The Cover PagesThe OASIS Cover Pages: The Online Resource for Markup Language Technologies
SEARCH | ABOUT | INDEX | NEWS | CORE STANDARDS | TECHNOLOGY REPORTS | EVENTS | LIBRARY
SEARCH
Advanced Search
ABOUT
Site Map
CP RSS Channel
Contact Us
Sponsoring CP
About Our Sponsors
NEWS
Cover Stories
Articles & Papers
Press Releases
CORE STANDARDS
XML
SGML
Schemas
XSL/XSLT/XPath
XLink
XML Query
CSS
SVG
TECHNOLOGY REPORTS
XML Applications
General Apps
Government Apps
Academic Apps
EVENTS
LIBRARY
Introductions
FAQs
Bibliography
Technology and Society
Semantics
Tech Topics
Software
Related Standards
Historic
Last modified: March 31, 2003
XML Articles and Papers March 2003

XML General Articles and Papers: Surveys, Overviews, Presentations, Introductions, Announcements

Other collections with references to general and technical publications on XML:

March 2003

  • [March 26, 2003] "Topic Maps Model (TMM)." By Steven R. Newcomb, Sam Hunting, Jan Algermissen, and Patrick Durusau. Produced for ISO/IEC JTC 1/SC34 Information Technology -- Document Description and Processing Languages. March 28, 2003. Editor's Draft, Revision 2.30. Reference: ISO/IEC JTC 1/SC34 N0393. See also the previous version (1.0). "This International Standard specifies: the information structure of all topic maps; certain common properties of topics, and constraints on the values of those properties; constraints on the definitions of Topic Map Applications; the definition of the term 'fully merged' as it applies to topic maps; and other definitions and specifications that support the foregoing... Topic maps are bodies of information that consist of 'topics', each of which is a surrogate for a single subject. If every topic in a topic map is the only surrogate for its subject, then users can find all information about that subject in a single location. The Topic Maps Model -- the information structure of all topic maps that is defined by this International Standard -- constrains the definitions of Topic Maps Applications in order to enable the achievement of this 'Subject Location Uniqueness Objective [SLUO]'. It specifies a foundation for lossless and uniform treatment of heterogeneous topic map information. The Topic Maps Model meets the following requirements: (1) It enables an unbounded number of different Topic Map Applications to be created and used. (2) It enables metrics to be developed for arbitrary sets of Topic Map Applications. (3) It enables Topic Map Applications to be expressed as topic maps. (4) It enables the conformance of Topic Map Applications to this International Standard to be verified. (5) It enables rigorous specification and auditing of the process whereby an interchangeable topic map is understood as a set of subjects. It enables specification of conventions for referring to members of that set of subjects by referring to components of interchangeable topic maps. (6) It enables determination of whether two topic maps are identical. (7) It facilitates the specification and determination of subject identity by humans, as well as machines. (8) When two or more topic maps are merged automatically, the Topic Maps Model [1] enables the merging process to be consistent across Topic Map Applications and their implementations, and [2] preserves the integrity of the information contained in the merged topic maps in the resulting single topic map..." General references in "(XML) Topic Maps."

  • [March 31, 2003] "Living With Topic Maps and RDF. Topic Maps, RDF, DAML, OIL, OWL, TMCL." By Lars Marius Garshol (Ontopia). Technical Report which extends and improves upon the earlier paper "Topic Maps, RDF, DAML, OIL: A Comparison," presented at XML 2001. ['How to do data conversion back and forth between the two, schema conversion, the use of OWL in topic maps, and the possibility for a common query language.'] "This paper is about the relationship between the topic map and RDF standards families. It compares the two technologies and looks at ways to make it easier for users to live in a world were both technologies are used. This is done by looking at how to convert information back and forth between the two technologies, how to convert schema information, and how to do queries across both information representations. Ways to achieve all of these goals are presented... The focus of this paper is to compare the models of the two technologies, and to use this comparison to describe ways in which the two technologies can be made to work together. In other words, the goal of this paper is to make it easier for users to live with both RDF and topic maps... While the technologies are clearly similar it is equally clear that they are intended for different purposes. Topic maps were created to support high-level indexing of sets of information resources to make the information in them findable. RDF, on the other hand, was intended to support the vision of the semantic web through providing structured metadata about resources and a foundation for logical inferencing... The key lessons [from the paper] are that: (1) Merging the two technologies does not appear desirable or possible. (2) It is possible to convert data back and forth between the two representations using simple, declarative, vocabulary-specific mappings. (3) This makes it possible for RDF and topic maps to have shared vocabularies. (4) RDF constraints can be converted to topic map constraints given such a mapping. (5) Semantic annotations in OWL can be translated directly into a topic map representation of the same information. That is, the descriptive part of OWL can be used both with RDF and with topic maps. (6) It is possible to create a single query language for both RDF and topic maps. In short, it does appear that it is possible to live with both RDF and topic maps..." General references in "(XML) Topic Maps."

  • [March 31, 2003] "Secure Web Services." By Sang Shin. In Java World (March 18, 2003). ['The upcoming Web services security schemes should help drive Web services forward. Security is important for any kind of distributed computing environment. For Web services environments, security is becoming even more important due to Web services' unique characteristics. In this article, Sang Shin discusses these characteristics and explains why Web services need a different set of security schemes. He then examines the various Web services security schemes being designed and implemented by the industry. These new schemes are expected to accelerate the adoption of Web services, especially in the business community, where security is always a top priority'] "During the past few years, the technology industry has been working on various XML-based security schemes to provide comprehensive and unified security schemes for Web services. These schemes include: (1) XML digital signature; (2) XML Encryption; (3) XKMS - XML Key Management Specification; (4) XACML - Secure Assertion Markup Language; (6) WS-Security - Web Services Security; (7) ebXML Message Service (8) The Liberty Alliance Project. In this article, I define each of these security initiatives, why each is important, and how they all can work together... As more and more business organizations adopt Web services, ensuring secure communication between communicating partners is becoming even more important. In this article, I explained why SSL falls short when it comes to Web services and why the industry is actively defining XML-based Web services security schemes. I also discussed the importance of an identity network and how it can be implemented. Any developer interested in creating Web services should be aware of these standards..." See "Security, Privacy, and Personalization."

  • [March 31, 2003] "Web Services Security? Not Yet." By David Chappell. In Application Devemopment Trends (April 01, 2003). "Security is the biggest unsolved problem in Web services today. Without an effective way to authenticate clients, guarantee the integrity of transferred data and to ensure data remains confidential during transit, Web services can be applied only in limited ways. The lack of good SOAP-based security mechanisms has had two main impacts. One is that firms tend to use Web services in situations where less-secure communication is acceptable, such as integrating apps inside the firewall. The other is that various less-than-ideal workarounds have been found to make communication with SOAP more secure. SSL can be used for point-to-point connections, for example, as can IPsec or the various security techniques employed by VPNs. Still, the real solution is to define a way to provide intrinsic, end-to-end security for SOAP messages. WS-Security, a specification created mostly by IBM and Microsoft, is intended to address this problem. Rather than define a wholly new set of security mechanisms, WS-Security defines how to use existing mechanisms to provide authentication, integrity and confidentiality for SOAP messages. This makes perfect sense; there are plenty of security mechanisms in existence, so there's no need to invent new ones. WS-Security defines how to use username/ password pairs, Kerberos and public key technology to provide security services for SOAP messages. It also allows the use of other approaches... I wouldn't be surprised to see the Web Services Interoperability Organization (WS-I) define a profile for using WS-Security. Chances are, though, that the group will define profiles for both Kerberos and public key-based approaches rather than mandate one or the other..."

  • [March 31, 2003] "SOAP Version 1.2 Message Normalization." Edited by Martin Gudgin (Microsoft) and Marc Hadley (Sun Microsystems). W3C Note 28-March-2003. Produced by members of the the W3C XML Protocol Working Group. Version URL: http://www.w3.org/TR/2003/NOTE-soap12-n11n-20030328/. Latest version URL: http://www.w3.org/TR/soap12-n11n/. SOAP 1.2 [SOAP Version 1.2 Part 1: Messaging Framework] intermediaries have some license when reserializing messages that pass through them. Current XML canonicalizations (see XML C14N and EXCL C14N) do not take into account the transforms that a SOAP intermediary can legally apply to messages passing through it. This document defines a transformation that renders all semantically equivalent SOAP messages identically. This transformation may be used in conjunction with an XML canonicalization algorithm prior to the generation of a message digest in producing XML digital signatures that are sufficiently robust to survive passage through one or more SOAP intermediaries..."

  • [March 31, 2003] "Next-Gen Web Services." By Timothy Dyck. In eWEEK (March 31, 2003). "Web services technology has become the universal glue for keeping the pieces of large distributed systems together. There's been tremendous progress on this front, and two cutting-edge tools from Systinet Corp. and BEA Systems Inc. push SOAP 1.1 just about as far as it can go. Systinet's WASP (Web Applications and Services Platform) Server for Java 4.5 and the complementary WASP Developer 4.5 began shipping earlier this month, providing the most comprehensive set of tools for developing, securing and managing Web services that eWeek Labs has seen. We were impressed enough with Version 4.0 to award it our Analyst's Choice designation, and the same goes for the updated Version 4.5. Meanwhile, the BEA WebLogic Workshop 2.0 beta (available for free trial download from www.bea.com) takes Web services development -- and, in fact, Java Web application development -- in a whole new direction...While the creators of development tools and languages were the early adopters of Web services technology, data providers are riding the next big wave of Web services adoption. All the major databases already support SOAP-based queries through add-on packs; by next year, this support will be deeply integrated into products through adoption of XML-based query languages, the natural counterparts to the XML-based SOAP. The same is happening with packaged applications, which are gratefully planning the deprecation of proprietary, language-specific APIs in favor of Web services. Even with some growing pains still ahead, SOAP and XML are already the leading technologies for one-to-many data integration projects, particularly with smaller or newer companies that haven't invested in EDI (electronic data interchange) or when the scale of the integration project precludes EDI's heavy hand. The T-Mobile International AG case study outlines how the telecommunications company uses Web services to aggregate content services for its mobile phone users and to integrate related billing and localization information with content providers..."

  • [March 31, 2003] "WordML: Word 2003 Native XML Samples Online." By [Eoin Campbell]. From XML Workshop Ltd. March 28, 2003. "Word 2003 Beta 2 has been released. We have installed a copy, and saved a Word file as XML for you to examine. [We supply] the native binary Word document we used, and the Word XML document generated when saved as XML. The XML document is well-formed, and conforms to the XML Schema called WordML; [included] is a slightly annotated version of the WordML mark-up... Some more complex structures are included in a second sample: wordsample2.doc, wordsample2.xml..." General references in: "Microsoft Office 11 and InfoPath [XDocs]."

  • [March 31, 2003] "Open-Source Movement Gains Ground on Microsoft." By Darryl K. Taft and Scot Petersen. In eWEEK (March 24, 2003). "A significant customer opportunity is emerging for open-source software, as more state and federal governments loosen their restrictions on implementations of such software. As the trend unfolds, Microsoft Corp. is insisting that it can coexist peacefully with the model. Last week, Texas state Sen. John Corona introduced Bill SB 1579, which would enable the state to consider open-source technology in its software procurements. Earlier this month, Oregon state Rep. Phil Barnhart presented Bill 2892, which included similar language. Open source has not been allowed in these states, as well as others, because bidders on state projects have had to be commercial entities. As a result, software from the Apache Software Foundation and other purely open-source organizations was ineligible. These pending state-level mandates join similar initiatives in the works in South America and Europe... SSI lets key customers of the Redmond, Wash., company access its source code. 'Showing source code by itself without any freedom transfer -- via the software license -- isn't the same as free software,' said Jarma Poulsen, a developer with international consulting company Atos Origin, in Eindhoven, Netherlands. As an incentive to get developers to deliver more and better-quality open-source software, Tony Stanco, founding director of the Washington-based Center for Open Source & Government, has proposed the Open Source Threshold Escrow Program. Through O-STEP, developers would release source code to open source after it earned a certain amount of revenue. Dendy Young, CEO of GTSI Inc., a Chantilly, Va., supplier of software, hardware and services to the government, said he has not felt any pressure from open source..."

  • [March 31, 2003] "Web Services Security and More: The Global XML Web Services Architecture (GXA)." By Joseph M. Chiusano (Booz Allen Hamilton). From Developer.com (March 2003). "For quite some time, there has been a growing need for consistent support of more secure Web services -- especially at the levels of inter-enterprise trust and business policy agreement. GXA, as an application-level protocol framework that is built on the foundation of XML and SOAP, helps satisfy this need by providing a consistent model for building infrastructure-level protocols for Web services and applications. By doing so, GXA 'fills the gap' in the current Web services stack. Because GXA is built on top of SOAP, it is also 'transport-neutral' -- that is, it does not rely on any application-level transport protocol such as HTTP or SMTP to carry out its specified functionality. GXA specifications are authored by Microsoft, IBM, Verisign, BEA Systems, RSA Security, and SAP (in various combinations, with Microsoft as an author on all specifications). One of the most valuable aspects of the GXA specifications is that they are designed to be 'protocol building blocks' that can be adopted piecemeal or en masse. The GXA specifications also leverage existing specifications such as ITU-T X.509, W3C XML Signature, and W3C XML Encryption for providing required functionality. Since the initial set of specifications in October 2001, 12 additional GXA specifications have been released -- six in December 2002, and two in March 2003. Several more also have been announced as forthcoming... This article provides highlights from the majority of those specifications that were released up to (and including) December 2002, while those released in March 2003 (WS-ReliableMessaging and WS-Addressing) will be covered in a later article. XML examples that illustrate the main concepts are provided for each covered specification. For brevity, some of these examples denote fragments rather than entire SOAP envelopes... GXA is poised to play a major role in advancing the adoption of Web services through its robust specification of mechanisms for Web services such as security, policy, coordination, federation, and routing. More specifications will be forthcoming for areas such as privacy, federation, and authorization..." See: "Web Services Security and More, Part 2: The Global XML Web Services Architecture (GXA)."

  • [March 31, 2003] "Metaserver 4.0 Stands Out in Crowded BPI Market. Integration Platform Boasts New Features and Enhanced Flexibility and Resiliency." By Mario Apicella. In InfoWorld (March 21, 2003). "Metaserver is a powerful platform for creating and executing new business processes by recycling existing applications and technical resources, which minimizes development and administration costs... The flexible, modular architecture of Metaserver works well with most development technologies, and makes for easy integration in most datacenters and optimal use of computer resources... Using the proper connectors, Metaserver can link applications from the most common environments, including Microsoft COM, Java and EJB, and Web services, using WSDL (Web services definition language) or XML. The process is slightly different, according to the technical requirements of each target application, but consistent overall. For example, to include an activity that validates a user ID and password in our process, we selected the New Metalink wizard and found the application container (a Java package) on our machine. The wizard listed which methods we could use to access the application, and after we selected one, proposed the input and output data to handle. In addition to reusing existing applications, Metaserver can access message queues, e-mail messages, FTP servers, and using Java or Microsoft connectivity, direct access to databases using ad hoc queries or stored procedures. Support for those critical technologies should cover most companies' integration requirement. Our testing of Metaserver 4.0 revealed many features that we liked. Its complex architecture facilitates adapting the execution engine to a variety of technical and business requirements. Metaserver can integrate easily in most technical environments and coexist smoothly with current application servers. In addition to the most common programming techniques, Metaserver offers hundreds of optional connectors to link others, including popular ERP and CRM packaged applications for capturing data from mainframe terminals. When BPI starts looming in your organization, Metaserver 4.0 is definitely worth your attention..."

  • [March 31, 2003] "Mission Accomplished. Review of Microsoft InfoPath 2003 Beta 2." By Jon Udell (InfoWorld Test Center). In InfoWorld (March 31, 2003). ['Pros: Intuitive, end-user-accessible tools for designing and gathering structured data; built on open XML and Web standards; automatically writes data definitions (XML Schema) and transformations (XSLT). Cons: Advanced data validation isn't expressed in XML Schema; rich-text editor not very capable; no built-in .Net programming interfaces.'] "The Web services movement envisions a world full of SOAP endpoints, but it has not yet paid enough attention to one special kind of endpoint: the human being. When SOAP packets begin to flow through e-mail and reside on file servers and intranet Web sites -- as they inevitably must -- tools such as InfoPath will prove their worth... XML documents are the currency of the emerging business Web. InfoPath empowers business users to design those documents, fill them with data, and exchange them while guaranteeing the fidelity of that data and shielding the documents from the underlying XML machinery... Saving InfoPath-generated XML in a plain text file is extremely useful. It doesn't matter whether you post or e-mail that file; either way, another user who has access to the .xsn file can view and edit the data. InfoPath's schema-, XSLT-, and script-based validation tools conspire to preserve the data's fidelity. You can also arrange to post results back to a Web service or a server that receives raw HTTP POST requests. Using the latter (and simpler) strategy, I easily arranged to route InfoPath postings to an indexed column of a Virtuoso database. InfoPath is scriptable in a browserlike way. It presents a Document Object Model which you can manipulate from JavaScript. As has been widely noted, .Net programmers will be disappointed to find no managed-code hooks. There are lots of ways to get at InfoPath's XML data, though, and it's important to note that the product does not mainly target developers. Its unique mission is to empower business users to design, gather, view, and exchange packets of XML data. It succeeds on those terms, and in so doing, defines a new and strategic category of desktop software. Built on open standards, it invites competitors to step up to the plate -- and I hope they will. What InfoPath does will come to be seen as an essential function of the decentralized business Web..."

  • [March 31, 2003] "InfoPath Shows XML's Promise." By Jason Brooks. In eWEEK (March 31, 2003). "'Better working through XML' is the prevailing theme for Microsoft Corp.'s forthcoming Office 2003 productivity suite, and none of its components carries this banner more prominently than InfoPath, a new application for designing and filling out XML-based forms. eWeek Labs' tests of InfoPath Beta 2 showed that, unlike its other Office siblings, this application eschews binary file formats altogether, instead storing form data in simple XML files, which derive their structure, appearance and validation from templates also written in XML. The benefit for companies is that data stored in InfoPath can be readily passed on to any back-end database or Web service that supports XML, although InfoPath makes it easiest to connect to Microsoft SQL Server or Access through ActiveX Data Objects links... For all its potential flexibility on the back end, however, this version of InfoPath suffers from significant interoperability restrictions on the client side. The full InfoPath client must be installed on a user's machine to design or fill out forms, but the only platforms on which InfoPath will run are Windows 2000 Service Pack 3 and Windows XP. InfoPath leaves users of Windows 9x, Mac OS and Linux -- as well as users of Pocket PC and Palm OS devices -- out in the cold, a limitation not shared by Web browser or Adobe Systems Inc. PDF-based forms solutions..."

  • [March 31, 2003] "WS-I: Guiding Interoperability." By Jeff Reser (IBM Strategic Software Solutions). In .NET Magazine (March 2003). "The Web Services Interoperability Organization (WS-I) was formed in February 2002 to address the issues surrounding the interoperable nature of a Web services-oriented architecture. WS-I isn't a standards development organization, but it works closely with a number of standards bodies, such as the Organization for the Advancement of Structured Information Standards (OASIS), World Wide Web Consortium (W3C), and Internet Engineering Task Force (IETF), to promote and utilize the right set of technologies in compatible business scenarios. The WS-I community grows as companies realize their contributions to WS-I active working groups benefit a common set of goals: to enable and promote the practical adoption of Web services technologies and open standards. WS-I concerns itself with the underlying themes of the aches and pains in implementing Web services across disciplines. Recently, WS-I published a working draft set of architectural guidelines as part of its first major deliverable: the WS-I Basic Profile. The Basic Profile consists of implementation guidelines recommending how a set of core Web services specifications (SOAP 1.1, WSDL 1.1, UDDI 2.0, XML 1.0, and XML Schema) should be used together to develop interoperable Web services. It helps to ensure standards developed by different organizations and vendors interoperate with each other, especially in the increasingly significant Web services areas. The WS-I scenarios included in the profile describe how you can apply Web services to meet real-world business needs. These scenarios provide real-world examples of how you can utilize Web services, while also demonstrating how you can use the specifications individually and/or with others. The WS-I deliverables also include sample applications that support the profiles and scenarios, and testing tools and materials. These sample applications of basic Web services illustrate best practices for implementation and are developed in multiple programming languages using multiple development tools. Sample applications serve as working examples for companies planning to implement Web services. The test materials and tools can be used to verify that the interactions observed with the monitored Web services conform to the set of guidelines and test assertions that define the profiles..." General references in "Web Services Interoperability Organization (WS-I)"

  • [March 28, 2003] "A Corporate-Friendly Makeover for Open-Source IM." By Christopher Saunders. In Enterprise IM (March 27, 2003). "The open-source IM movement stands to gain from a new, graphical front-end for installing and configuring the JabberD server. Released by the not-for-profit Jabber Software Foundation this week, the JabberD Quickstart executable represents a big step for the open-source JabberD server, the most widely deployed open-source IM server. JabberD relies on the XML-based Extensible Messaging and Presence Protocol (XMPP), supporters of which have been struggling to get traction in enterprises, amid heavily entrenched competition from the likes of IBM Lotus Sametime and Microsoft Exchange, a host of startups, and the public IM networks -- who are busily promoting enterprise offerings of their own. One way in that the JSF hopes to appeal to corporations is by addressing a lingering limitation in the server distribution: JabberD had previously been configured and maintained only through a command-line interface and a hand-edited XML configuration file... Already, the Linux-based offering is seeing new interest from users. Less than a month old, the release has been downloaded about 3,500 times. It's difficult to know how many installations have resulted from the downloads, the group says, because they tend to be behind the corporate firewall. (A survey conducted earlier on the group's site, Jabber.org, found that about 30 percent of users had deployed JabberD in intranet settings.) In addition to the current Linux deployment, the group is also working on versions for other platforms. Despite the benefits of a front-end and the early signs of rapid adoption, the JSF acknowledges that other work needs to be done on JabberD before its open-source IM becomes truly palatable to corporate-types -- work that includes beefing up security features, documentation, and public IM gateways. "Security is in the works through our work with the IETF," Saint-Andre said, referring to the recent creation of an XMPP Working Group within the Internet Engineering Task Force, the Internet's leading standards body. "Jabber is pretty secure already, but we're beefing that up even more. Documentation is always a sore point, since so few people in the open-source community are interested in documentation. However, we have a major translation effort underway for documentation, so we will have our docs in many major languages soon'..." See: (1) IETF Extensible Messaging and Presence Protocol Working Group ; (2) "Extensible Messaging and Presence Protocol (XMPP)"; (3) "Jabber XML Protocol."

