This issue of XML Daily Newslink is sponsored by:
Sun Microsystems, Inc. http://sun.com
- Public Review for Symmetric Key Services Markup Language (SKSML) V1.0
- Document Schema Definition Languages (DSDL) Part 5: Extensible Datatypes
- MIME Media Type Registration for CEA-2018 Task Model Description
- Updated Candidate Recommendation: CSS Marquee Module Level 3
- Comparing XML Database Approaches
- OAI-ORE, PRESERV2, and Digital Preservation
- Google, Microsoft Say They Still Support Net Neutrality
Public Review for Symmetric Key Services Markup Language (SKSML) V1.0
Allen Schaaf (ed), OASIS Technical Committee Public Review Draft 02
OASIS announced the availability of a second public review draft for the "Symmetric Key Services Markup Language (SKSML) Version 1.0" specification, open for public comment through December 26, 2008. Eleven changes since the previous review are listed in the announcement. The specification document "defines the first (1.0) version of the Symmetric Key Services Markup Language (SKSML), an XML-based messaging protocol, by which applications executing on computing devices may request and receive symmetric key-management services from centralized key-management servers, securely, over networks. Applications using SKSML are expected to either implement the SKSML protocol, or use a software library — called the Symmetric Key Client Library (SKCL) — that implements this protocol. SKSML messages are transported within a SOAP layer, protected by a Web Services Security (WSS) header and can be used over standard HTTP securely... In a rush to provide solutions to the market, vendors have created many device-specific, platform-specific, database-specific and application-specific encryption and key-management tools. While these tools may be capable of performing their stated tasks adequately, a typical enterprise would have to deal with many encryption and key-management solutions to adequately protect sensitive data. Not only does this raise the cost of ownership for implementing companies, but it raises the possibility that with many dissimilar key-management systems, because of the typical complexity of key-management schemes, there is a greater likelihood of human error leading to a vulnerability. To ensure that encryption policies and designs are specified and used uniformly across applications, a common key-management service capable of supporting enterprise platforms, applications and devices is needed. To enable such applications to communicate with this service, a uniform protocol is needed. The Symmetric Key Services Markup Language (SKSML) is that protocol..." See previously Public Review Draft 01.
See also: the OASIS announcement
Document Schema Definition Languages (DSDL) Part 5: Extensible Datatypes
ISO/IEC JTC 1 Subcommittee SC 34, FCD Ballot Text
The ISO/IEC JTC 1 Subcommittee SC 34 secretariat announced the release of Document Schema Definition Languages (DSDL) — Part 5: Extensible Datatypes (ISO/IEC FCD 19757-5) as a Final Committee Draft for ballot. ISO/IEC 19757-5 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information Technology, Subcommittee SC 34, Document Description and Processing Languages. ISO/IEC 19757 defines a set of Document Schema Definition Languages (DSDL) that can be used to specify one or more validation processes performed against Extensible Markup Language (XML) or Standard Generalized Markup Language (SGML) documents. DSDL Part 5 "specifies a XML language that allows users to create and extend datatype libraries for their own purposes. The datatype definitions in these libraries may be used by XML validators and other tools to validate content and make comparisons between values. DSDL Part 5, Extensible Datatypes, is a powerful, XML-based language which enables users to create and extend their own libraries of datatypes using straightfoward declarative XML constructs. Such libraries are well-suited to being used in pipelining validation processes in conjunction with other XML schema languages. Unlike W3C [XML] Schema, ISO 19757-2:2003 (RELAX NG) does not itself provide a declarative mechanism for users to define their own datatypes. If they are not satisfied with the two built-in types of string and token, RELAX NG users have had either to use a pre-written library bundled with their validator, or to program a datatype library using that validator's API. Such programmed datatype libraries are hard to construct for non-programmer users, and built-in datatype libraries are often insufficient for users' needs. The schema language used is the compact syntax of RELAX NG, as defined by ISO 19757-2:2003 Amendment 1. Datatype libraries are defined in ISO 19757-2:2003 as being identified by an IRI, with each datatype within a given datatype library being identified by a NCName. an Extensible Datatypes document presents one or more such datatype libraries to implementations. Each datatype definition has a qualified name; the Namespace IRI identifies the datatype library to which the datatype belongs, and the local part identifies the name of the datatype within that datatype library..."
