises, this means that the next time there's a system upgrade, VoiceXML may be an option. For example, InterVoice-Brite customers soon will be able to add VoiceXML access to their IVR platform, which would provide callers with access to Web applications and enterprise databases... The introduction of SALT as an alternative to VoiceXML for multi-modal applications will present alternatives for customers who are not focusing exclusively on the telephone interface. However, VoiceXML is likely to be the dominant standard for next-generation IVR systems, at least until Microsoft and the SALT Forum members begin to offer product visions and complete solution sets..." See: (1) "Speech Application Language Tags (SALT)"; (2) "VoiceXML Forum."

• [June 24, 2002] "UDDI and LDAP: A Perfect Fit?" By Richard Karpinski. In InternetWeek (June 20, 2002). "As rapidly as some Web services protocols, such as Simple Object Access Protocol (SOAP), have taken hold, others, perhaps most notably Universal Description, Discovery and Integration (UDDI), have met with less success. Most experts still believe that UDDI will ultimately play a key role in the adoption of Web services. It's best described by its own white pages/yellow pages metaphors. At its core, UDDI provides a place for businesses to describe and register -- and for other companies to discover -- the Web services interfaces they are making available to the world. UDDI has been anything but a slam-dunk thus far. The technology hasn't been as flexible as many developers would like. And participation in public UDDI registries as been low. But it's still early in the game. Many early UDDI server implementations were solely for proof-of-concept. Also, many early servers were public deployments, while much of the early work with Web services turned out not to be over the public Internet but behind corporate firewalls. In the end, UDDI isn't strictly necessary to do SOAP-based Web services. But if such architectures are to scale, developers need a place to register their services so they can be easily found and consumed. Ultimately, criticizing early UDDI specifications and deployment efforts was beside the point -- the technology won't really be needed until Web services take firm hold on the enterprise landscape. Despite its early flaws, UDDI is making progress. The current, 2.0 version of the specification, by most accounts, was a major step forward from the initial standard, adding support for so-called multiple entities that made it much easier for businesses to actually map their organizations and workflows to the repository. Market-watchers expect additional steps forward this summer with the release of version 3.0 of UDDI. Yet even more significantly, vendors are beginning to bring UDDI more into the enterprise mainstream. For instance, the past few weeks have seen growing amounts of activity around mapping UDDI repositories into Lightweight Directory Access Protocol (LDAP) directories, which in their own right have emerged as a key enabling e-business technology. Security is already emerging as a key stumbling block for Web services deployments; existing LDAP-based authorization and access schemes can help jump-start those efforts, [Nathan] Owen said... Despite the early hurdles UDDI has faced, developers still believe in the technology, according to a study released this week. According to a poll of developers by Flashline, a provider of software reuse solutions, 55 percent of respondents are currently evaluating internal or external UDDI registries, while 11 percent are already using a UDDI registry to organize access to Web services..." See: "Universal Description, Discovery, and Integration (UDDI)."

• [June 24, 2002] "Systinet Upgrades Web Services Suite." By Paul Krill. In InfoWorld (June 24, 2002). "Systinet on Monday [2002-06-24] plans to release Version 4.0 of WASP (Web Applications and Services Platform), its suite of products for building and managing Web services that features improvements in areas such as security and performance. A new pricing structure also is being detailed that enables developers to build test applications for free. The platform consists of the WASP Developer development tool; UDDI, a registry for registering Web services in a UDDI (Universal Description, Discovery, and Integration) directory; and Server, a Web services platform available in versions for Java or C++ programming. Systinet has improved security in WASP, offering support for the HTTP Basic and HTTP Digest mechanisms for authentication and encryption. Previous versions of the product supported just SSL (Secure Sockets Layer) security. 'SSL allows you to encrypt a message, but it doesn't give you a mechanism to find out who the [user] is,' said Systinet CTO Anne Thomas Manes. Systinet also is adding a browser-based Web services management console to monitor applications and meter service requests. Performance and scalability have been improved through optimization of the WASP XML processing system, to remove limits to the number of concurrent users.. Systinet also has enhanced capabilities for interoperability with Microsoft .Net, making it easier to use .Net as a client to WASP or vice-versa. Previously, a lot of custom coding was required for this..."

• [June 24, 2002] "ebXML: The Missing Ingredient for Web Services?" By Klaus-Dieter Naujok. From Web Services Journal (July 2002). "Web Services have the potential to transform eBusiness into a plug-and-play affair. Not only will Web Services simplify how businesses will interconnect, they will also enable businesses to find each other. One reason for the increased interest in Web Services is the promise of interoperability, in the same way that Web pages can be accessed from anywhere on the Internet. However, complex standards are needed to achieve true interoperability, not only at the messaging and transport layer, but also at the business (application) layer. The success of Web Services will depend on how easily businesses will be able to engage interoperability at all levels. There are many efforts in standardizing Web Services, but none of them provide the required features for eBusiness transactions. Web Service standards only address the infrastructure side. This is where ebXML can provide the standards for interoperability at the business layer, making it the standard solution for Web Business Services. In other words, ebXML is the missing ingredient for Web Services..." See other resources on ebXML and UN/CEFACT from the Klaus' Korner.