  • [March 28, 2003] "XML Matters: Kicking Back with RELAX NG, Part 2. Tools and Special Issues." By David Mertz, Ph.D. (Facilitator, Gnosis Software, Inc). From IBM developerWorks, XML zone. March 26, 2003. ['RELAX NG schemas provide a more powerful, concise, and semantically straightforward means of describing classes of valid XML instances than do W3C XML Schemas. In this installment, David continues the discussion of RELAX NG begun in part 1 of this series by addressing a few additional semantic issues and looking at tools for working with RELAX NG.'] "In the last installment I gave you a fairly complete overview of both the syntax and semantics of RELAX NG schemas. However, a few issues were glossed over, and are worth looking at more closely. Both DTDs and W3C XML Schemas allow for infoset augmentation, while RELAX NG does not. James Clark, one of the creators of RELAX NG (and many other widely used XML tools), argues vehemently that infoset augmentation violates modularity in the roles of XML instance documents and schemata. In other words, for Clark, RELAX NG has a feature where DTDs and W3C Schemas have a bug. My own feelings on the matter are mixed, but I can understand his intuition... Unfortunately, XML editors do not yet support RELAX NG as widely as they do W3C XML Schemas. Of course, DTDs remain much more widely supported than either of these schema styles. This is a shame because it would actually be far easier to include customizations around RELAX NG in an editor because of the simple conceptual framework of RELAX NG validation. Ideally, a custom XML editor would utilize a RELAX NG schema to direct and assist a user in the insertion of attributes and elements in ways that maintain validity. One compromise would be to use a tool like trang to convert a RELAX NG schema into a W3C XML Schema or DTD that approximates it, then use those within a GUI XML editor. But doing so would help only to a limited extent. One XML editor is built around RELAX NG -- the Java technology-based XML Operator... I played with it a little, and found that it could be potentially useful, but it would fall on the low end of the XML editors I have previously reviewed; XML Operator implements just a few features here and there, and provides neither the huge array of tools of XML Spy, or the simple elegance of oXygen. XML Operator implements just a few features here and there, and provides neither XML Spy's huge array of tools, or oXygen's simple elegance... In part 1 and here in part 2, I have looked at most of the elements of RELAX NG, and included a summary of tools for working with it. The third and final installment will touch briefly on how RELAX NG lets you include external schemas in your schema, and selectively merge the specifications of different schemas. But part 3 will primarily look at the RELAX NG compact syntax in more detail, and explain the exact correspondences between compact syntax and XML syntax..."

  • [March 28, 2003] "XMPP Instant Messaging." By Peter Saint-Andre and Jeremie Miller (Jabber Software Foundation). IETF Network Working Group, Internet-Draft. Reference: 'draft-ietf-xmpp-im-06'. March 26, 2003, expires September 24, 2003. 73 pages. "The core features of the Extensible Messaging and Presence Protocol are defined in XMPP Core. These features -- specifically XML streams, stream authentication and encryption, and the <message/>, <presence/>, and <iq/> children of the stream root -- provide the building blocks for many types of near-real-time applications, which may be layered on top of the core by sending application-specific data scoped by particular XML namespaces. This document describes the extensions to and applications of XMPP Core that are used to create the basic functionality expected of an instant messaging and presence application as defined in RFC 2779..." General references in "Extensible Messaging and Presence Protocol (XMPP)." [cache]

  • [March 28, 2003] "Web Services Paths Remain Divided. Opposing Forces Struggle Over Standards." By Paul Krill. In InfoWorld (March 28, 2003). "Sun Microsystems entry into IBM and Microsoft's WS-I (Web services interoperability) organization was widely interpreted as a good step towards industrywide cooperation. But as a dazzling array of vendor-driven standards continues to emerge, a fresh set of machinations are proving that the battle for control of Web services standards remains alive and well between two camps: IBM and Microsoft on one side, Sun and to some extent Oracle on the other. And where enterprises are concerned, the politics threaten to limit the choice of commonly available standards they rely on to drive down the development and support costs related to the integration of disparate systems across the Internet. The areas in question range from security and transactions, via WS-Security and WS-Transactions, to business processes orchestration or choreography through both BPEL4WS (Business Process Execution Language for Web Services) and WSCI (Web Services Choreography Interface). And in another twist, questions are now starting to surface over whether patent holders are entitled to royalties for use of their technology in standards implementations. Some fear intellectual property rights issues hovering over standardization could stifle the growth of Web services itself... Part of the problem the companies face is defining when proprietary specifications become standards. According to OASIS President and CEO Patrick Gannon, there are a lot of proprietary specifications but practically no official standards for Web services. 'The only standard is XML,' he said. But he stressed their importance. 'If companies want to deploy Web services beyond a few close trading partners or internally, they can't do it without open standards,' Gannon said. SOAP, WSDL, and to a lesser extent, a directory specification now under OASIS jurisdiction, make up core so-called standards in Web services along with XML. The base SOAP and WSDL specifications provide for loosely coupled Web services, which ship data around but do not provide for more sophisticated tightly coupled services such as verification of transactions, said Eric Newcomer, vice president and chief architect at Iona in Waltham, Mass. Newcomer is also editor of the W3C WS-Architecture specification, which is intended to determine a definition and scope for Web services. Further standardization is needed in areas such as security, transactions, and business process orchestration, he said..."

  • [March 27, 2003] "Sun Wins WS-I Seat." By Darryl K. Taft. In eWEEK (March 27, 2003). "Sun Microsystems Inc. has won a two-year position on the Web Services Interoperability Organization (WS-I) board of directors, sources said. In winning this slot, Sun joins the leaders in Web services on the board of an organization initially formed with the apparent intent of keeping the Unix systems vendor out of its ranks. Now Sun is a member of that board, with the same rights and responsibilities as the rest of the 11 members... The other open board seat went to webMethods Inc. The company will serve a one-year term. Mark Hapner, Sun's lead architect for Java 2 Enterprise Edition (J2EE) and chief Web services strategist for Java Web services, will represent Sun on the WS-I board. Hapner told eWEEK in a prior interview that he was pleased to have the opportunity to run for the WS-I board slot and said that Sun has participated 'strongly' in the organization since it joined last October. Sun has participated in WS-I efforts involving business process integration, developing sample applications for testing interoperability, and chairing a security working group. The Santa Clara, Calif., company also has been instrumental in developing and promoting Web services standards like WS-Reliability, he said. And Sun has made conformance to the WS-I Basic Profile 1.0 a requirement of J2EE 1.4 compliance, he added... Sun's work with the Java Community Process, which is the multi-vendor coalition that votes on Java platform specifications, gave the company an advantage over competitors for the slot as well, Hapner said. 'We found in our work in the Java compatibility arena that it takes significant investment and dogged persistence to achieve interoperability,' he said. 'The payback is customers feel secure in broadly pursuing interoperability.' Indeed, Sun's Java expertise itself was a distinguishing factor that set Sun apart from others in the running, the company said. 'We are the representative for Java and J2EE, which will be one of the two primary platforms on which people will develop Web services,' Hapner said. Hapner said Sun's history is that of a leader in the Web services space. The company has had strong participation in the evolution of Simple Object Access Protocol 1.2 and Web Services Description Language 1.2, as well as other specifications and foundational Web technologies, he said..." "Web Services Interoperability Organization (WS-I)."

  • [March 25, 2003] "VXML and VoIP Boost Customer Satisfaction. Quickly ID Your Callers Via These Two Technologies." By Veronika Megler (Certified Consulting IT Architect, Emerging and Competitive Markets, IBM). From IBM developerWorks, Wireless. March 2003. ['In this article on how to improve your customers' experience with your automated telephone-response system, Veronika Megler demonstrates how to combine VXML and VoIP with the information inherent in a telephone call to identify both the caller and the number being called. Use this lesson to improve telephone system efficiencies and bring back customers.'] "As both a consumer and a technologist, I am continually annoyed by the poor usability of many automated telephone-response systems -- especially because I know how little effort it would take to improve them. In Talk to my VoIP, I described an application that uses a Voice-over IP (VoIP) connection to access VoiceXML- (VXML) fronted back-end applications. I also showed how these technologies can provide flexible access to application information and deliver better telephone-based assistance to the average service-center caller. By using what you already know about your caller the moment you answer the call, you can expand these concepts to take personalization and usability to the next level... by accessing the target number, you can provide different voices for different choices. You can use these basic principles and existing technology to build increasingly usable voice-driven applications..." "VoiceXML Forum."

  • [March 25, 2003] "Squeezing SOAP. GZIP Enabling Apache Axis." By Brian D. Goodman (IT Architect, IBM Intranet Technology, IBM). From IBM developerWorks, Web services. March 2003. ['GZIP encoding over HTTP is pretty much old school. "Been there, done that" is the attitude of most. However, if you have been working with a few of the current SOAP implementations, you'll find that they don't take advantage of it. While knowing they will eventually come around, if you are building real world Web service solutions and want a performance boost, GZIP is for you.'] "GZIP encoding over an HTTP transport is a well known technique for improving the performance of Web applications. High traffic Web sites use GZIP to make their user's experience faster, and compression is widely used to make files smaller for download and exchange. In fact, as far as XML goes, GZIP is not even the latest, cool thing to be doing. New technology, like AT&T's XMill, claims twice the compression of GZIP in roughly the same amount of time. GZIP, however, is a core component of the Java platform and many Web servers have the ability to compress content independent of the files or applications it serves up. For that reason, this article will look at what it takes to use GZIP in conjunction with the Axis SOAP implementation. This has proven useful for projects and solutions that need the extra performance now and for which you are willing to sacrifice time spent integrating with follow on releases of SOAP implementations later. Furthermore, this article looks at encoding at the servlet level, which will enable you to implement a different content encoding scheme... GZIP encoding over HTTP is part of Web technologies as we know it. Using it in the existing Web service framework is a logical next step. However, solutions are being designed, built, and deployed every day on these SOAP implementations. In many instances, being able to GZIP encode the SOAP envelope results in faster transaction times with a relatively low overhead. This performance upgrade can be realized today with some simple code modifications. Enabling GZIP encoding in your SOAP environment lets you take advantage of compression today, while patiently waiting for the integration into our favorite implementations..." Related references in: (1) "XML and Compression"; (2) "Simple Object Access Protocol (SOAP)."

  • [March 25, 2003] "W3C Boosts XML Document Referencing. Specific Information Citable." By Paul Krill. In InfoWorld (March 25, 2003). "W3C [has] issued its XML Pointer Language (XPointer) Recommendation, providing a lightweight, extensible model for identifying parts of XML documents. The recommendation step is the final, formal adoption stage at W3C. 'What XPointer allows is for people to be able to point to different parts of an XML document,' said W3C spokeswoman Janet Daly. 'You might want to be able to identify a section or fragment in a large document and you want to be able to link to it.' Prior to XPointer, the only way to link to XML documents was to point to the whole document or utilize an identifier of a document part specifically inserted by the document author, Daly said. Now, links can be made to just the specific parts of a document. XPointer already has been implemented in some products, according to Daly... The XPointer element Scheme allows the user to point to specific elements in XML documents and data. The XPointerXMLns Scheme brings XML Namespaces to the XPointer Framework, to avoid name collisions between schemes and provide namespaces binding information for use within other schemes, according to W3C. This supports development of personal identifying vocabularies and distinguishing between them..." See: (1) "World Wide Web Consortium Issues XPointer Recommendation. XPointer Gives Extensible Model for Identifying XML Fragments, Improving Precision of Linking."; (2) other references in "W3C Publishes Recommendations for the XML Pointer Language (XPointer)."

  • [March 25, 2003] "Composite Capability/Preference Profiles (CC/PP): Structure and Vocabularies." Edited by Graham Klyne (Nine by Nine), Franklin Reynolds (Nokia Research Center) Chris Woodrow (Information Architects), Hidetaka Ohto (W3C/Panasonic), Johan Hjelm (Ericsson), Mark H. Butler (Hewlett-Packard), and Luu Tran (Sun Microsystems). Produced by the W3C CC/PP Working Group as part of the W3C Device Independence Activity. W3C [Last Call] Working Draft 25-March-2003. "This document describes CC/PP (Composite Capabilities/Preference Profiles) structure and vocabularies. A CC/PP profile is a description of device capabilities and user preferences that can be used to guide the adaptation of content presented to that device. The Resource Description Framework (RDF) is used to create profiles that describe user agent and proxy capabilities and preferences. The structure of a profile is discussed. Topics include: (1) structure of client capability and preference descriptions; (2) use of RDF classes to distinguish different elements of a profile, so that a schema-aware RDF processor can handle CC/PP profiles embedded in other XML document types. CC/PP vocabulary is identifiers (URIs) used to refer to specific capabilities and preferences, and covers: (a) the types of values to which CC/PP attributes may refer, (b) an appendix describing how to introduce new vocabularies, (c) an appendix giving an example small client vocabulary covering print and display capabilities, and (d) an appendix providing a survey of existing work from which new vocabularies may be derived..."

  • [March 25, 2003] "Microsoft Office Word 2003 Beta 2 Preview. Part 1 of 2." By Siew Moi Khor (Microsoft Corporation). In Microsoft MSDN Library. March 2003. "The latest version of Word, Word 2003, has many new and exciting features and improvements. In this article, you will be given the following high-level preview of the latest features of Word 2003 Beta 2: Extensible Markup Language (XML) support; Smart Document solutions; Research library... XML removes the obstacles that stemmed from data being locked in binary files, and enables semantic structure around content, which makes data retrieval quite easy. XML support in Word 2003 is one of the most exciting breakthroughs for Microsoft Office 2003. Through the use of XML, Word content becomes free-flowing, unlocked data, which can be modified. The sharing of information between documents, databases, and other applications also simplified with XML... Word 2003 is an XML solution development platform allowing developers to build powerful structured Word documents and templates that leverage XML to capture information from end users' input. End users can continue to enjoy all the rich editing features that they expect, like auto correct, spell check, grammar check, change-tracking, and more. In short, users can continue using Word the way they always have. They do not need to know anything about XML to take advantage of its capabilities in Word 2003. There is a rich Visual Basic for Applications (VBA) object model support for the XML functionality of Word 2003. There are also new object model events that allow developers to customize the Word 2003 editing environment. For example, you can hide XML from end users while taking full advantage of the power of XML in Word. Additionally, a Word XML Content Development Kit (CDK) is available to Office 2003 Beta 2 program participants to help developers quickly get up to speed on how to build XML solutions using Word 2003 as a development platform. Word 2003 has a native XML file format called WordML that can be fully round-tripped without losing Word formatting. As a result, developers can easily detach presentation information from data. WordML can be transformed to separate the pure XML data from formatting as required, which also allows developers to reveal Word-specific content... Smart Document technology in Word 2003 and Microsoft Office Excel 2003 enables the creation of XML-based applications that provide users with contextual content via the Office task pane. With Smart Documents, users can increase productivity because content is presented in the task pane as they navigate through a document, reducing the time spent searching for or filling in data, or looking for help. Users benefit from a Smart Document's ability to deliver relevant information and actions through the use of an intuitive task pane that synchronizes content based on the user's current location within the document... The new Research Library feature in Office 2003 makes searching for relevant information and integrating that data into Office documents easier..." See "Microsoft Office 11 and InfoPath [XDocs]."

  • [March 25, 2003] "Product Review: Microsoft Office 2003 Beta 2." By Gregg Keizer. In ZDNet (March 24, 2003). "Perhaps to assuage the clamoring public or to work out some development kinks, Microsoft has released a public beta of its popular office suite. Our initial assessment? As in Office XP, the suite's most prominent changes target the professional market. True, Microsoft has enhanced some of Office 2003's applications, adding small improvements such as Outlook's better e-mail handling and spam filtering. But most Office enhancements benefit large-scale setups. Corporate intranets will get a lot out of the suite's new XML integration, which facilitates moving information from one program to another, and its beefed-up collaboration features. Corporate buyers may want to give this beta a run. But, if nothing much changes with the final release, consumers won't find much reason to upgrade... Office Pro 2003 doesn't debut any new fix-it features but retains the help menu's Check For Updates and Detect And Repair functions, which go online and sniff for updates or patches and repair any damaged or corrupted files. We'd like to see Office become part of the Windows Update process, which automatically scans your PC and recommends updates, so that we wouldn't have to go two places -- one to patch Windows, another to fix Office. Alas, that won't happen in this edition..."

  • [March 25, 2003] "Sun Attacks Microsoft XML Strategy Shift." By David Worthington. From BetaNews (March 24, 2003). "Sun Microsystems fired its first salvo at Microsoft's upcoming Office 2003 by calling into question the aim of Redmond's overall XML strategy, and touting StarOffice 6.1 as a low cost alternative for cost conscious enterprises. During a telephone interview, Sun's Iyer Venkatefen, product manager for StarOffice, told BetaNews that Microsoft was not abiding by the OASIS standards. With more than 600 members in 100 countries, OASIS, or Organization for the Advancement of Structured Information Standards, is a global consortium that establishes standards to ensure interoperability. While Microsoft embraced openness and follows base-level XML standards, it is taking a different approach towards defining office formats by letting developers decide what schema, or data structure, suits them best. For instance, a document type dubbed XBRL is intended for use in business reporting and would be an industry wide standard written with XSD. XSD, often referred to as a schema, is an XML-based W3C standard language for describing the rules that the structure and the contents of a particular type of XML document are required to follow. Competitors such as Sun and Corel are working with an OASIS technical committee to arrive at a common consensus for these office document schemas. Microsoft is accepting any schema so long as it is XSD compliant, allowing customers to tailor their own... Company spokesperson Jason Carson told BetaNews that customers have the freedom to use any W3C compliant schema that is XSD based. The general idea was simply not to stick with OASIS. Office 2003 will instead support a slew of standardized and proprietary schemas. Carson claimed that Sun was trying to standardize under a single schema, and went on to say that XML implementation in Office was never meant to create a standard format, but a method to freely share information regardless of the platform. Indeed, XML is not the default data format for Office 2003 applications, just an option. Adding fuel to the fire, Microsoft recently quit the W3C Web services standards body, which has prompted some naysayers to call into questions its commitment to standardization. Microsoft refutes such claims and says its XML technologies are fully compliant..." Related references in: (1) "XML File Formats for Office Documents"; (2) "XML Schemas"; (3) "Microsoft Office 11 and InfoPath [XDocs]."

  • [March 25, 2003] "Proposed Infoset Addendum to SOAP Messages with Attachments." By Adam Bosworth (BEA), Don Box (Microsoft), Martin Gudgin (Microsoft), Mark Jones (AT&T), Franz-Josef Fritz (SAP), Amy Lewis (Tibco), Jean-Jacques Moreau (Canon), Mark Nottingham (BEA), David Orchard (BEA), Hervé Ruellan (Canon Jeffrey Schlimmer (Microsoft), Volker Wiechers (SAP). Copyright BEA Systems Inc. and Microsoft Corporation. 24-March-2003. Version 0.6 Draft. 22 pages. Abstract: "This specification defines a small number of XML and SOAP conventions that clarify an earlier proposal and collectively allow opaque data and web references to be used in an Infoset-based messaging model." From the Introduction: "The desire to integrate XML with pre-existing data formats has been a longstanding and persistent issue for the XML community. Users often want to leverage the structured, extensible markup conventions of XML without abandoning existing data formats that do not readily adhere to XML 1.0 syntax. Often, users want to leave their existing non-XML formats as is, to be treated as opaque sequences of octets by XML tools and infrastructure. Such an approach would allow widely used formats such as JPEG and WAV to peacefully coexist with XML. As XML is increasingly used as a message format (e.g., SOAP), the interest in integrating opaque data with XML has increased to the point where there are at least two concrete proposals for doing so: SOAP Messages with Attachments 1.0 and WS-Attachments. The former has gained some traction within the community but is under specified with respect to the XML Infoset [Infoset] and with respect to the processing model of SOAP... This document proposes a set of concrete idioms and conventions that clarify the processing model of SOAP Messages with Attachments, yielding the following enhancements: (1) Alignment with the XML Infoset-based data model and the SOAP processing model -- opaque data may be correctly processed by intermediaries and may be secured (2) Backwards-compatible message syntax -- every message conforming to this proposal is a legal SwA/1.0 message (3) Alternate message syntax for SOAP processors that have no knowledge of SwA or this proposal -- message content can be faithfully serialized in a form that is understandable by SOAP processors that do not comply with this specification..." Note of 2003-03-25 from Martin Gudgin (Microsoft): "We have now posted the document illustrating an infoset approach to the attachment feature... This document is intended to be a concrete realisation of the ideas laid out in the white paper "XML, SOAP and Binary Data"; see abstract. Also available in PDF format. [cache]