MIME Media Type Registration for CEA-2018 Task Model Description
Charles Rich, Gottfried Zimmermann (et al., eds), CEA Standard
The IESG Secretary announced approval of a request [previous] to register the "application/cea-2018+xml" MIME media type in the standards tree. This media type is a product of the Consumer Electronics Association (CEA). CEA-2018 Task Model Description (CE TASK 1.0) defines a task model as a formal description of the activities involved in completing a task, including both activities carried out by humans and those performed by machines. The CEA-2018 standard defines the semantics and an XML notation for task models relevant to consumer electronics devices. The standard does not depend on any specific home networking technology or infrastructure. Standard ANSI/CEA-2018 was developed under the auspices of the Consumer Electronics Association (CEA) R7 Home Network Committee. "All of the RelaxNG schemas and XML examples in this document have been automatically inserted from files and mechanically checked for syntactic validity." A document conforming to CEA-2018 should be served with a MIME type of 'application/cea-2018+xml', and the corresponding XML namespace URI is 'http://ce.org/cea-2018' For the convenience of those who have purchased a copy of the CEA-2018 standard and wish to implement software based on it, machine-readable schema files in two standard formats used by XML tools are available online: 'CEA-2018.rnc' (RELAX-NG)and 'CEA-2018.xsd' (W3C XML Schema). A a task model description is represented by an XML document. "A task model description is used by a task-based application to guide its interaction with a user. A task model description specifies task classes, and representations of their intent and how high-level tasks can be decomposed into lower-level tasks. A task model description also contains ECMAScript programs which ground primitive tasks to devices via particular networking platforms. This [CEA-2018] standard defines an XML language for task model descriptions which is independent of task-based applications... In general, the process of writing (authoring), distributing and using a task model description involves various stakeholders. There are many different options for writing and distributing a task model description. First, a device manufacturer may write a task model description for their device, and either build it into the device so that it can be retrieved by a task-based application or distribute it through their web server. Second, the developer of a task-based application may build task model descriptions into their application, or more likely, provide them through their web server. Finally, a third party may write task model descriptions for any device and make it available publicly through a web server..." Security considerations in the CEA request noted that the inclusion of ECMAScript fragments (so-called "active content") in a CEA-2018 document "bears risks in that a task-based application may execute malicious or erroneous ECMAScript code as part of a task model embedded condition or grounding statement. However, a task-based application will typically execute this code in sandbox and can thus prevent potential damage to local and other resources. Note that the embedded ECMAScript code fragments pose only minimal additional security risks for Web browsers since ECMAScript code is only embedded as content of XML elements other than the 'script' element. The general utility of this media type to the Internet community is in the area of user interfaces for consumer electronics (and other areas of devices and services). Task models facilitate user interfaces that can be easier to use than traditional user interfaces. Task models can thus be discovered and shared over the Internet (and local home networks), and be uniquely identified as such by the receiving entity..."