• [June 24, 2002] "FTC Issues Complaint Against Rambus, Inc. Deception of Standard-Setting Organization Violated Federal Law." From the US Federal Trade Commission. (June 19, 2002). "The Federal Trade Commission has charged Rambus, Inc., based in Los Altos, California, with violating federal antitrust laws by deliberately engaging in a pattern of anticompetitive acts and practices that served to deceive an industry-wide standard-setting organization, resulting in adverse effects on competition and consumers... According to the FTC's complaint, Rambus participated in JEDEC's SDRAM-related work for more than four years without ever making it known to JEDEC or its members that Rambus was actively working to develop, and did in fact possess, a patent and several pending patent applications that involved specific technologies proposed for, and ultimately adopted in, the relevant standards. By allegedly concealing this information, in violation of JEDEC's operating rules and procedures, and through other alleged bad-faith, deceptive conduct, the complaint charges that Rambus purposefully sought to, and did, convey to JEDEC the materially false and misleading impression that it had no relevant intellectual property rights. Specifically, the complaint alleges that 'Rambus's very participation in JEDEC, coupled with its failure to make required patent-related disclosures, conveyed a materially false and misleading impression - namely, that JEDEC, by incorporating into its SDRAM standards technologies openly discussed and considered during Rambus's tenure in the organization, was not at risk of adopting standards that Rambus could later claim to infringe upon its patents.' In developing standards for use throughout the semiconductor industry, JEDEC has endeavored to promote free competition among industry participants. As the FTC's complaint notes, one of JEDEC's 'basic' rules is that standardization programs conducted by the organization 'shall not be proposed for or indirectly result in -- restricting competition, giving a competitive advantage to any manufacturer, [or] excluding competitors from the market.' The complaint notes that 'JEDEC also has maintained a commitment to avoid, where possible, the incorporation of patented technologies into its published standards, or at a minimum to ensure that such technologies, if incorporated, will be available to be licensed on royalty-free or otherwise reasonable and non-discriminatory terms.' 'Toward this end,' the complaint states, 'JEDEC has implemented procedures designed to ensure that members disclose any patents, or pending patent applications, involving the standard-setting work being undertaken by the organization.'..." See additional references in "Patents and Open Standards."

• [June 22, 2002] "XMILE: An XML Based Approach for Incremental Code Mobility and Update." By Cecilia Mascolo, Luca Zanolin, and Wolfgang Emmerich (Department of Computer Science, University College London, London, UK). In Automated Software Engineering Volume 9, Number 2 (April 2002), pages 151-165 (with 27 references). "Extensible Markup Language (XML) was originally defined to represent Web content, but it is being increasingly used to define languages, such as XPL, that are used for coding executable algorithms, policies or scripts. XML-related standards, such as XPath and the Document Object Model, permit the flexible manipulation of fragments of XML code, which enables novel code migration and update paradigms. The XMILE approach that we describe in this paper exploits these mechanisms in order to achieve flexible and fine-grained code updates, even without stopping execution. We describe a Java-based prototype that implements XMILE and our experience in using XMILE in the domain of code updates on mobile devices... We show how we are using XMILE in different application domains such as mobile devices application update, programmable networks, and mobile devices application service provision. We plan to continue to apply XMILE in different context to prove its flexibility. We are defining a policy XML based language and we want to use xmile to distribute and update different kind of policies such as security policies. Technologies such as XML RPC, SOAP or JAXM could potentially be integrated with our approach in order to achieve code mobility in more flexible ways: we plan to investigate this research direction. From a logical mobility point of view we are interested in extending our variable binding mechanism allowing dynamic downloading of non present variable in addition to the dynamic local binding..." See: (1) the news item 2002-06-22; (2) the project website for XMILE: XML in Mobile Incremental Logical Environment.[cache]