  • [March 25, 2003] "Achieving Application Coordination With Business Transaction Management Software." Choreology White Paper. 7 pages. "... The main purpose of an application coordination product is to ease, cheapen and standardize the elimination of inconsistencies in information held in different systems. We have identified four key patterns or models where application coordination is applicable. A solution that provides application coordination can be used in any industry, but for the sake of illustrating the potential in a complex environment, the examples of the following models focus on the financial services industry (1) Coordinated dispersal of information: Under this model, business information is propagated or dispersed on an 'all, some, or nothing' basis. The dispersing system knows the exact outcome of processing by each recipient and business rules determine viable outcomes, enabling partially correct results. (2) Creating synchronization barriers: In this model, complex, coordinated action is contingent on the result of a prior coordinated action. Following the same example in the previous model, an organization ideally won't propagate trade data throughout the front office and settlement systems until all of the reference data has been coordinated and checked throughout the system. (3) Coordinated aggregation: This is can also be thought of as the escrow model and appears frequently in credit check or payment-againstdelivery processes. It involves obtaining information or commitments that build up to a coherent outcome. The receiving system and sending service both know information has been delivered, and the receiving system uses business rules to determine viable aggregations. (4) Coordinated creation of binding contracts: This pattern is used for negotiation leading to a deal being struck. Other uses include the sending and acceptance of confirmations. Many trading protocols and information exchanges follow this fundamental pattern. Acceptance of an offer creates a binding commitment -- the parties are bound to deal and acknowledge involvement. Rejection induces counterproposal or re-proposal. Any outcome is common knowledge, and is mutually assured by comparable records..." [cache]

  • [March 25, 2003] "W3C Spec Labels XML Parts." By Paul Festa. In CNET News.com (March 25, 2003). "A method of labeling discrete parts of an XML document concluded its tortuous journey toward standardization with the World Wide Web Consortium's approval of XPointer. The World Wide Web Consortium (W3C) on Tuesday issued XPointer in three installments: XPointer Framework, XPointer element Scheme, and XPointer xmlns Scheme. Extensible Markup Language (XML) is a W3C recommendation that lets authors create their own task- or industry-specific markup language for more flexible and searchable digital documents. While XML has long had a linking mechanism built in, the trio of XPointer recommendations provides a way for anyone to segment an XML document and label and link to it. The Framework gives authors a model for identifying parts of an XML document. The element recommendation lets authors 'point' to those specific parts, and the xmlns, or namespace, recommendation establishes a means of delineating which tags belong to which XPointer schemes so that browsers can distinguish between same-named tags from different schemes..." See: (1) "World Wide Web Consortium Issues XPointer Recommendation. XPointer Gives Extensible Model for Identifying XML Fragments, Improving Precision of Linking."; (2) other references in "W3C Publishes Recommendations for the XML Pointer Language (XPointer)."

  • [March 25, 2003] "RSS 0.91, 0.92 and 2.0 Really Simple Syndication." By Ben Hammersley. Chapter 4 in Content Syndication with RSS: Sharing Headlines and Information Using XML. March 2003. 19 pages. Book description: "RSS (which can stand for RDF Site Summary, Rich Site Summary, or Really Simple Syndication) is an XML-based format that allows web developers to describe and syndicate web site content. Content Syndication with RSS offers webloggers, developers, and the programmers who support them a thorough explanation of syndication in general and RSS in particular. Written for web developers who want to offer XML-based feeds of their content, as well as developers who want to use the content that other people are syndicating, the book explores and explains metadata interpretation, different forms of content syndication, and the increasing use of web services in this field. If you're interested in producing your own RSS feed, this step-by-step guide to implementation is the book you'll want in hand..." See "RDF Site Summary (RSS)."

  • [March 25, 2003] "Leverage XSLT to Build Applications. Moving Beyond Format Transformations to Multi-Tiered Solutions." By Chen Shu, Nianjun Zhou, and Dikran S Meliksetian (IBM). From IBM developerWorks, XML zone. March 25, 2003. ['This article describes a methodology for building an XML-based, end-to-end, multi-tiered solution by leveraging XSLT technology. The authors introduce this methodology through an example application in which XSLT is not only used in the transformation at the presentation layer, but also in retrieving data from heterogeneous data repositories and generating data-centric XML documents at the back-end. This application also provides data computation, such as statistical analysis in the middle tier.'] "XSLT can be used to perform additional tasks within an application that uses XML as its main data representation model... In this article, we demonstrate how to build an application where XSLT is used beyond its traditional role of format transformation. Within the example application, we leverage XSLT to accomplish the following tasks: (1) Transform the repository data from a relational representation to XML; (2) Perform statistical analysis of the data represented as an XML document; (3) Generate an XML document based on a particular business logic; (4) Render the XML as HTML, WML, and VXML. This application demonstrates that you can easily create search applications using legacy information and serve the results in multiple output formats by adding the proper XSL transformtion scripts. The methodology can be used in a variety of applications that need simple data analysis and data format transformation. This article is organized as follows... we briefly introduce the example application and the requirements upon which we built it; we describe the architecture of our solution, followed by a detailed description of the XML transformations required within the application. Finally, we conclude by stressing the versatility of the solution with respect to changes in requirements, as well as input and output data formats... The example application is a search framework that attempts to minimize the sequence of questions and answers required to find a searched object. The system is called Guided Adaptive Search Framework (GASF)... The methodology demonstrated by GASF can be used in a variety of applications -- such as Web content management systems, knowledge management systems, and business-to-business transactions -- where you have the need to compose an XML object from various data sources, and then process and render it on the fly. We believe that as XSLT technology matures, this can be performed more efficiently and extensively. The primary advantage of leveraging XSLT to enable applications is its flexibility and low cost of development. For applications that do not need to support high volume transactions, XSL transformation can provide a quick, easy, and cost-saving solution..."

  • [March 25, 2003] "XML Gathers Momentum. New Standard Makes The Language Useful, Helps Simplify Access-Control Policies." By Michael Hardy. In Federal Computer Week (March 24, 2003). "Extensible Markup Language has become a pervasive force in applications in which computers share data or interact. To make the language even more useful, standards bodies are churning out specialized versions of XML at a rapid pace. For example, in February, the Organization for the Advancement of Structured Information Standards (OASIS) released Extensible Access Control Markup Language (XACML), which allows organizations to build their rules for access to systems or information into the open standard. That way, XACML can eliminate the need for multiple access-control policy languages, which many organizations now rely on... Open standards ease the headaches involved in integrating systems, such as making disparate applications adhere to an agency's access rules, said Steve Hanna, senior staff engineer at Sun Microsystems Inc. and a member of the OASIS committee that developed XACML. Sun issued its XACML Implementation Feb. 18, with code based on the company's Java programming language. 'We looked at what's out there today, and it's a mess,' he said. 'Every application has its own policy language, its own policy syntax. If somebody comes to you and says, 'Here's the high-level policy we want to implement,' you have to translate it over and over again, once for each system.' Even in the absence of a standard, though, XML is much more flexible than a proprietary system, according to Bill Wright, president of Computas NA Inc. The company's Metis product is designed to help administrators construct an enterprise architecture by converting data into XML form. Because no standard exists for enterprise architectures, Computas created its own. When a standard does emerge, he said, XML will make the transition easy. Vendors, by and large, support open standards because they level the playing field, said Bill Edwards, chief technology officer at Siebel Systems Inc. Buyers are wary of getting locked into one vendor's product line and are more comfortable when the connection points that support multiple applications are based on something every vendor can use, he said. In 2002, Siebel, Tibco Software Inc., Vitria Technology Inc., webMethods Inc., Microsoft Corp., IBM and SeeBeyond Technology Corp. formed the Universal Application Network to develop XML-based business processes for their customers..." See also "Extensible Access Control Markup Language (XACML)."

  • [March 25, 2003] "Physics Institute Turns To Web Services." By Tony Kontzer. In InformationWeek (March 24, 2003). ['The American Institute of Physics turns to eMeta's software to take a new approach to delivering its journals.'] "The American Institute of Physics was one of the first online publishers of academic journals, having launched its Online Journal Publishing System in 1994. With some 110 journals in its repertoire today, the institute has been using eMeta Corp.'s eRights access-control technology for more than two years to make sure that the scientists and researchers who come to the site only get access to what they're entitled to. That means everything from free browsing to the purchase of individual articles to full-blown subscriptions. Now the institute wants to start experimenting with developing a Web-services approach to delivering its virtual journals, what it calls the documents it publishes directly to its users between the production of complete journals. With the release Monday of a new suite of applications, eMeta will open that door with the introduction of RightServices, a software module that will let customers set up Web services that can tap access-control rules built with the former eRights engine, now called RightAccess... EMeta opted to divide its flagship eRights application into two modules -- RightAccess and RightCommerce -- because customers had been confused by commerce-related fields that were part of the access-rights setup. 'We're seeing people who really want to secure -- but may not want to monetize -- their content,' says CEO Jonathan Lewin. With the new RightServices app added to the suite, Lewin says customers will be able to purchase a more precise fit to meet their needs. He says one-fourth of the company's customers have requested Web services APIs so they can build Web services to deliver content and applications online..." See: (1) AIP website; (2) Online Journal Publishing Service (OJPS), using SGML: "AIP uses a customized version of the ISO standard 12083 DTD to create, store and disseminate e-journal content. The 12083 DTD, or Document Type Definition, is widely utilized by scientific and technical publishers to define content elements and validation rules for describing and processing technical manuscripts. AIP can accept virtually any type of source file and convert it to 12083 compliant SGML..."

  • [March 25, 2003] "Agencies Work E-Gov Health Standards." By Sara Michael. In Federal Computer Week (March 24, 2003). "Several agencies are coordinating the use of the first set of uniform standards for the electronic exchange of health information to be used across the federal government. The departments of Health and Human Services, Defense and Veterans Affairs announced March 21 the effort to standardize the information exchange, part of the Consolidated Health Informatics (CHI) initiative, one of the Bush administration's 24 e-government initiatives... The standards, including privacy and security protections, will make it easier for health care providers to share patient information and identify emerging public health threats. It will also facilitate the creation of portable electronic medical records. 'With appropriate privacy protections for personal health information, consumers and patients will benefit when their health information is available to their doctors and other health care providers when it is needed such as the emergency room,' HHS Secretary Tommy Thompson said in a statement. Under the new standards, agencies will use a common coding system to coordinate care and exchange information. Currently, agencies use different coding systems. 'E-gov is focused on simplifying bureaucracy, and the CHI work in health data standards is an excellent example of how simplification can improve quality and reduce health care costs in America,' Mark Forman, associate director for information technology and electronic government at the Office of Management and Budget, said in a statement..." The CHI Initiative standards include, for example, HL7 coded concept hierarchies such as Logical Observation Identifiers Names and Codes (LOINC), Digital Imaging and Communications in Medicine (DICOM), IEEE 1073 Medical Electronics, National Council for Prescription Drug Programs (NCPDP) standards, etc. Related references in: ASTM XML Document Type Definitions (DTDs) for Health Care, Clinical Data Interchange Standards Consortium, ISIS European XML/EDI Healthcare Pilot Project (XMLEPR), Open Healthcare Group 'XChart', DocScope: Open Source XML Healthcare Project, Health Level Seven XML Patient Record Architecture, The CISTERN Project - Standard XML Templates for Healthcare.

  • [March 24, 2003] "CERT, Feds Consider New Reporting Process." By Dennis Fisher. In eWEEK (March 24, 2003). "Government officials and private organizations alike are reviewing their vulnerability disclosure processes after several incidents over the past 10 days exposed major shortcomings in the way new bugs are handled. The most dramatic case for change came early last week when an anonymous member of a security mailing list posted three unpublished vulnerability advisories. None of the advisories had been released by the authors -- or by a third party such as the CERT Coordination Center -- who typically handle such announcements. The posts were taken from advance copies of the advisories that CERT had shared with a select group of software vendors, something that has angered CERT officials... CERT is now considering whether changes can be made to its process for handling vulnerabilities. The federal government, meanwhile, is discussing ways to centralize vulnerability reporting... The government is considering a plan to establish a single point of contact for vulnerability reporting; researchers would submit discoveries to the contact. The government would then work with the researcher and the affected vendors to coordinate release of the information. The hope is to avoid leaks and to speed vendor response to security problems. However, the Information Assurance and Infrastructure Protection division of the Department of Homeland Security is still without a leader, clogging any major initiatives, insiders said. While the Bush administration has found it difficult to fill the top information security job, sources say Bob Liscouski, director of information integrity and assurance at The Coca-Cola Co., in Atlanta, is slated to take the job of assistant undersecretary for IAIP... The trouble began when a member of the Full-Disclosure mailing list posted three vulnerability reports. Only one of the problems had been disclosed previously, and patches were not yet available. All the advisories detailed the vulnerabilities and affected products. All the vulnerability reports were serious. The first, posted March 15 [2003], warned of a cryptographic weakness in the popular Kerberos protocol. The second message discussed a timing attack on cryptographic keys. The third, posted March 16, concerned a problem in a code library contained in Unix-based software from Sun Microsystems Inc. and other vendors. The Kerberos bulletin was officially released March 17; the details of the timing attack were published on another Web site the previous Friday..."

  • [March 24, 2003] "Environment, Behavior, and Scripting. Developers are Better When 'Multilingual'." By Jon Udell. In InfoWorld (March 21, 2003). "... We cling to the notion that developers need to master only one programming language, but this notion has never been true. The short list, nowadays, might be Java or C#, SQL, JavaScript, Perl or Python, XSLT (Extensible Stylesheet Language Transformation), and maybe a Unix shell language. These languages differ along two axes: environment and behavior. JavaScript, for example, is a powerful and dynamic scripting language that can in principle be used in almost any environment but in practice is most often wielded from within the browser, with which it has a special relationship. Perl, Python, and Ruby provide their own environments in the form of libraries (such as Perl's Comprehensive Perl Archive Network, or CPAN) that mix scripted and compiled modules. Java's environment is defined by its class libraries, as is that of C#... The Java and .Net libraries are becoming standard infrastructures that should be reused, not recreated. Scripting languages can, and indeed must, push forward with innovation. Features such as Python's list comprehensions and Ruby's iterators are powerful constructs that can rewrite the productivity equation. Scripting languages are also wonderful proving grounds for idioms that might get baked into the next generation of common infrastructure -- for example, Ruby's tuplespace, which is a kind of associative memory. If new languages didn't have to recreate the standard environment, such innovations might happen more often, and might be easier to adopt..."

  • [March 24, 2003] "KyTek Beefs Up XML Support. New Version of XMLxt Makes it Easier to Mate XPress and XML. [Print Workflow.]" By George Alexander. In The Seybold Report Volume 2, Number 23 (March 24, 2003). ISSN: 1533-9211. "KyTek specializes in long-document XTensions for Quark XPress. In recent years, the company has been moving increasingly into SGML and XML support. The company has just released version 4.0 of its XMLxt, an XTension for composing Quark documents from XML files. The XTension utilizes Quark's 'hidden text' feature to preserve the XML tagging within the XPress document, which makes it possible to make changes to the document content in XPress and then save it as XML with the changes intact. The new release provides better editing of the XML tags (when they are displayed) and better protection from inadvertent editing (when they are hidden). The options for XML export have also been improved. More specifically, the improvements are: (1) Simplified tagging: it is now practical to do a limited amount of tagging within Quark XPress. (2) Checking for well-formed tags: XMLxt can check for proper nesting of tags in the whole document, a chain of text boxes or a selected range of text. (3) Protection against inadvertent tag deletion. (4) Improved export options... To get an XML file to be formatted correctly in XPress, the user needs a way to specify what XPress commands and style codes are to be generated for each XML tag. For now, there is a KyTek utility to do this. But KyTek is working on an approach that will depend only on XSLT and Perl scripts, so that the utility will no longer be required. XMLxt, version 4.0, is available now and costs $400..."

  • [March 24, 2003] "A Personal Version of XML, Courtesy of Netomat." By Erin Joyce. In InternetNews.com (March 24, 2003). "As the adoption of Extensible Markup Language (XML) spreads to corporate networks, helping computers speak to each other more efficiently over the Web, what about XML for humans? [...] Netomat, a start-up company about to make its public debut at PC Forum starting March 23, 2003 -- Esther Dyson's annual confab of technology visionaries -- may have that answer... the company, launched by a mix of artists, philosophers and early players in the growth of XML, could be on the verge of becoming -- dare we say it -- the 'next big thing.' If only because it's a creation that is not easily summed up. 'It's probably best described as a service,' says Alan Gershenfeld, a founder and co-CEO of Netomat, which was founded in 2001. 'We make it easy to combine multimedia formats: text, images, voice sound, free form drawing, unlimited personal rich media,' said Gershenfeld, a former executive of entertainment software company Activision. And it's XML and Java based, which makes the multi-media authoring tool compatible with both PCs and Macs, with various browsers and various e-mail clients. For a monthly subsciption fee, the Netomat user, consumer or corporate, gets a hosted authoring and messaging application, 30 megabytes of space on Netomat's servers, and the use of the company's communication infrastructure. It lets you manipulate text, images, video, audio -- any digital media -- and with the push of a button you can send the whole creation off in an e-mail, or in today's publishing parlance, update your blog...' ... the XML and Java-based platform consists of a fully integrated family of authoring, server and player technologies designed to work seamlessly with existing formats and protocols. The core innovation underlying the platform is a new XML-based language called netomatic mark-up language (NML). They like to think of it as XML for people to people communications. The company also plans to make its NML source code available to the open source community. 'We believe in open standards, open formats, open protocols. And we want NML to be open. It's part of the philosophy of the company'..."

  • [March 24, 2003] "The First Taste of Liberty. Sign On Once, Log In Everywhere." By Frank Sommers. In Java World (March 21, 2003). "Prompting a user to separately log into closely affiliated Websites creates an awkward user experience. Web services that rely on one another may not even permit separate logins since they must operate without human intervention. The Liberty Alliance Project specifications provide a single sign-on mechanism for both Websites and Web services. This article explores how Liberty helps federate a user's identities from different service providers and uses that federated network identity to authenticate a user to many Web-accessible services. The article concludes with an example of how two Websites can use single sign-on... Being able to sign on once and log in everywhere may appear to your Website's or Web service's users as magic. But, as this example shows, there is no magic to single sign-on. It's a matter of following the Liberty protocols' message exchanges and trusting authentication decisions issued by an identity provider. The more Websites you must interact with that support Liberty, the more common the single sign-on experience becomes. Currently, only Sun Microsystems' Sun ONE (Open Network Environment) product line supports the Liberty protocols, but Liberty is fast gaining industry support, and dozens of companies have announced plans to Liberty-enable their products and e-commerce Websites. The forthcoming Liberty 2.0 specifications will address issues beyond single sign-on and identity federations -- for instance, they may let you share a user's preferences and other user-specific data as well. While eliminating duplicate login and data entry forms are sure to please your Website's or service's users, introducing Liberty into your Website or Web service architecture can cut down on what surely must be the biggest annoyance in a development project: duplicating functionality. That's because Liberty can help you factor out authentication roles, on the one hand, and services that are consumers of authentication-produced information, on the other. That way you could maintain just one service (or servlet) acting as an identity provider, and your other services can rely on that identity provider's authentication assertions. Instead of developing some application-specific way to exchange security assertion information, Liberty allows you to depend on SAML data structures. As you add services to your infrastructure, those new services can leverage what's already available..." Related resources: (1) "Security Assertion Markup Language (SAML)"; (2) "Liberty Alliance Specifications for Federated Network Identification and Authorization."

  • [March 24, 2003] "Web Services Reliable Messaging Protocol." By Peter Abrahams. In IT-Director.com (March 24, 2003). "In January a draft Web Services Reliability specification was announced and I wrote expressing some concerns about the specification. My first concern was the noticeably absence of IBM, Microsoft and BEA from the sponsor list. On March 13 it became clear why, when they, along with Tibco, announced their own 'Web Services Reliable Messaging Protocol' specification in this space... The two specifications address the same issue of how to ensure delivery of messages from one web service to another, including the different levels of service ranging from 'at most once' to 'exactly once and in order'. However in their detail of how to do this, the terminology used and the schemas, required they are totally incompatible. Given that many of the other WS specifications have been created by people from both camps, and therefore the parallel development must have been apparent, it is difficult to understand why both specifications have got as far as publication. On initial viewing the 'Web Services Reliable Messaging Protocol' appears more coherent and complete than the previous specification, and its title more accurately describes the specification scope. My next concern was that there was no introduction of the problem space and the solution. In the new specification this has been answered by IBM and Microsoft jointly creating an introductory white paper called 'Reliable Message Delivery in a Web Services World: A Proposed Architecture and Roadmap' which helps to define the need for the specification and outlines how it relates to a set of other web services specifications including addressing, policy, security, trust, encryption, coordination and transactions, and points to the need to develop further specifications relating to metadata exchange, endpoint resolution and transmission control..." General references: "Reliable Messaging."