See also: the excerpted final preview of CEA-2018
Updated Candidate Recommendation: CSS Marquee Module Level 3
Bert Bos (ed), W3C Technical Report
W3C announced that the Cascading Style Sheets (CSS) Working Group has updated Candidate Recommendation for "CSS Marquee Module Level 3." CSS describes the rendering of documents on various media. When documents (e.g., HTML) are laid out on visual media (e.g., screen or print) and the contents of some element are too large for a given area, CSS allows the designer to specify whether and how the overflow is displayed. One way, available on certain devices, is the 'marquee' effect: the content is animated and moves automatically back and forth. This module defines the properties to control that effect. The specification only defines the marquee effect for level 2 of the CSS box model, i.e., for horizontal text only, as defined by CSS level 2. It is expected that this specification will be updated and generalized to include vertical text, once the CSS Text Layout module is stable. For this specification to exit Candidate Recommendation phase, a minimum of six months must have elapsed, i.e., it will not become Proposed Recommendation before 5-June-2009. Furthermore, there must be at least two independent, interoperable implementations of each feature. Each feature may be implemented by a different set of products, there is no requirement that all features be implemented by a single product. In this context, "independent" means each implementation must be developed by a different party and cannot share, reuse, or derive from code used by another qualifying implementation. Sections of code that have no bearing on the implementation of this specification are exempt from this requirement. And "interoperable" means passing the respective test case(s) in the official CSS test suite, or, if the implementation is not a Web browser, an equivalent test. Every relevant test in the test suite should have an equivalent test created if such a user agent (UA) is to be used to claim interoperability. In addition if such a UA is to be used to claim interoperability, then there must one or more additional UAs which can also pass those equivalent tests in the same way for the purpose of interoperability. The equivalent tests must be made publicly available for the purposes of peer review.
See also: the W3C CSS Working Group
Comparing XML Database Approaches
Adriaan de Jonge, IBM developerWorks
The increasing use of XML asks for systems that store semi-structured data without forcing it into inadequate data structures. These requirements are met by both native XML databases and relational databases with integrated XML support. The question is: Why should you prefer a native XML database over an XML-aware classic database or the other way around? This article compares the approaches of a number of varying solutions, including eXist, Mark Logic, and IBM DB2 Express-C. The differences are translated into practical advantages and disadvantages. Regular databases can store both highly structured data and unstructured documents. Both require data structures that do not change often. However, a weakness of relational databases is in storing documents with a semi-structured nature. Unlike structured data, these documents can have many degrees of freedom in the order of document elements and the way those elements are nested within each other. Unlike unstructured documents, the individual elements can be classified using descriptive labels. These elements tend to be fine-grained. XML formats, on the other hand, are good at describing data of a semi-structured nature. In addition, you can easily maintain the data model. Adding new element names does not change the data structure—it always remains a tree structure. It only involves a change in the XML schema describing the way that element names are used and related within the tree structure. For documents such as job resumes, product descriptions, and customer orders, XML documents might be a suitable format. At the same time, XML is also capable of describing structured and unstructured data. In the early years of XML databases, the difference between so-called native XML databases (NXDs) and XML-aware regular relational database management systems (RDBMSs) was large. NXDs were optimized for storing documents described in XML. Older RDBMSs only added some syntactic sugar around regular binary large objects (BLOBs) that happened to contain XML. Nowadays, NXDs are still NXDs but more advanced. At the same time, the vendors of mature RDBMSs have had time to catch up when it comes to the storage of XML documents. XML fragments are no longer stored in BLOBs. Rather, they are stored in tree-like structures, optimized to contain tree-like documents, the basic nature of a typical XML document. In the time between early implementations and today's mature solutions, some fundamental developments have added to the standardization of query languages on XML documents—most notably, XQuery 1.0, with support for XML Path Language (XPath) 2.0. The concept of XQuery was under development for years; the end result has similarities with the early versions but is more mature. Like Structured Query Language (SQL), XQuery promotes vendor independence and reuse.