• [June 22, 2002] "Legacy Assets Meet SOAP." By Jon Udell. In InfoWorld (June 24, 2002). ['Where are all the Web services? Everywhere, actually. Web services wrappers for database stored procedures, mainframe applications, and components of every flavor are rapidly becoming available... Creating Web services wrappers for stored procedures, Java classes, EJB, COM/COM+ components, and CORBA objects isn't a panacea. But it opens up new integration vistas, and it's a great opportunity to repurpose and refactor these assets.'] "The ongoing conversation about Web services invariably turns to barriers to adoption. A major roadblock, people say, is that would-be consumers of services find few available. This classic chicken-and-egg dilemma may shortly untangle itself. Many existing assets, including SQL stored procedures and CORBA, COM (Component Object Model), and EJB (Enterprise JavaBeans) components, can now be offered as Web services with very little effort. Simply wrapping Web services interfaces around legacy assets is no panacea. But services created in this way, although unglamorous and easy to overlook, are about to become common. And they may be more important than we think. Consider how much of the world's middle-tier business logic lives in the stored procedures of databases. The real number may be impossible to know, but it's a safe bet that for logic that touches transacted data the answer is lots. Today in Oracle, IBM DB2, and Microsoft SQL Server, it is possible to export a stored procedure as a WSDL (Web Services Description Language)-defined, SOAP (Simple Object Access Protocol)-callable service. OpenLink Software's Virtuoso, the forward-looking universal server provides Web services encapsulation for the stored procedures of Oracle and SQL Server as well as those residing in its own native database... For DB2 users, the capability of exposing stored procedures as Web services has been available for about a year, as part of the DB2 XML Extender. IBM has, of course, long been working to unify SQL and XML data management, and this work continues under the name Xperanto... The analogous Microsoft SQL Server add-on, SQLXML Version 3, has been available since February. In May, the latest release of Oracle's application server brought the same exposure capability to authors of PL/SQL procedures. 'Web services are about being open to any programming language,' says Steve Muench, an Oracle consulting product manager and the company's XML evangelist. 'Now we've brought PL/SQL into the fold.' There's nothing magical about turning stored procedures into Web services, but then again there's nothing magical about Web services, either. In 1999 you could, and some people did, offer XML-over-HTTP interfaces to applications and data. But the network effects we're eagerly awaiting will happen only when applications and data can be exposed in a standard way without much head-scratching. Doing SOAP encapsulation of stored procedures may not be sexy. But now that it's a no-brainer, the universe of Web services can expand in an important way... So where are all the Web services? They're crawling out of the woodwork. Virtually every software asset can now be offered, or soon will be able to be offered, as a Web service. We'll have to look elsewhere to find those barriers to adoption..."

• [June 22, 2002] "Databases Wrestle XML." By Ed Scannell and Paul Krill [with Mark Jones]. In InfoWorld (June 21, 2002). "As XML works its way deeper into the enterprise, the database war heats up, with IBM, Microsoft, and Oracle wrestling over emerging query standards and database architectures. Despite agreement that XML has become the lingua franca of the Internet, a lack of tight integration between XML and databases may hinder the wide-scale deployment of Web services. XML itself may also be an obstacle, as its verbosity carries overhead that can choke application performance. Pursuing its own agenda, IBM is set to announce support for the XML query language XQuery in July when it delivers the next beta version of its DB2 database to select customers. Due to ship later this year, the final product, Xperanto, will more fully exploit XQuery and will build on IBM's goal of seamlessly marrying structured and unstructured data across diverse environments. Meanwhile, Oracle is leveraging existing investments in object databases to flesh out XML support in its XDB architecture and has plans to incorporate XQuery. Also planning XQuery support, Microsoft is working to marry its structured and unstructured databases with SQL and Exchange Server, respectively, wrapping XML in a relational format with SQL XML. At the same time, native XML database players such as Ipedo, Software AG, and NeoCore are gathering steam, seeking direct expression of XML content in the database itself..." See: "XML and Databases."

• [June 21, 2002] "RELAX NG's Compact Syntax." By Michael Fitzgerald. From XML.com. June 19, 2002. ['The RELAX NG schema language for XML offers a simple approach to writing schemas for XML documents, and is seen as a competitive alternative to W3C XML Schema for many applications. RELAX NG is currently being developed by an OASIS Technical Committee. One of the most recent things to emerge from that committee has been the RELAX NG Compact Syntax. If you've ever written a schema by hand, you'll know all the XML tags are tedious to write and can obscure the meaning of the schema. RELAX NG Compact is a non-XML syntax that makes schemas a lot more readable. In our main feature this week Michael Fitzgerald provides an introduction to this new syntax and the tools that use it.'] "Working with XML Schema is like driving a limousine. It's true that it has some nice appointments (datatypes come to mind), but the wheelbase is a bit on the long side, making it difficult to turn corners easily, and I am inclined to let somebody else do the driving for me. Using RELAX NG, on the other hand, is like driving a sports car. It holds corners amazingly well, and I am much less interested in handing over the keys to anyone. You may prefer to drive a limo over a sports car. But I'll take the sports car any day. You are probably familiar with XML Schema and RELAX NG. Both are schema languages for XML. The former was released by the W3C in May 2001, while the latter was released in December 2001 by OASIS. RELAX NG, which was developed by a small technical committee lead by James Clark, merges Murata Makoto's RELAX and Clark's TREX. It is a simple, yet elegant evolution of the DTD, which is also easy to learn. It is modular in design. The main core of RELAX NG is focused on validation alone and doesn't modify the infoset in the process of validation; in other words, no PSVI. RELAX NG is also part of an ISO draft standard, ISO/IEC DIS 19757-2. RELAX NG schemas were originally written in XML, but there's also a compact, non-XML syntax. While this article doesn't contain an exhaustive review of all the features of RELAX NG, it will give you a good idea of how to use the main parts of the compact syntax. If you don't know much about RELAX NG, I suggest that you read Eric van der Vlist's RELAX NG Compared before finishing this article. I think you'll find the compact syntax quite readable and easy to learn. In some respects, a RELAX NG schema in compact form looks like a context-free grammar, which provides a familiar view of the language, is readily comprehensible, and amenable to parsing..." See: "RELAX NG."

