The Cover PagesThe OASIS Cover Pages: The Online Resource for Markup Language Technologies
Advanced Search
Site Map
CP RSS Channel
Contact Us
Sponsoring CP
About Our Sponsors

Cover Stories
Articles & Papers
Press Releases

XML Query

XML Applications
General Apps
Government Apps
Academic Apps

Technology and Society
Tech Topics
Related Standards
Last modified: December 02, 2008
XML Daily Newslink. Tuesday, 02 December 2008

A Cover Pages Publication
Provided by OASIS and Sponsor Members
Edited by Robin Cover

This issue of XML Daily Newslink is sponsored by:
Oracle Corporation

Portable Contacts: A Common Format and Protocol for Accessing Contacts
Joseph Smarr (ed), IETF Internet Draft

An initial version -00 IETF Internet Draft has been published for "Portable Contacts: A Common Format and Protocol for Accessing Contacts." The document specifies Portable Contacts, XML and JSON address book document formats and an interface for accessing address book and friends-list information over HTTP. The specification is designed to make it easier for developers to give their users a secure way to access the address books and friends lists they have built up all over the web. Specifically, it seeks to create a common access pattern and contact schema that any site can provide, well-specified authentication and access rules, standard libraries that can work with any site, and absolutely minimal complexity, with the lightest possible toolchain requirements for developers... The API defines a language- and platform- neutral protocol for Consumers to request address book, profile, and friends-list information from Service Providers. As a protocol, it is intended to be easy to understand and implement, either as a Service Provider or Consumer, using any language or platform of choice. It is also intended to be implemented by both individuals and small services as well as large providers, in any case where a service contains data about who a user knows and wishes to make that information portable, under the user's control. While there are currently standards for describing contact info (such as vCard), these standards do not specify how to discover, access, and manipulate this information, and they do not capture the full range of information typically found in modern address book and social networking applications... Appendix B of the specification ('Compatibility with OpenSocial') reports that this version of the Portable Contacts specification is currently wire-compatible with the overlapping portion of the OpenSocial RESTful Protocol version 0.8.1. Specifically: any compliant OpenSocial RESTful Protocol 0.8.1 Provider is also a compliant Portable Contacts Provider, because they are specified to use the same Authorization methods (OAuth), Additional Path Information, Query Parameters, and Contact Schema. The OpenSocial and Portable Contacts communities chose to wire-align our respective specs in order to maximize widespread adoption of a single API for accessing people data." It is the editor's intention to "maintain this compatibility going forward, so long as it is feasible, and so long as the changes required are compatible with the Goals and Approach of the Portable Contacts specification. Although Portable Contacts is an independent specification, with a more limited scope than OpenSocial, any proposed changes to either this Portable Contacts spec or the OpenSocial RESTful Protocol should be considered in the context of both communities, and we should strive not to break compatibility unless it is truly necessary, e.g., if the goals of the two communities diverge significantly in the future." In September 2008, MySpace hosted the first Portable Contacts Summit, where participants from Google, Yahoo, Microsoft, MySpace, Facebook, Hi5, Plaxo, JanRain, ShopIt, Skydeck,, and others came together to show off the work they'd done so far and discuss the remaining details to get to a [publishable] Portable Contacts specification. [Note: Joseph Smarr is Chief Platform Architect at Plaxo and serves on the OpenSocial Foundation Board. "An active participant in the Web 2.0 community, Joseph has built web applications for many years, including Plaxo's online address book, web widgets, and was architect and lead developer of the Plaxo 3.0 rich AJAX address book, calendar, and sync tool. Joseph has a BS and MS from Stanford University in Artificial Intelligence."]

See also: the Portable Contacts web site

SMIL 3.0 Advances New Standard for Synchronized Multimedia
Dick Bulterman Jack Jansen, Pablo Cesar (et al., eds); W3C Recommendation