See also: XML and Databases
OAI-ORE, PRESERV2, and Digital Preservation
Sally Rumsey and Ben O'Steen, Ariadne
The new framework for the description and exchange of aggregations of Web resources, OAI-ORE, had its European release in April 2008. Amongst its practical uses, OAI-ORE has a role to play in digital preservation and continued access to files. This article describes the basic outline of the framework and how it can support the PRESERV2 project digital preservation model of provision of preservation services and interoperability for digital repositories. The PRESERV approach recognises that effective preservation is founded on three fundamental actions on data: copy, move and monitor. This includes the copying and movement of data between different repositories which is where OAI-ORE has a role to play. OAI-ORE also plays a part in interoperability to ensure that repositories and other tools and services can communicate and share information and data. In this way the project is creating and testing a flexible framework for an emerging range of services and tools, to ensure support for long-term access to the data deposited in repositories... Very simply, OAI-ORE permits easier dissemination of digital content. It is a completely separate standard to OAI-PMH and 'neither extends nor replaces it.' OAI-PMH has as its basic tenet 'a mechanism for harvesting records containing metadata' from one repository for reuse elsewhere. This has so far been adequate and supported the openness of repositories. However, an extension of both the uses of repositories and of types of content now requires more comprehensive methods for sharing content, with more capability in terms of what is harvested and how it is reused. Also, there are problems of interoperability with OAI-PMH which the ORE specification aims to address. Instead of focusing on the constraining concept of bulk collections comprising single files held in repositories with only the metadata available for harvesting (you can have the recipe but not the ingredients), OAI-ORE targets the resources themselves, with Web servers acting as data locators wherever that location happens to be. In short, where OAI-PMH focuses on metadata, OAI-ORE focuses on content... the ORE specification provides a model with which we can describe curated digital content, and details a number of ways to express this description. One common way is to describe it using RDF (Resource Description Framework). The ORE specification provides a vocabulary (an 'ontology' in RDF nomenclature) with which this can be done in a way that external agents can understand... In the ORE world, the focus moves away from metadata and on to content, especially when dealing with the complexities of digital objects, resulting in better services for users. In addition to its other benefits, implementing OAI-ORE provides one tool in the repository managers' toolkit to help tackle the monumental problem of digital preservation, curation and continued access. The PRESERV2 model of preservation services provides one option for preservation activities to be undertaken in a way that is realistic and removes the prospect of a single gargantuan task to be undertaken at source. Coupled with OAI-ORE, such services can be applied to repository content of mixed complexity where details such as provenance and relationships are retained. Being able to invoke automated actions on digital objects in a way that is manageable and scaleable, and by enhancing object mobility so that more copies of those digital items can be stored in distributed locations, offers the increased likelihood that the objects will not only survive, but will remain accessible and by extension, usable. Once these preservation services and actions are realised, the focus then moves to policy.
See also: the OAI-ORE web site
Google, Microsoft Say They Still Support Net Neutrality
Grant Gross, InfoWorld
Google and Microsoft said that they have not backed away from their support for net neutrality principles, despite a report to the contrary. Both companies denied much of the information contained in a Wall Street Journal (WSJ) story, which suggested both companies have abandoned their support for network neutrality rules. The article reported that Google is trying to negotiate with broadband providers for an Internet fast lane for its content, apparently in conflict with its support for net neutrality rules prohibiting broadband providers from blocking or slowing content from some applications or companies. The Google efforts described in the article, to enter into edge caching agreements with broadband providers, are consistent with the company's efforts to support net neutrality, Richard Whitt, Google's Washington, D.C., telecom and media counsel, wrote on Google's public policy blog. Edge caching involves the temporary storage of frequently accessed data on servers that are located close to the users accessing that data, and Google has offered to colocate caching servers within broadband providers' facilities... The Wall Street Journal article also said Microsoft and Yahoo have quietly withdrawn from a net neutrality coalition. A Microsoft spokeswoman said there have been no recent changes. Back in October 2006, Microsoft withdrew from the now-defunct 'It's Our Net' coalition, during debates over a proposed merger between AT&T and BellSouth. Microsoft continues to support consumer net neutrality rights, and it has long supported the ability of broadband providers to offer tiers of service and other enhancements... Both Microsoft and Yahoo were members of 'It's Our Net', but chose not to participate when the coalition morphed into the Open Internet Coalition, a group focused on broader broadband issues, when it formed in early 2007...
XML Daily Newslink and Cover Pages sponsored by:
|Sun Microsystems, Inc.||http://sun.com|
XML Daily Newslink: http://xml.coverpages.org/newsletter.html
Newsletter Archive: http://xml.coverpages.org/newsletterArchive.html
Newsletter subscribe: firstname.lastname@example.org
Newsletter unsubscribe: email@example.com
Newsletter help: firstname.lastname@example.org
Cover Pages: http://xml.coverpages.org/