• [June 21, 2002] "Can XML Be The Same After W3C XML Schema?" By Eric van der Vlist. From XML.com. June 19, 2002. ['Eric van der Vlist has just finished writing a book on W3C XML Schemas for O'Reilly, an experience that has given him a unique perspective on schema languages and W3C XML Schema in particular. Here Eric reflects on the nature of W3C XML Schema and how it could affect XML as a whole'] "The first question to ask is why is W3C XML Schema different? Why am I asking this question about W3C XML Schema and not about DTDs, Schematron, or RELAX NG? The short answer is datatypes and object orientation. These two aspects of W3C XML Schema are tightly coupled. Datatypes are to W3C XML Schema what classes are to object oriented programming languages. Both promote a categorization of information into classes and subclasses, analogous to the taxonomies biologists use to classify species. Although this process of classification or derivation seems natural, it is not universal and is much less visible in other schema languages. To reuse the metaphor of species, a rule based language such as Schematron does not attempt to put a sticker on a species, but rather set of rules defining if an animal belongs to a set of 'valid' animals ('the set of animals having four legs and able to run at least 50 km/h'). Grammar based languages, including RELAX NG and DTD, describe the patterns used to build the animal ('an animal made of a body, a neck, a head, a tail, and four legs')... My reward for digging into the W3C XML Schema Recommendation has been to discover an unexpected pearl far away from the limelight: W3C XML Schema is exceedingly good at associating metadata with elements or attributes...Schematron is about rules, and RELAX NG is about patterns; neither of them describes elements or attributes as such. Schematron can define rules to be checked in the context of an element, and RELAX NG can describe a pattern containing a single element, but W3C XML Schema is the only one which can describe elements and attributes. As long as validation is your primary concern, this may not make much difference, but for attaching metadata to elements and attributes, a language which describes elements and attributes seems to be a better fit..." For schema description and references, see "XML Schemas."

• [June 21, 2002] "PDF Presentations Using AxPoint." By Kip Hampton. From XML.com. June 19, 2002. ['Kip Hampton provides us our monthly dose of Perl. In his 'Perl & XML 'column Kip introduces AxPoint, a toolkit for producing presentations in PDF. If you've a presentation due any time now, AxPoint could be just the ticket.'] "... we will be examining AxPoint, Matt Sergeant's Perl/XML-based tool for creating visually rich presentations and slideshows in PDF. Originally designed for use exclusively within the AxKit XML publishing environment, AxPoint has recently undergone a major facelift and is now also available outside of AxKit as a simple SAX Handler, XML::Handler::AxPoint... AxPoint is one of those rare applications that strikes a good balance between simplicity and functionality. If you want to get fancy, you can -- for example, the latest version even supports certain SVG primitives, natively -- but if you need something fast, the language itself gets out of the way and lets you focus on the important parts without sacrificing a professional look. If you have presentation deadlines coming up (and I know I do) I strongly encourage you to give AxPoint a close look..." See: "XML and Perl."

• [June 21, 2002] "Utility Deregulation Requires Effective E-Business Standards." By Alan Kotok (DISA). June 2002. ['This paper analyzes business practices in the gas and electric power utilities industries resulting from deregulation, including the current use of e-business, and offers recommendations for e-business standards to support the goals of deregulation.'] "The utilities industries have relied on voluntary industry standards in some form since the 1960s, but since the trend in deregulation has accelerated, voluntary standards have taken on more importance. For e-business transactions, many companies in the industry successfully use EDI transactions, especially in the wholesale gas and retail electric quadrants. The Petroleum Industry Data Exchange, Gas Industry Standards Board (now North American Energy Standards Board), and Utilities Industry Group have all written implementation guidelines for EDI. With deregulation, and the introduction of trading in energy supplies and futures, as well as electronic marketplaces, the use of XML and Web-based transactions has increased, particularly for companies that had not yet implemented EDI. The paper outlines a high-level strategy for e-business in this more dynamic environment, yet that still recognizes the continuing need for reliability, a heightened need for security, and recent calls for more transparency. The utilities industries should consider developing common business processes, independent of technology and cutting across the traditional boundaries, to provide a roadmap for the development and integration of e-business transactions. Parts of the utilities industries already have experience with this approach to business processes. The paper recommends continuing the use of EDI for high-volume and direct transactions with stable content, while planning for increased use of XML (including ebXML and Web services) where conditions call for more flexibility or intermediaries. The industries should also consider adapting XML practices and vocabularies from the financial services and retail industries that can short cut the development process as well as provide more transparency in electronic transactions..." See the recent news item "Chemical, Petroleum, and Agricultural Industries to Develop eBusiness Standards." [cache]

• [June 21, 2002] "Sun Wants to Set Web Services Free." By Wylie Wong. In CNet News.com (June 19, 2002). ['Sun Microsystems is attempting to gain popularity among developers in the emerging Web services market by giving away a crucial piece of e-business software.'] "Sun plans to give away an updated basic version of its application server software, a key piece of infrastructure software for building business applications. Application server software is technology that runs e-business and other Web site transactions... Overall, Sun is hoping a free application server will help drive sales of its more expensive products, including servers and other e-business software, such as upgrades to its higher-end application servers and portal software that allows businesses to create portal Web sites for their employees and partners. The company hopes to woo developers who are choosing between its Java-based software--sold under the umbrella name of the Sun Open Network Environment (Sun One) -- and Microsoft's overarching Web services strategy, called .Net. Sun has been battling Microsoft and IBM for popularity in the market but has been playing catch-up with its rivals during the past year. Sun's e-business software, including its application server, lies at the heart of its Web services strategy. Sun has been working to seize more of the initiative, however. It quietly began working on its own royalty-free standard for Web services security and has signed up major partners to back its Liberty Alliance Project, which is working on software standards to let a person use different computer systems while only having to log in once. The Liberty standard, which will govern how to 'federate' different organizations' authentication and authorization systems, is scheduled for release in early July, said Jonathan Schwartz... Sun is building Liberty support into its Sun ONE software. The first Liberty-enabled products -- likely Sun's directory server software widely used to store username-password combinations -- are expected within 45 days. However, that product could be an 'early access,' not a fully supported version, Schwartz said. Sun would like Liberty to grow from a multi-company collaboration to a formal standard endorsed by the World Wide Web Consortium, Schwartz said. 'I'd be thrilled to see it in the W3C,' but that move will be up to the Liberty Alliance partners, not just Sun, to decide'..."

• [June 21, 2002] "Sun To Give Away J2EE Server." By Richard Karpinski. In InternetWeek (June 19, 2002). "Sun Microsystems on Wednesday said it will offer a basic, but full-featured version of its Java application server for free, not only on its own Solaris operating system but on Windows, Linux, IBM-AIX, and HP-UX as well. That decision will no doubt shake up the application server market, where Sun today badly lags market leaders IBM and BEA Systems. Sun has little to lose by trying to change the rules of the game -- and it is doing so by hoping to commoditize the J2EE app server and make the game more about the rest of the middle-tier 'stack,' including directory, identity, integration, messaging, and portal servers. In addition to the new pricing, the new app server includes fully integration with the Java Web Services Developer Pack, which includes support for SOAP, UDDI, and WSDL, including straightforward ways to bind these XML technologies with Java code and classes... Sun also announced an all-new Sun ONE Developer platform, a full slate of tools for creating, assembling, and deploying Java Web services. The platform includes Sun ONE Studio 4.0 and Sun ONE Application, Portal, Identity, Registry, and Integration server software..."

• [June 19, 2002] "Information Management: Challenges in Managing and Preserving Electronic Records." From the United States General Accounting Office (GAO). Report to Congressional Requesters. June 2002. 83 pages. Reference: GAO-02-586. See Appendix II: "Approaches to Archiving Electronic Records Provide Partial Solutions." Excerpt: "In the wake of the transition from paper-based to electronic processes, federal agencies are producing vast and rapidly growing volumes of electronic records. The difficulties of managing, preserving, and providing access to these records represent challenges for the National Archives and Records Administration (NARA) as the nation's recordkeeper and archivist. GAO was requested to (1) determine the status and adequacy of NARA's response to these challenges and (2) review NARA's efforts to acquire an advanced electronic records archiving system, which will be based on new technologies that are still the subject of research... The challenge of managing and preserving the vast and rapidly growing volumes of electronic records produced by modern organizations is placing pressure on archives and on the information industry to develop a costeffective long-term preservation strategy that will free electronic records from the constraints of proprietary file formats and software and hardware dependencies... After considerable research in this area, some agreement is being reached on the metadata (data about data) required for preserving electronic records, and some practical applications are using XML (Extensible Markup Language) for creating such metadata. However, there is no current solution to the electronic records archiving challenge, and so archival organizations now rely on a mixture of evolving approaches that generally fall short of solving the long-term preservation problem. The four most common approaches -- migration, emulation, encapsulation, and conversion -- are in use or under consideration by the major archives. NARA is supporting the investigation of a new approach involving records conversion (known as persistent object preservation), but this has yet to mature... The Victoria archive uses XML to encapsulate records along with standardized metadata describing each record in a Victorian Electronic Record Strategy (VERS) format. XML is also used by the National Archives of Australia, which converts files from their native formats to XML versions, while retaining a copy of the original source file. The Australian archives has also developed a metadata model, but it has not yet determined its final preservation metadata requirements... NARA is investigating an advanced form of conversion combined with encapsulation known as persistent object preservation (POP). Under this approach, records are converted by XML tagging and then encapsulated with metadata. According to NARA, the persistent object transformation approach would make electronic records self-describing in a way that is independent of specific hardware and software. The architecture for POP is being developed through the National Partnership for Advanced Computational Infrastructure. The partnership is a collaboration of 46 institutions nationwide (including NARA) and 6 foreign affiliates, with the San Diego Supercomputer Center serving as the technical resource..." See also "Australian Public Record Office Victoria Uses VERS Standard for Records Management."