W3C has announced the publication of a new standard to make it easier to author interactive multimedia presentations. Statements of support have been published by ACCESS Co., Ltd., CWI, Daisy Consortium, IBM, INRIA, IWA/HWG, PUC-Rio, RealNetworks, and the University of Oviedo. Synchronized Multimedia Integration Language (SMIL 3.0) allows video, audio, images, text, and hypertext links to be combined into interactive presentations, with fine-grain control of layout and timing. The new features in SMIL (pronounced, "smile") are a direct response to user and industry demand. For instance, the standard allows full-motion, timed captions and labels to be directly inserted in the presentation (called smilText). And SMIL's media pan-zoom control allows people to create "Ken Burns"-style animations easily for photos and visual content. SMIL 3.0 also allows authors to embed timed metadata in presentations, making SMIL a useful descriptive language for the development of Semantic Web resources that evolve over time. These new features enable end-users to enhance video and image sites with captions, subtitles and other annotations, even if the video or images were created by somebody else. SMIL provides a standard and flexible way to accompany media with links, captions, metadata, and other information that requires timing coordination. SMIL 3.0 is designed so that people may build multimedia applications for an increasing number of platforms that support Web standards. For instance, people can now safely add multimedia presentations to other XML applications, including HTML and SVG. SMIL 3.0 also makes it easier to develop multimedia applications on mobile platforms. "SMIL Tiny" is a minimal profile of SMIL 3.0 perfect for embedded systems and light-weight applications such as media playlists. SMIL 3.0 benefits users with disabilities through integration of features requested by the DAISY Consortium. The Daisy Consortium uses SMIL for its Talking Books, an open format designed to meet the needs of blind and visually challenged Web users. SMIL 3.0 has the following design goals: (1) Define an XML-based language that allows authors to write interactive multimedia presentations. Using SMIL, an author may describe the temporal behaviour of a multimedia presentation, associate hyperlinks with media objects and describe the layout of the presentation on a screen. (2) Allow reusing of SMIL syntax and semantics in other XML-based languages, in particular those who need to represent timing and synchronization. For example, SMIL components are used for integrating timing into XHTML and into SVG. (3) Extend the functionalities contained in the SMIL 2.1 into new or revised SMIL 3.0 modules. (4) Define new SMIL 3.0 Profiles incorporating features useful within the industry.

See also: the SMIL announcement

PHP and SMIL: A Happy Combination
Octavia Andreea Anghel,

SMIL gives you control of multimedia and text elements in a browser over a timeline, while PHP lets you write dynamic SMIL code. The combination produces nicely-timed presentations. SMIL is a W3C standard. You write SMIL in XML, using a vocabulary similar to HTML to create slideshow-like presentations, displaying and controlling multiple multimedia files. SMIL has methods for defining element sequences, duration, position, and visibility, etc. To play a SMIL presentation, you need a SMIL player, and several SMIL players are freely available on the web. In addition, Internet Explorer 5.5 (or later) can play SMIL presentations natively. While you can write SMIL presentations manually, it's much easier to use a SMIL editor. Some of the most popular are GRiNS Pro Editor for SMIL 2.0, LimSee3 (a Web Adaptation Multimedia (WAM) team project), and SMILGen. A SMIL file may contain the following objects: (1) The layout of the presentation: This determines how to position the elements in the document's body on an abstract rendering surface. (2) The timeline of the presentation: This controls when elements appear, disappear, and how long they are active. (3) The source of the multimedia elements: This controls where the program should look for the various elements in the presentation... [In one example we show] how to write an HTML/PHP application that generates a custom SMIL presentation. The basic idea is to let users select some of the SMIL customizable aspects (images or audio files, transition times, and durations) from an HTML form, and then use PHP to capture the user input and generate the corresponding SMIL document... PHP can generate fully-functioning timed SMIL presentations in which you programmatically control element positioning, appearance, and duration. Together, PHP and SMIL form a symbiosis that's simple, amazingly productive, and very lightweight compared to many alternatives.