  • [March 24, 2003] "Taming Web Services. Emerging Technologies May Bring Order to XML-Based Integration." By John Moore. In Federal Computer Week (March 21, 2003). "In recent months, Web services have begun to sprout in the federal sector. Examples can be found at the Defense Information Systems Agency, the Environmental Protection Agency and the U.S. Postal Service, among other government entities. And Web services may grow in popularity, especially since the Office of Management and Budget is encouraging agencies to use XML when developing their e-government projects. So far, so good. But something is missing from the Web services mix: structure. Yes, standards are in place, but developers may interpret them in different ways. The task of orchestrating multiple Web services is another difficulty. Web services management, in general, is a topic industry leaders have only recently begun to address. This state of affairs is fine for the current crop of relatively simple Web services, but problems arise when organizations pursue more sophisticated deployments. 'I think that Web services are ready for certain applications in the federal government,' said Brand Niemann, a computer scientist at the EPA and head of the CIO Council's XML Web Services Working Group. But he said it's a different story when it comes to applications that require high levels of security or are transaction- oriented. 'Agencies are not ready culturally, nor are we ready technically, to do all that,' he said..." "US Federal CIO Council XML Working Group."

  • [March 24, 2003] "What's in a Topic Map?" By Michael Classen. From WebReference.com (March 24, 2003). "In our last extension of the XMLMap we closed with a discussion of ontologies and topic maps, both concepts for expressing semantics of resources. I received many questions on the rather abstract nature of these concepts, as well as their practical applications and implications. This installment tries to explain topic maps with examples taken from our daily lives... Topics maps revolve around three basic concepts: Topics, Associations, and Occurrences... Up until now there has been no equivalent of the traditional back-of-book index in the world of electronic information. People have marked up keywords in their word processing documents and used these to generate indexes 'automatically', but the resulting indexes have remained as single documents. The World Wide Web removes the distinction between individual documents and now, indexes have to span multiple documents. Indexes have to cover vast pools of information, calling for the ability to merge indexes and to create user-defined views of information. In this situation, old-fashioned indexing techniques are clearly inadequate. The problem has been recognized for several decades in the realm of document processing, but the methodology used to address it - full text indexing - has only solved part of the problem, as anyone who has used search engines on the Internet knows only too well. Mechanical indexing cannot cope with the fact that the same subject may be referred to by multiple names ('synonyms'), nor that the same name may refer to multiple subjects ('homonyms'). Yet, this is basically how a web search engine works, so it is no surprise when you get thousands of irrelevant hits and still manage to miss the thing you are looking for! Topic maps provide an approach that marries the best of several worlds, including those of traditional indexing, library science and knowledge representation, with advanced techniques of linking and addressing. The author has realized the need for a map to the XML topic; a later installment will deal with XTM and an attempt to apply it to this Web site..." General references in "(XML) Topic Maps."

  • [March 21, 2003] "Towards Modular Access to Electronic Handbooks." By Caterina Caracciolo (Language & Inference Technology Group, University of Amsterdam, Amsterdam, The Netherlands). In Journal of Digital Information Volume 3, Issue 4 (February 19, 2003). "The paper reports on an ongoing project Logic and Language Links (LoLaLi). The project is aimed at providing an exemplary architecture for an electronic dissemination environment for scientific handbooks. It focuses on a way of facilitating navigation through and access to electronic handbooks by using a WordNet-like concept hierarchy consisting of synsets (sets of synonyms) that are connected to each other and to external sources by semantic relations for navigational purposes... In the LoLaLi project we aim to define what electronic publications should look like: we are especially interested in developing a good hyperlink system to provide access to the content of the handbook. This system should be rich enough to account for the complexity of the domain (the interface between Logic and Linguistics), while avoiding disorientation of the reader. Our prototype focuses on a specific domain, but we believe that we will be able to draw general conclusions on dealing with electronic handbooks in a wider range of domains. The approach uses a WordNet-like concept hierarchy to annotate and access the handbook. It consists of synsets (sets of synonyms) that are connected to each other and to external sources by semantic relations. Concept hierarchies are often used for the purpose of navigating through large collections of documents. They are very useful for the organization, display and exploration of a large amount of information... Concepts in the hierarchy are annotated with a gloss; for instance, the study of language meaning is a gloss for semantics. Moreover, they come with a longer description, provided by the authors of the concept especially for the LoLa hierarchy. The hierarchy consists of a TOP concept, under which there are four main branches: computer science, mathematics, linguistics and philosophy; from each of these concepts stems a branch of the hierarchy, organized by relations of subtopic - supertopic. A concept is a subtopic of another concept if one (and only one) of the following relations holds: (1) is a: epistemic logic is a related subtopic of modal logic; (2) part of: metaphysics is part of philosophy; (3) technical notion: operator is a notion in mathematical logic; (4) mathematical result: Goedel's incompleteness theorem is a mathematical result [theorem] of logic and mathematical logic; (5) computational tool: SPASS is a computational tool for first-order logic, a first-order resolution-based theorem prover; (6) historical view: the concept Frege on quantifiers gives an historical view of the concept quantifiers... Each concept is given a unique identifier and is represented as an XML document in which the following pieces of information are stored... All these pieces of information constitute elements in the XML tree; some of them (e.g., title and gloss) are given an identifier to be individually addressable. Moreover, the XML documents incorporate a set of metadata (Dublin Core compliant) about the document, such as author and date of creation and modification. An extension of the DTD to accommodate bibliographic references is under development, in collaboration with Elsevier Science. The graph structure is coded in a relational table, while descriptions are stored separately because they are typically written in LaTeX and can also contain non-textual objects, such as images. Users do not access the XML base but a static set of HTML documents, searchable and browsable, generated from the XML base at regular intervals..."

  • [March 21, 2003] "W3C Patent Policy Draft." By Tim Bray. In ongoing (March 19, 2003). "The latest draft, published today, is a landmark. You can't possibly imagine the number of hours of hard thinking and nasty wrangling that have gone into producing it. My personal take is that it's about done and it's good enough and we're not going to end up with anything better... To start with, it's really important to understand that these issues are not simple. I think that most responsible members of the Web communities know what effect we'd like to achieve, but the legal and historical backdrop is insanely complex and achieving the effect you want to is far from easy. Royalty-Free is the Way to Go. The Web is unique and special in that anyone can read up on HTTP or HTML or XML or whatever and start writing software to process them, and not have to worry about paying anyone a royalty. Lots of other areas of technology just aren't like this. If you want to build a DVD player, or a network router, or a VLSI test rig, or many many other things, you have to cough up some serious money for patent rights first. That's one reason why there is lots of Open Source web softwre, but no Open Source DVD players. And, it's one of the nice things about working in Web space. VoiceXML is the Villain The issue that really forced the W3C to think about this was VoiceXML. This is an XML tagset for spoken dialogues, i.e. you say to the vending machine 'Two croissants please', the machine says 'That'll be $4.82, how would you like to pay', you say 'Visa', the machine says 'Insert your Visa card under the flashing light please', etc. VoiceXML was originally cooked up by the 'VoiceXML Consortium', which includes several well-known big names in the telecom and cellular space. And several of them had patents which they claim covered it so you wouldn't be able to use it without a license..." General references in "Patents and Open Standards."

  • [March 21, 2003] "Using WSDL in a UDDI Registry, Version 2.0." Edited by Anne Thomas Manes and Tony Rogers. Technical Note produced for the OASIS UDDI Specifications TC. Document identifier: uddi-spec-tc-tn-wsdl-20030319-wd. Announced in a posting by John Colgrave; comments are welcome for the next thirty days. The TN defines a new approach to using WSDL in a UDDI Registry. "The Universal Description, Discovery and Integration (UDDI) specification provides a platform-independent way of describing and discovering Web services and Web service providers. The UDDI data structures provide a framework for the description of basic service information, and an extensible mechanism to specify detailed service access information using any standard description language. Many such languages exist in specific industry domains and at different levels of the protocol stack. The Web Services Description Language (WSDL) is a general purpose XML language for describing the interface, protocol bindings, and the deployment details of network services. WSDL complements the UDDI standard by providing a uniform way of describing the abstract interface and protocol bindings of arbitrary network services. The purpose of this document is to clarify the relationship between the two and to describe a recommended approach to mapping WSDL descriptions to the UDDI data structures. Consistent and thorough WSDL mappings are critical to the utility of UDDI. The primary goals of this mapping are: (1) To enable the automatic registration of WSDL definitions in UDDI; (2) To enable precise and flexible UDDI queries based on specific WSDL artifacts and metadata (3) To maintain compatibility with the mapping described in the Using WSDL in a UDDI Registry, Version 1.08 Best Practice document; (4) To provide a consistent mapping for UDDI Version 2 and UDDI Version 3; (5) To support any logical and physical structure of WSDL description. This mapping prescribes a consistent methodology to map WSDL 1.1 artifacts to UDDI structures. It describes an approach that represents reusable, abstract Web service artifacts, (WSDL portTypes and WSDL bindings) and Web service implementations (WSDL services and ports). Tools can use this mapping to generate UDDI registrations automatically from WSDL descriptions. This mapping captures sufficient information from the WSDL documents to allow precise queries for Web services information without further recourse to the source WSDL documents, and to allow the appropriate WSDL documents to be retrieved once a match has been found. Given that the source WSDL documents can be distributed among the publishers using a UDDI registry, a UDDI registry provides a convenient central point where such queries can be executed..." Also in PDF format. General references in: (1) "Universal Description, Discovery, and Integration (UDDI)"; (2) "Web Services Description Language (WSDL)." [cache]

  • [March 21, 2003] "Mozilla Tightens Up." By Jim Rapoza. In eWEEK (March 20, 2003). "Not surprisingly for an application that is intended mainly as a development platform, the Mozilla Web browser continues its seemingly constant upgrade cycle. Version 1.3 of the browser adds many useful new features, including some effective anti-spam features in the mail client. Other new features in Mozilla 1.3, which was released by the Mozilla Organization earlier this month, include newsgroup filters, automatic image resizing and dynamic profile switching... By far, the biggest and most welcome new addition to Mozilla is the spam filtering capabilities in the mail client. Like the junk-mail filtering capabilities in Mac OS X, the new spam filtering features in the Mozilla mail client use Bayesian filtering to detect probable spam. We could train the client to detect new spam messages simply by identifying which existing messages were and were not spam. The addition of standard newsgroup filters will be welcome to anyone who frequents newsgroups. Using the filters, we could easily identify important messages and threads or, more importantly, avoid annoying flame war threads. A feature obvious in its omission from earlier versions of Mozilla was the ability to switch profiles on the fly. Users instead would have to shut down the browser before switching, a task made more onerous by the fact that Mozilla takes longer to launch than most other browsers. Mozilla 1.3, thankfully, lets users switch profiles without restarting the browser... Also new in Mozilla 1.3 is automatic image resizing, which users can choose to enable or disable. While Microsoft Corp.'s Internet Explorer has had this feature for some time, we prefer Mozilla's because we could switch between an actual size and resized image simply by clicking on the image rather than by searching for the pop-up resize button, as is required with IE. Mozilla 1.3 also includes a demonstration of a capability, code-named Midas, that will be supported in future versions of the browser. Midas lets Web developers add rich-text editable controls to pages using standard script commands. We found this feature interesting but were not sure why it was included--there are already standards-based ways to do basically the same thing across all browsers..."

  • [March 21, 2003] "Standards: Optional Features or Law?" By Dimitris Dimitriadis. From XML.com (March 19, 2003). ['Dimitris Dimitriadis ponders how software implementers can best be induced to create software that conforms to web standards. It seems that even involvement with a standard's creation isn't enough to motivate some software companies to implement it.'] "In an earlier article, I argued that providing uniform test frameworks and detailed specification formats would enhance interoperability of specification implementations. Technical issues aside, some of which I discussed in that article, there are a few important reasons why this is difficult: corporate politics, on the one hand, and standard organizations' inability to enforce standards on the other. How can we make sure the specifics of a standard are present in products which claim to implement it? [...] since there is no public institution to inspect software construction, why do we even want standards? There are several reasons. First, we want to be sure that information is accessible. Without standards which require information to be accessible, companies have often invested more resources in differentiating their products than in fixing errors. In extreme cases, corporations have released software that is not compliant with standards which the corporation helped create to begin with. Second, we want standards to ensure interoperability, which is not possible if every implementation has a different understanding of what it's supposed to do. Clearly, there needs to be someone who can absolutely indicate what is, and what is not, a successful implementation of a standard. This is the only way to ensure that product A implementing standard X does the same thing as product B implementing the same standard. Third, we want standards to ensure that information is easily exposable. This is especially interesting in the cases where public information is stored in a way that requires particular software to access it. Exposing it through a web interface may not help, since a fully conformant browser may fail to show the information, if the web site producers have decided to write for the mainstream set of browsers in use... "

  • [March 21, 2003] "The Road to XHTML 2.0: MIME Types." By Mark Pilgrim. From XML.com (March 19, 2003). ['Mark Pilgrim plunges headlong into XHTML 2.0 in this month's installment of his "Dive into XML" column. He starts out on a journey to explore migrating to the latest version of HTML. This first episode includes some of the strange little hacks required to support legacy web browsers.'] "Here's a dirty little secret: browsers aren't actually treating your XHTML as XML. Your validated, correctly DOCTYPE'd, completely standards compliant XHTML markup is being treated as if it were still HTML with a few weird slashes in places they don't belong -- like <br /> and <img />. Why? The answer is MIME types. MIME types are as old as the Web; in fact, they're older. Every page you browse, every image you download, every stylesheet and JavaScript and PDF and silly little Flash movie you view through your browser, all have a MIME type associated with them. For HTML pages, the MIME type is text/html. For XHTML, the MIME type is supposed to be application/xhtml+xml... Mozilla is the only major browser that currently handles application/xhtml+xml correctly; for all other browsers, you'll need to serve your XHTML as HTML, using the old text/html MIME type. But you can't browser-sniff for Mozilla, for instance, by searching for 'Gecko' in the User-Agent, because some browsers (OmniWeb, Opera) have options to lie about who they are, and other browsers (Safari) include the magic word 'Gecko' in their User-Agent string by default. Luckily for us, HTTP has a specific solution for this problem, one which is so elegant (compared to the rest of this mess) that I didn't believe it would actually work until I tried it. Mozilla, in its infinite wisdom, will tell a server that it accepts application/xhtml+xml in the HTTP_ACCEPT header that it sends with every request. That's it. All scripting environments provide access to these HTTP headers; so, armed with this nugget of information, we can devise a variety of ways to serve up the same page as application/xhtml+xml to browsers that claim to support it and as text/html to everyone else..."

  • [March 21, 2003] "An XML Hero Reconsiders?" By Kendall Grant Clark. From XML.com (March 19, 2003). ['Tim Bray has long been a colorful personality in the XML world. Little surprise then that his recent complaint -- that XML is too difficult for programmers -- garnered a lot of attention. In the XML-Deviant column this week Kendall Clark takes a look at Bray's essay and the reaction it received from the community.'] "Most, if not all of the permanent topics of conversation on XML-DEV revolve around two camps of people: one which thinks aspect N of XML is a wart, the other which thinks N is an elegance. These threads never end because, in part, there is no final or absolute context within which XML is meant to be used. Whether you think of N as a wart or an elegance is context dependent and interest relative. It depends almost entirely on who you are and what you want and need XML to do. In other words, all opinions about XML are equal. Except that that's not really true. All opinions about XML are equal, except some are more equal than others. Among the more equal opinions are ones held by the people who drafted the XML specification. Among that select group of people, as far as XML-DEV is concerned, Tim Bray stands out, if for no other reason than he has consistently contributed to the conversational life of the community. So when Bray, over the course of a few weeks, leads an effort to relocate XML-DEV and publishes a widely-read essay in which he seems to question XML itself, it's time to take a closer look... So what's Bray's beef? It isn't, he says, that XML parsers are so hard to write. If they were, Bray says, there wouldn't be so many of them... The problem is that XML parsers are so hard to use... Specifically, Bray offers the standard lament: DOM processing is inefficient, SAX processing is awkward..."

  • [March 20, 2003] "Java Business Integration (JBI)." JSR [Java Specification Request] #208. Specification Lead: Mark Hapner (Sun Microsystems, Inc). This JSR extends J2EE with business integration SPIs (Service Provider Interfaces). "Java Business Integration JSR (JBI) extends J2EE with business integration SPIs. These SPIs enable the creation of a Java business integration environment for specifications such as WSCI, BPEL4WS and the W3C Choreography Working Group. The industry is currently on the path to define standards for business integration that form a new layer of standard metadata in the web services stack. While this work is not complete as yet, the general shape of this standard metadata can be seen in the WSCI and BPEL4WS proposals. The industry needs a standard in this space and we look to the recently chartered W3C Choreography Working Group to drive the convergence of these and other related efforts. The JBI SPIs will reflect the industry consensus that emerges from this work. This JSR uses the following terms to further classify this standard business integration metadata. The term 'business protocol' is an umbrella term for the metadata used to describe the interaction between a set of business processes that implement the roles of partners within a larger service composition. The term 'abstract business process' is the metadata that describes how a business process, within a business protocol, choreographs its role in a service composition so that its partner processes understand how to interact with it. It should be noted that the term 'business process' in this context means any actor that participates in the business protocol. In finer grained situations, a 'business process' could be something as simple as a data transformation table or a few business rules. JBI extends the J2EE application packaging and deployment functionality to include JBI Components. JBI Components are an open-ended class of components that are based on JBI abstract business process metadata. The JBI JSR itself does not define how developers code Components. Both standard and proprietary ways of coding Components may exist. A specific class of Component may provide rich business process functionality while another class of Component may provide a specialized integration function like a data transformation table or support a domain specific business rule encoding... JBI extends J2EE 1.4 with SPIs to support business integration. The W3C specifications are building blocks for JBI business protocol metadata. The WSCI and BPEL4WS documents are potential starting points for the W3C Choreography Working Group and therefore indirectly influence JBI. The BEA Process Definition for Java JSR defines the Java APIs and JSR 175 Annotations a Java developer uses to implement a business process. Support for the BEA JSR can be added to the JBI Environment by providing a JBI Machine that supports it. This illustrates the complementary nature of the JBI SPIs and the BEA JSR APIs..."

  • [March 20, 2003] "Update: Sun Plugs Developer Pack, Specs. Delayed Software Aimed at Web Services Developers." By James Niccolai. In InfoWorld (March 18, 2003). "Sun Microsystems released a package of software and tools for developers on Wednesday intended to jumpstart their efforts at building Web services applications. The product is a few months behind schedule but to spur interest the company is offering a steep promotional discount. At a press conference in Boston Wednesday, Sun also highlighted new training materials and online resources for developers. It also announced a new Java specification for Web services integration that passed a preliminary stage in the Java Community Process this week... The Sun ONE Studio integrated development environment [with] its portlet builder and other tools aims to provide all the Sun software a developer would need to build Web services, an emerging computing model that uses standard languages and protocols like XML (Extensible Markup Language) and SOAP (Simple Object Access Protocol) to link different types of business applications together. Sun is competing in the market against more established software vendors such as BEA Systems, Microsoft, IBM and Oracle... Sun officials also discussed a new Java specification called Java Business Integration (JBI) that aims to unify at least two competing initiatives for automating business processes using Web services. The executive committee of the Java Community Process signed off on Java Specification Request 208 on Monday, according to the JCP Web site. The JCP is a multivendor organization overseen by Sun that approves new Java standards... At least two specifications have been proposed for defining a standard way to orchestrate business processes in distributed software environments, including the Web Services Choreography Interface (WSCI), backed by Sun and BEA, and Business Process Execution Language for Web Services (BPEL4WS) backed by Microsoft and, again, by BEA. 'While this work is not complete as yet, the general shape of this standard metadata can be seen in the WSCI and BPEL4WS proposals,' the JBI proposal reads. 'The industry needs a standard in this space and we look to the recently chartered W3C Choreography Working Group to drive the convergence of these and other related efforts. The JBI SPIs will reflect the industry consensus that emerges from this work.' The JBI will extend J2EE (Java 2 Enterprise Edition) with 'service provider interfaces,' which 'enable the creation of a Java business integration environment for specifications such as WSCI, BPEL4WS and the W3C Choreography Working Group,' the proposal says..."

  • [March 20, 2003] "JCP Watch: Business Processes, More XML Support and Enhanced Java Platform Support on Small Devices." By Apu Shah. From Developer.com (March 12, 2003). "... new specifications providing Java with business process integration and workflow APIs [have been] proposed along with a proposal for the next generation of the Java API's for XML Processing. In addition, the Executive committee for the Java Mobile Edition platform approved the final specification release for the J2ME CLDC (Connected, Limited Device Configuration) that defines a standard platform for small, resource-constrained, connected devices... Two related, yet complimentary JSR specifications encompassing workflow programming, business process interaction and process co-operation were proposed. [1] JSR-207 Process Definition for Java [Definition of an annotated Java syntax and APIs for programming business processes in Java]: A business pr