• [June 19, 2002] "Imaging Group Clicks on Net Photos ." By David Becker. In CNET News.com (June 17, 2002). "A coalition supported by some of the biggest companies in digital imaging announced Monday an open standard and network intended to simplify ordering photo prints. The International Imaging Industry Association (I3A) -- a nonprofit trade group supported by Eastman Kodak, Hewlett-Packard, Fujifilm and others -- is developing the Common Picture Exchange Environment (CPXe), a new standard for distributing photos over the Internet. The I3A will maintain a directory of retail photofinishers that support the standard and will supervise the network that will allow online photo services, retail photofinishers and other services supporting CPXe standard to exchange images with each other. In one of the most common scenarios, consumers would send images from their PC to an online storage service, order prints and pick them up at a neighborhood photofinishing shop. This process is more similar to the film-based system that consumers are familiar with than that of current digital alternatives such as ordering photos online and waiting for them to arrive in the mail, or using a print kiosk at a photo store, said Lisa Walker, executive director of the I3A... Mark Cook, director of product management for Kodak's digital imaging division, said that while the initial focus will be on connecting consumer PCs with photofinishers, new applications are likely to emerge as support for CPXe proliferates... Ramon Garrido, director of digital imaging programs for Hewlett-Packard, said he expects CPXe to generate widespread support in the imaging industry... CPXe will be based on established Web services standards such as XML and Simple Object Access Protocol (SOAP), making it one of the first major efforts of the much-hyped Web services push aimed at consumers..." See: (1) the technical white paper, and (2) the announcement: "Leading I3A Imaging Companies Develop Industry Initiative To Expand Digital Photofinishing Services for Consumers. Eastman Kodak Company, Fujifilm and HP Give Consumers More Ways to Print Digital Images and Create New Business Opportunities for Retailers."

• [June 19, 2002] "Reap the Benefits of Document Style Web Services. Web services are not exclusively designed for handling remote procedure calls." By James McCarthy (President and CTO, Symmetry Solutions, Inc.). From IBM developerWorks, Web services. June 2002. "While most Web services are built around remote procedure calls, the WSDL specification allows for another kind of Web services architecture: document style, in which whole documents are exchanged between service clients and servers. In this article, James McCarthy explains what document style is and when you should use it. Buried deep in the Web Service Definition Language (WSDL) specification is a very subtle switch that can turn the SOAP binding of a Web service from a remote procedure call to a pass-through document. The style attribute within the SOAP protocol binding can contain one of two values: rpc or document. When the attribute is set to document style, the client understands that it should make use of XML schemas rather than remote procedure calling conventions. This article will provide a description of this WSDL switch, describe its benefits, and explain when you should use pass-through documents... [Conclusion:] When designing your next Web service, you need to consider all of the options that the current WSDL specification gives you. Before starting with a procedural interface, consider how the service will be used, who will be using it, and the type and volume of information that needs to be exchanged. Designing and developing a document style Web service may require a little more effort, but in many cases the effort will pay off in the quality of information and the reliability of the exchange..."

• [June 18, 2002] "Understanding Educational Technology Interoperability Standards: An Annotated Resource List." By Raymond Yee (IST -- Interactive University). In Berkeley Computing and Communications Volume 12, Number 3 (Summer 2002). "There has been much recent activity on campus surrounding course management systems, also known as learning management systems (LMS). Purchased solutions, such as Blackboard and WebCT, have been in use for several years. A third system, CourseWeb, is currently being developed by the campus. ETS (Educational Technology Services) and IST are planning the future of learning management systems on campus. Any 'new product will be a confluence of existing University systems, best practices at Berkeley, and developments from other universities and commercial courseware companies'. In many discussions surrounding LMS, the issue of educational technology interoperability standards (hereafter referred to as interoperability standards) arises. One encounters phrases such as 'conforms to all relevant IMS standards' and 'led the pack with first AICC certified product in the authoring tool category and continue to be a frontrunner in SCORM compliance as well as other learning standards'. Interoperability standards are generally portrayed as being beneficial and desirable. But what exactly are these standards about? To help readers unravel the mysteries of interoperability standards, I present the following list of articles, websites, and resources that I have found particularly helpful in this regard..." See the news item of 2002-06-18: "OASIS Discussion List for a Proposed edXML Technical Committee."