See also: the W3C Synchronized Multimedia Working Group

Outmoded BPM Resources An Issue for Businesses
Kathleen Lau, InfoWorld

A recent study has found that organizations are showing a growing interest in BPM, but some are challenged by the lack of standards between process modeling and execution, amid other issues. According to research by industry association AIIM of 354 end-users, 56 percent of respondents indicated they have implemented BPM projects ranging from departmental and cross-departmental to enterprisewide. The remaining 44 percent said they hadn't implemented a BPM project but plan to begin in the coming year. Among the drivers behind this increased interest in BPM, said AIIM director Bob Larrivee, is the fact that advances in technology are allowing end-users capabilities like remote information access and "when you look at streamlining or automating business process in general it's becoming more and more of a driver that we need to do that, but also do it with some rules associated with it." And applying business rules to an automated workflow will not only streamline the process, but will also automate decision-making, added Larrivee. Adoption aside, among the survey respondents who had implemented BPM technologies, some cited issues such as a lack of interchange standards between process modeling and execution tools, which can render system interoperability difficult. One reason that this issue exists, according to Mohammad Ketabchi, CEO and founder of Santa Clara, Calif.-based BPM vendor Savvion Inc., is that organizations are using modeling-only tools that lack an execution component. And even if they are able to import the model into an execution tool, "you will not be able to do a round-trip process improvement which is very, very important." That round-trip process entails modeling, execution, monitoring, and improvement of the process again. But many organizations are using outmoded BPM tools that were developed before the Business Process Modelling Notation (BPMN) standard existed. Besides a lack of interchange standards, respondents also cited exception processing and interfaces as additional challenges...

See also: Standards for Business Process Modeling, Collaboration, and Choreography

Real Web 2.0: Battling Web Spam, Part 1
Uche Ogbuji, IBM developerWorks

Spam on the Web is one of the biggest threats to a modern Web developer. The "bad guys" become more and more sophisticated every year in how to vandalize and proliferate ads over any Web 2.0 page they can grasp. To make matters worse, spam is increasingly used to distribute malware. The arms race is on, and Web developers need to know what basic tools are available to battle spam on their Web sites. This two-part installment provides a thorough guide to anti-spam techniques. This first article explains how to assess whether a visitor is a spammer and how to organize site workflow to discourage spam... Web spam comes in many forms, including: (1) Spam articles and vandalized articles on wikis; (2) Comment spam on Weblogs; (3) Spam postings on forums, issue trackers, and other discussion sites; (4) Referrer spam—when spam sites pretend to refer users to a target site that lists referrers; (5) False user entries on social networks. Dealing with Web spam is very difficult, but a Web developer neglects spam prevention at his or her peril. Just by adding this extra workflow stage you'll catch some spammers, and if you do it carefully, for example using JavaScript to automate preview for some users, the level of inconvenience shouldn't stifle contribution. You could apply CAPTCHA, form variation, nonces, and more, depending on workflow, which makes things even more complicated for spammers in a manner that most legitimate users won't even notice. Assessing behavior and managing workflow are enough to reduce spam, but usually not enough to eliminate it. For example, some spammers hire people to circumvent all the controls discussed in this article (sometimes called a "mechanical turk" attack). They seek people in places where labor costs are cheap and pay them to go to a target site and leave a spam message by hand. To address mechanical turks, as well as the most sophisticated spam robots, you need to harness the power of the large community of people who hate spam as much as you do.

Memo to OpenID: Keep it Simple, Please
Caroline McCarthy, CNET

With all the buzz about Facebook Connect this week, it's worth asking the question: Whatever happened to OpenID? The universal log-in standard was created in 2005 by Brad Fitzpatrick, founder of LiveJournal, while he was working at blog software company Six Apart. It has the support of Yahoo, MySpace (which just helped build an OpenID extension for the Flock browser)... even Google has dipped its proverbial toe in the pool. But it wasn't until Facebook Connect started making headlines that the concept of data portability—a single log-in across multiple sites—made the jump from the tech press to the mainstream media. OpenID, some speculated, had been left behind in the dust. Hardly. But Wired's Michael Calore hit the nail on the head: "Presenting a dialog that asks a user to log in to one Web site using a name and password from another Web site is jarring, but Facebook has managed to keep Facebook Connect simple enough for everyday users to understand. Such ease of use virtually guarantees it will win support quickly." The truth is, the future of the "social Web" is in expansion. And expansion invariably involves dealing with a crowd beyond the Twittering, FriendFeeding, WordPressing geeks who actually understand the concept behind data portability. And that's not made any easier by the fact that OpenID calls itself "an open, decentralized, free framework for user-centric digital identity." Try bringing that up in the boardroom of a non-tech company looking to ride the social-networking wave. Then tell them that the most buzzed-about social network on the planet will power your site's social features. The decision will probably fall in the Facebook camp, unfortunately for the open-standards crowd and its admirable dedication to all things balanced and democratic. That said, there are some good signs for OpenID... OpenID and its brethren could use a good, simplified marketing pitch, not to mention some announcements and partnerships that are more prominent than an extension for a niche Web browser. They need to use the resources that the likes of MySpace and Yahoo can provide to get more deals going and start making headlines outside of ReadWriteWeb and TechCrunch.