• [June 18, 2002] "An XSL Calculator: The Math Modules of FXSL." By Dimitre Novatchev. ['This article describes the 32 functions of the latest 6 FXSL math modules'] "This article is a follow-up from three recent publications on functional programming in XSLT. Described are various new modules of the XSLT functional programming library FXSL, which implement trigonometric and hyperbolic-trigonometric, exponential and logarithmic functions and their reverse functions. Also implemented are two general methods of solving equations of one real variable. These are used within an XSLT Calculator - an interactive XSLT application driven entirely by a single stylesheet, which depends on an external object for its IO. The code of the implementation demonstrates the use of such powerful, functional programming design patterns as partial application and creation of functions dynamically... Conclusion: We described the newest 6 modules of FXSL, which implement a variety of useful math functions and two numerical methods of finding the root of a continuous function of one real variable. Their use was demonstrated through the construction of a simple yet powerful, accurate and efficient XSL Calculator. The XSL Calculator also demonstrates a reliable method of serializing a series of calls to extension functions, closely following the definition of the Monad class in Haskell." See the SourceForge project "FXSL -- the Functional Programming Library for XSLT." The FXSL functional programming library for XSLT "provides XSLT programmers with a powerful reusable set of functions and a way to implement higher-order functions and use functions as first class objects in XSLT." For related resources, see "Extensible Stylesheet Language (XSL/XSLT)."

• [June 18, 2002] "XML Stores Get Richer Queries." By Matt Hicks. In eWEEK (June 17, 2002). "Native XML database developers X-Hive Corp., Excelon Corp., Ipedo Inc. and Software AG are adding more support in upcoming releases for emerging standards for such functions as querying. Much of the focus for the developers with their latest crop of XML databases is on bolstering querying capabilities through the XQuery XML data retrieval standard. X-Hive, for example, last week began shipping Version 3.0 of its X-Hive/DB, which supports XQuery, said officials in Rotterdam, Netherlands. Separately, Excelon, in a point release to its Extensible Information Server, due next month, will add full XQuery support. Also in releases planned over the next year and a half, the Burlington, Mass., company aims to support the XForms standard for handling XML forms, officials said. Ipedo, of Redwood City, Calif., is beefing up its current XQuery support. Version 3.1 of its namesake XML database, due next week, will be able to perform updates in the querying language. That release will also include support for the WebDAV, or Web-based Distributed Authoring and Versioning, protocol so documents from popular client applications can be published into the database server, officials said. For its part, Software AG plans to add full XQuery support in the next major release of its Tamino XML Server, Version 4.11, due by the end of the year. That release will also include validation of XML Schema; enterprise-level backup and restore of the database; and improved tools for Web services features such as Universal Description, Discovery and Integration directories, said company officials, in Darmstadt, Germany. All these companies are looking to extend their technological lead over Oracle Corp., IBM and Microsoft Corp., which offer XML add-ons and have plans to embed XML support deeper within their database engines..." See: "XML and Databases."

• [June 18, 2002] "IBM Submits Mobile Standard to OASIS." By Ephraim Schwartz. In InfoWorld (June 17, 2002). "The mobile infrastructure may soon have its own Web services protocol defining standard methods for presenting enterprise applications on handhelds. IBM submitted to the OASIS (Organization for Advancement of Structured Information Standards) Web services standards body earlier this month a protocol called WSRP (Web Service Remote Portal) to allow wireless devices to access portlets. A portlet is any application launched from a portal server, according to Rod Smith, vice president of Internet Emerging Technologies, at IBM in Raleigh, N.C... When a device calls a portal server, WSRP will tell the server how much screen real estate is available, for example. The portlet aggregates information to build a page and generates it in XML. WSRP would sit on top of SOAP (Simple Object Access Protocol) and WSDL (Web Services Description Language) layers. 'The idea is to make a portlet Web service-ized, and in this way I can generate XML interfaces for voice or other interfaces,' said Smith. But while Smith admitted that WSRP and many of the other middleware protocols are still maturing, one ISV sees the lack of 'mature' standards as a major worry for ISVs..." See Web Services for Remote Portals (WSRP) TC.

• [June 18, 2002] "Web Services for Remote Portals (WSRP) Overview." By OASIS WSRP Technical Commitee. April, 2002. "Web Services for Remote Portals (WSRP) will define a standard for interactive, user-facing web services that plug and play with portals. WSRP will define: (1) A WSDL interface description for invocation of WSRP services; (2) How to Publish, Find, Bind WSRP services and metadata; (3) Markup Fragment Rules for markup emitted by WSRP services; (4) Applicable Security Mechanisms, Billing information..." See Web Services for Remote Portals (WSRP) TC. [source PPT]

• [June 18, 2002] "Introduction to the Controlled Trade Markup Language (CTML) Technical Committee." Draft document. May, 2002. Posted 2002-05-19 in a message from Todd Harbour. "This document provides background information for the CTML TC, identifies its goals and objectives, identifies areas of cooperation, approach the controlled trade domain, and status of activities." See (1) the recent announcement: "OASIS Members Form Technical Committee to Develop International Standard for Controlled Trade. Supports Coordinated Management Strategy for Transfer of Sensitive and Strategic Goods"; (2) the main reference page "Controlled Trade Markup Language (CTML)". [cache ZIP/PPT original document; OASIS link 2002-05-23]

• [June 17, 2002] "application/xenc+xml Media Type Registration." By Joseph M. Reagle Jr. (W3C; Massachusetts Institute of Technology Laboratory for Computer Science). IETF Internet-Draft. Reference: 'draft-reagle-xenc-mediatype-00'. June 2002, expires: October 2002. ['describes a media type (application/xenc+xml) for use with the XML Encryption specification'] "The XML Encryption Syntax and Processing document specifies a process for encrypting data and representing the result in XML. The data may be arbitrary data (including an XML document), an XML element, or XML element content. The result of encrypting data is an XML Encryption element which contains or references the cipher data. The application/xenc+xml media type allows XENC applications to identify XENC documents for processing. Additionally it allows applications cognizant of this media-type (even if they are not XENC implementations) to note that the media type of the decrypted (original) object might a type other than XML. This media-type is only used for documents in which the XENC EncyptedData and EncryptedKey element types appear as the root element of the XML document. XML documents which contain XENC element types in places other than the root element can be described using facilities such as W3C XML-schema or 'Registration of xmlns Media Feature Tag' (StLaurent)..." See: "XML and Encryption."

• [June 17, 2002] "Microsoft's BizTalk Speaks to Small Biz." By Wylie Wong. In ZDNet News (June 17, 2002). "Microsoft is courting smaller companies with new versions of its business integration software. The software company on Monday released two new versions of its BizTalk Server software, which is designed to help companies link computing systems to enable communications and to conduct e-commerce transactions using Extensible Markup Language (XML). The two new versions are aimed at small and midsized companies. In February, Microsoft released an update to its BizTalk Server, which included new software that helps automate connections between companies, and new technology that manages BizTalk and monitors the status of the transactions. But the $25,000 price tag for the BizTalk Server 2002 Enterprise Edition was limiting the product to large corporations, Microsoft executives said... With BizTalk, Microsoft competes with software makers IBM, Oracle, Tibco, Vitria, WebMethods, SeeBeyond and others in the growing market for integration software. As more companies take their businesses to the Web, systems that were never meant to be integrated, now must be tied together, which makes integration software necessary..." Pricing details are available in the announcement: "Microsoft BizTalk Server 2002 Partner and Standard Editions Bring Integration to the Masses. Microsoft Continues to Lower the Barrier for Integration by Offering Two New Editions Of BizTalk Server 2002 That Meet the Needs of Small to Medium-Sized Businesses." See "BizTalk Framework."

• [June 17, 2002] "Microsoft Looks to Serve The Little Guys." By Carolyn A. April. In InfoWorld (June 17, 2002). "Looking to lower the cost barriers to connecting to an electronic trading hub, Microsoft on Monday rolled out two entry-level versions of BizTalk Server 2002 -- including one that carries a sub-$1,000 price tag. The new editions, BizTalk Server Standard and BizTalk Partner, are not 'feature-crippled,' according to Microsoft officials, meaning that they will sport all the technology found in their Enterprise Edition brethren. However, the Standard and Partner editions will support a limited number of CPUs, integrated applications, and trading partners... Wolf offered the example of a small supplier in the high-tech industry that sells to a limited number of four manufacturers, each dealing in different electronic exchange formats such as EDI, XML, and flat files. With BizTalk Standard, Wolf said, the small supplier gets the technology necessary to conduct business electronically in those varied formats, but at a deployment price much lower than found in a multipartner, multiapplication trading hub implementation. BizTalk Standard is priced at $6,999. It is limited to one CPU, 10 trading partners, and five applications that users can integrate within the firewall. BizTalk Partner edition, priced at $999, is limited to one CPU, two internal applications, and two trading partners..."

• [June 17, 2002] "Novell Heats Web Services Agenda." By Peter Sayer, Carolyn A. April, and Paul Krill. In InfoWorld (June 14, 2002). "Attempting to strengthen its Web services plans, Novell this week bid to purchase SilverStream Software, just