See also: Michael Calore's Wired article

Test Center Review: Open Source Data Acess
James R. Borck, InfoWorld

If any software market deserved to be shaken up by open source alternatives, it's enterprise data integration. Commercial, enterprise-grade integration tools—typically cobbled together from M&A and legacy patchworks—are notoriously unwieldy and impose an arduous learning curve. Complexity frequently stalls deployments by months, and aftermarket consulting can add hundreds of thousands of dollars to the TCO. Enter Jitterbit and Talend, two fresh starts in a land of stodgy giants. Talend hits all the highlights one would look for in traditional integration platforms: batch delivery, transforms, ETL (extract, transform, and load), data governance, and a strong set of connectivity adapters. At the same time it keeps pace with important trends with such features as change data capture, metadata support, federated views, and SOA-based access to data services. Talend is capable of scaling from small departmental file migrations to large-scale enterprise warehousing projects. Jitterbit, by contrast, is the classic case of less is more: a lighter-weight and extensible point solution that can shortcut simple migration projects by weeks. If you're in need of a quick fix for a one-off data migration project -- to quickly move from to SugarCRM, for example -- Jitterbit's simple, menu-driven interface takes a lot of the tedium out of profiling application data. These products may not yet surpass the master data management and messaging transform prowess of IBM Information Server, or the legacy and b-to-b domain expertise found in Informatica PowerCenter. But they offer substantial cost savings compared to these commercial counterparts, and their ability to shortcut complexity makes them additionally hard to resist... Jitterbit is perhaps the most uncomplicated tool available to get your data from point A to point B. In my testing, Jitterbit made simple work of configuring source and target specifications with its form-based wizards. Although database table relationships must be defined manually, the tool did a fine job picking up Web service details via WSDL. In addition to databases and Web services, Jitterbit can also pull data from XML, FTP, HTTP, LDAP, and flat files. Transformation mappings are configured via a drag-and-drop wiring process. A simple double-click on a node spawns a separate interface for building formulas to modify data en route. Here you can draw on decent string manipulation tools and regular expressions. Math and logic functions could use some filling out, but a variety of other functions—for handling XML, date and time, and e-mail—round out the options. You can even pull live data into the transform for on-the-fly validation... Talend has developed a holistic integration platform from the ground up in a very short time. The Job Modeler IDE's graphical SQL editor and test facility, called SQLBuilder, helps with SQL chores. Talend generates native SQL code for every supported database, no additional effort required. XSLT and XPath are in tow for XML processing. And a good set of orchestration components makes long-running and staged processing a possibility. Onboard debugging offers step-by-step trace and variable inspection, with real-time stats and trace data viewable directly from the layout. Other niceties, like auto-generation of HTML documentation, sweeten the offering...

Ten Standards Recommendations for the Obama Administration
Andrew Updegrove, ConsortiumInfo Blog

"The following is an integrated suite of recommendations that could be implemented quickly and inexpensively, and without Congressional action. Of the ten proposals, the first is most urgent, as the advisors assembled in this step would provide the experience, guidance and active assistance needed to implement the recommendations that follow. (1) Create a Standards Advisory Council (SAC): Due to the breadth of standards related issues underlying the administration's goals and the relative lack of existing government engagement in the standards arena, the new administration should recruit a council of neutral standards experts versed not only in technical and scientific matters, but also in the legal, trade policy and social impacts and opportunities that a sophisticated standards strategy can provide... (2) Make maximum use of NIST, operating under the authority of the Department of Commerce. (3) Make greater use of ANSI. (4) Reenergize implementation of the E-Government Act of 2002. (5) Recognize the existence of 'Civil ICT Standards:' Today, freedom of speech, freedom of association and freedom to interact with government are each increasingly being exercised on line rather than in person, converting our hard-won traditional civil rights into virtual 'civil ICT rights.'... (7) Support the Formation of a 'Standards for Standards' Body: ISO and IEC, the current global standards bodies involved in the creation of IT standards, do not consider part of their role to be to guarantee the openness of the standards development process, the quality of the technical standards adopted, or the vendor and platform neutrality of their work product. Instead, these bodies provide the venue within which standards are developed or voted upon by National Body representatives, which individually determine their rules of operation. As a result, there is no trusted source to rely upon to evaluate standards, or the SSOs that create them, for purposes of government procurement. A 'Standards for Standards' organization could be easily and quickly launched, with a governance structure that guarantees that all stakeholders are fairly represented, that appropriate criteria are created, and that trustworthy results are made available. The existence of such a neutral 'rating agency' would provide a competitive incentive among all SSOs to increase transparency, improve process values, and decrease vendor influence. (8) Revise OMB Circular A-119 for government standards-related procurement. (9) Direct the DOJ to Support the Development of Open Standards: The regulatory agencies can do much to encourage or inhibit the development of standards. By providing further written guidance in areas such as the ex ante disclosure of patent licensing terms and by prosecuting those that 'game' the standards development process, the Department of Justice can facilitate the more rapid development and adoption of much-needed standards with less fear of later 'patent hold up' situations. (10) Aggressively Promote Patent Reform: The administration's platform already incorporates the goal of patent reform, but it should be recognized that for a variety of reasons the proliferation of poor-quality patents is of special concern in standards development. First is the fact that a standard, once widely adopted, 'locks in' the marketplace, because it becomes extremely expensive to switch to an alternative approach. Second, in areas (such as the Web, the Internet and areas in which open source software predominate), the imposition of royalties or restrictive licensing terms can be extremely problematic. With the proliferation of patents and the increasing density of patent 'thickets' in core areas of technology, creating high quality standards that are free of such encumbrances is becoming increasingly difficult..."

FTC Announces First in Series of Hearings on Evolving Intellectual Property Marketplace
Staff, U.S. Federal Trade Commission Announcement

The U.S. Federal Trade Commission announced the first of a possible series of public hearings to explore the evolving market for intellectual property (IP). The hearings will be held beginning on December 5, 2008, in Washington, DC. The FTC will examine changes in IP law, patent-related business models, and new learning about the operation of the IP marketplace since the issuance in October 2003 of the Commission report 'To Promote Innovation: The Proper Balance of Competition and Patent Law and Policy.' An agenda for the hearing is available... The patent system has experienced significant change since the FTC released its first IP Report in October 2003, and more changes are under consideration. The courts and patentees are exploring the full implications of Supreme Court and Federal Circuit decisions on injunctive relief, patentability, and licensing issues. Congress has considered sweeping legislative patent reform, and new debates on the appropriate methods for calculating infringement damages have engaged the patent community. New business models for buying, selling and licensing patents have emerged and evolved since 2003. In addition, there is new learning regarding the operation of the patent system and its contribution to innovation and competition. The cumulative impact of these changes and proposed changes are poorly understood. They contain the potential to significantly influence a patent's economic value and the operation of the IP marketplace. The Commission's hearings will consider the effect of these changes on innovation, competition, and consumer welfare. The hearing on December 5, 2008, will consist of three panels, each designed to examine different aspects of the evolving IP marketplace. The first panel will address developing business models. Panelists will discuss the operation of emerging business models, aspects of the patent system that support those models, and industry responses. The discussion also will explore the implications these developing business models have for patent valuation and licensing. The second panel will examine recent and proposed changes in remedies law, including their impact on innovation and consumers, and their use of economic analysis in determining remedies. In the third panel, participants will examine legal doctrines that affect the value and licensing of patents, such as the recent Supreme Court cases on obviousness, declaratory judgment and exhaustion, and doctrines that make the scope and enforcement of patents unpredictable. The panel will consider whether the notice function of patents operates to support an efficient marketplace...

See also: a recent FSFE report 'Standardisation and Patents' from Georg Greve


XML Daily Newslink and Cover Pages sponsored by:

IBM Corporation
Microsoft Corporation
Oracle Corporation
Sun Microsystems, Inc.

XML Daily Newslink:
Newsletter Archive:
Newsletter subscribe:
Newsletter unsubscribe:
Newsletter help:
Cover Pages:

Hosted By
OASIS - Organization for the Advancement of Structured Information Standards

Sponsored By

IBM Corporation
ISIS Papyrus
Microsoft Corporation
Oracle Corporation


XML Daily Newslink
Receive daily news updates from Managing Editor, Robin Cover.

 Newsletter Subscription
 Newsletter Archives
Globe Image

Document URI:  —  Legal stuff
Robin Cover, Editor: