A Cover Pages Publication http://xml.coverpages.org/
Provided by OASIS and Sponsor Members
Edited by Robin Cover
This issue of XML Daily Newslink is sponsored by:
Microsoft Corporation http://www.microsoft.com
Headlines
- Approved OASIS WS-DD Standards: Secure Web Service Discovery for Networked Devices
- W3C First Public Working Draft: CSS Flexible Box Layout Module
- UBL 2.0 International Data Dictionary: Japanese, Italian, and Spanish
- Versioning URIs with Numeric Identifier Components
- Rackspace Open Sources Its Cloud Interfaces
- KMIP Proposal: Interoperable Key Roles for Financial Applications
- Documents as Miniature Websites?
Approved OASIS WS-DD Standards: Secure Web Service Discovery for Networked Devices
Staff, OASIS Announcement
OASIS announced that its members have voted to approve three related Web services protocol standards that make it easier to find, share, and control devices on a network. Advanced by the OASIS Web Services Discovery and Web Services Devices Profile (WS-DD) Technical Committee, these new standards include "Web Services Dynamic Discovery (WS-Discovery)," "SOAP Over User Datagram Protocol (UDP)," and "Devices Profile for Web Services (DPWS)."
Together, the three standards enable printers, storage devices, sensors, building security devices, entertainment systems, energy management equipment, hand-held computers, cell phones, remote controls, and many other devices to be identified, communicated with, and controlled using Web services.
Toby Nixon (Microsoft, Co-chair of the WS-DD Committee at OASIS): "WS-DD expands the scope of the WS-* stack to encompass an exciting range of devices used by both consumers and professionals. Together, WS-Discovery, SOAP-over-UDP, and DPWS define a lightweight footprint that offers the potential to broaden the reach of Web services..."
See also: the OASIS Web Services Discovery and Web Services Devices Profile (WS-DD) Technical Committee
W3C First Public Working Draft: CSS Flexible Box Layout Module
Neil Deakin, Ian Hickson, David Hyatt (eds), W3C Technical Report
Members of the W3C CSS Working Group, part of the Style Activity, have released a First Public Working Draft for the CSS Flexible Box Layout Module.
"Flexible boxes lay out their children using a constraint-based system that supports both relative flexible sizing and intrinsic sizing. Elements within a box may be intrinsically sized yet have their size increased if additional space is available in the container or have their size reduced if less space is available. In addition, the position and order of elements within a box may be modified. In CSS, flexible boxes (often referred to only as boxes in this specification) may be created by setting the 'display' property. A block-level box can be specified with a value of 'box' and an inline box can be specified using a value of inline-box. A block-level box placed inside a block level element is positioned and sized as if it were any other block. An inline-level box placed inside another element is positioned and sized like an inline-block...
This working draft describes a CSS box model optimized for interface design and provides an additional layout system alongside the ones already in Cascading Style Sheets..."
See also: the W3C CSS Working Group
UBL 2.0 International Data Dictionary: Japanese, Italian, and Spanish
Jon Bosak, OASIS UBL TC Announcement
Jon Bosak, Co-Chair of the OASIS Universal Business Language Technical Committee, announced that UBL 2.0 International Data Dictionary, Volume 1: Japanese, Italian, and Spanish has been approved as an OASIS Committee Specification. Volume 1 provides informative Japanese, Italian, and Spanish translations of the roughly 2000 business terms normatively defined in English in the UBL 2.0 distribution, as updated by the Errata package released in May 2008.
From the Introduction: "UBL, the Universal Business Language, defines standard XML representations of common business documents such as purchase orders, invoices, and shipping notices. UBL 1.0, released as an OASIS Standard in November 2004, normatively defines over 600 standard business terms (represented as XML element names) that serve as the basis for eight basic standard XML business document types. These English-language names and their corresponding definitions constitute the UBL 1.0 data dictionary—not a separate publication, but simply a label for the collection of all the element names and definitions contained in the UBL 1.0 data model spreadsheets and in the XML schemas generated from these data models. As an informational aid for UBL users, UBL localization subcommittees subsequently translated all of the UBL 1.0 definitions into Chinese (traditional and simplified), Japanese, Korean, Spanish, and Italian. These translations were published in a single merged spreadsheet called the UBL 1.0 International Data Dictionary (IDD)...
As the translation effort is expected to take some time, the UBL Technical Committee is releasing the UBL 2.0 IDD in stages as the localization subcommittees complete their work in order to begin the public review that is an integral part of the OASIS specification process. This first release, Volume 1, contains translations of all the UBL 2.0 data definitions into Japanese, Italian, and Spanish; subsequent releases will add further translations as they become available..."
See also: the announcement
Versioning URIs with Numeric Identifier Components
Jeni Tennison, Blog
Prompted by discussion at a workshop on "developing URI guidelines for the UK public sector... there's a growing recognition of the fact that we need URIs for the real-world and conceptual things that we talk about in the public sector: schools, roads, hospitals, services, councils, and so on. One of the particular points of contention at the meeting was whether URIs for non-information resources (i.e., for real-world and conceptual things) should contain dates or version numbers, or not...
Documents (that people read) are just one form of 'information resource': things that are information and therefore can be transmitted electronically. Other things in the world are 'non-information resources': things that are more than simple information and therefore cannot be transmitted electronically, such as schools, roads, hospitals and so on. A lot of things that we want to talk about (make RDF assertions about) are non-information resources. We give them URIs to name them, so that we can talk about them unambiguously, and we give them HTTP URIs so that we have a way of finding information resources (documents) that give us information about them. Does the information that you get when you resolve a non-information resource URI change? Absolutely....
[But] we come to the question of versioning the URIs themselves... many people, myself among them, really dislike the use of years or version numbers within URIs for non-information resources—unless, I should say, they are used as part of the identification of the resource... What do you think? Should versioning be avoided in URIs at all costs, or always be included just in case? Are there other arguments for or against including versions or years in URIs? What other design considerations are there that help prevent changes to URIs over (long periods of) time?"
See also: Namespaces in XML
Rackspace Open Sources Its Cloud Interfaces
Gordon Haff, CNet News.com
"In cloud computing, we're seeing almost all the forms of standards-making coming into play with the primary goal of promoting interoperability among different cloud service providers and between private and public clouds. On the de jure side, the most significant standards making effort is taking place under the auspices of the Distributed Management Task Force (DMTF), an established organization in the management standards space. AMD, Cisco, Citrix, EMC, HP, IBM, Intel, Microsoft, Novell, Red Hat, Savvis, Sun Microsystems, and VMware announced in April 2009 that they would comprise the board for an Open Cloud Standards Incubator within the DMTF...
Amazon Web Services (AWS) has clearly emerged as the de facto standard for Infrastructure-as-a-Service (IaaS)... Now one of Amazon's competitors, Rackspace, is taking yet another approach to promoting its implementation as a standard. It's open sourcing the specifications for its Cloud Servers and Cloud Files API under the Creative Commons 3.0 Attribution License. They have also made available its Cloud Files language bindings for Java, PHP, Python, C#, and Ruby under the MIT license. The Creative Commons license that Rackspace is using allows users to both share and change the work so long as they provide attribution to the creator, in this case Rackspace..."
KMIP Proposal: Interoperable Key Roles for Financial Applications
Jon Geater, Todd Arnold, and Chris Dunn; OASIS TC Contribution
The document "KMIP Proposal to Provide Sufficient Interoperable Key Roles for Financial Applications" contains a proposal for modification to the OASIS KMIP specification to better accommodate financial crypto applications. This version includes user guide description for supporting asymmetric concepts using symmetric keys....
Overview: "To a first approximation, in financial crypto all keys are DES keys of some length or another, and policy is defined at the application layer (e.g., 'VerifyPIN' rather than 'encrypt' or 'decrypt') so basic crypto-level access control does not work: at that level (algorithm, mechanism) all keys are effectively the same. In order to prevent abuse of keys an application layer system of key usage called 'key roles' is employed. By attaching a role to a key it is possible to differentiate it from other keys preventing a PIN validation key from being used as a key encryption key, for example... Augmenting KMIP to cover all the needs of the financial community would be difficult: the world of financial crypto is a complex one with a significant history of regionalization, customization and vendor 'tweaks', making it complex, divergent, and confounding interoperability. However, the financial community, under ANSI X9, has defined an interoperable key block for secure key exchange which captures the set of key roles for keys that are commonly transferred between implementations. While all vendors of financial HSMs/APIs have larger sets of roles with improved security properties or flexibility the workload implications of explicitly supporting all these specializations in the normative document are many...
Given that KMIP is an interoperability specification it is deemed sufficient to include only those roles deemed relevant for interchange by the subject matter experts in X9. This proposal completely replaces specification lines 358 (section 3.6) and 1575 (section 9.1.3.2.15) in the version 0.98 KMIP specification. In addition, it adds to the definition of Cryptographic Usage Mask in sections 3.12 and 9.1.3.3.1 to support the new roles definitions. Key Role definitions have been chosen to match those defined in ANSI X9 — TR-31 2005 Interoperable Secure Key Exchange Key Block Specification for Symmetric Algorithms, where Accredited Standards Committee X9 contributed to the [definitions]...
See also: the OASIS Key Management Interoperability Protocol (KMIP) TC
Documents as Miniature Websites?
Rick Jelliffe, O'Reilly Technical
Earlier the author wrote: "perhaps the looming challenge for document standards is not in deciding or developing perfect formats, but in integrating the packaged world of documents with the fragmented world of web resources. Documents that can be websites."
More: "he most likely future for documents and their formats, is that each document will start to look/act/be implemented more and more like a tiny, self-contained website. If you look at the big trends in documents, it seems a plausible direction: (1) XML-in-ZIP packaging chunks the document into smaller resources which are then locatable by URL; (2) The old SGML desire for a separation of concerns between data and processing is now the dominant paradigm for documents encourages this fragmentation; (3) The old SGML one-bit-fat-tree approach has failed to withstand the need for more layering and fragmentation, and is being replaced (notably in DITA but also I see RDF fitting in here too) with a system of smaller chunks of data linked together by hierarchical/tabular maps: any container that contains a container is liable to be moved to a map chunk of some kind. (4) VBA's security issues are leading to its demise, certainly on the Mac platform, and its downplaying on Windows by MS... (5) The possibility I raised two years ago seems to be coming closer to the mainstream: recently I read of a distro of Open Office which presents rendered PDF pages by default, and then switches to ODF if you want to edit the page: the ODF document is both PDF and ODF at the same time...
There is a flip-side: as documents become more like tiny websites, the desktop application will become more become more like a browser with an internal web-server. If you like MVC, maybe you could say that the document is the model., the browser provides the view, and the server and scripts provide the controllers..."
Sponsors
XML Daily Newslink and Cover Pages sponsored by:
IBM Corporation | http://www.ibm.com |
Microsoft Corporation | http://www.microsoft.com |
Oracle Corporation | http://www.oracle.com |
Primeton | http://www.primeton.com |
Sun Microsystems, Inc. | http://sun.com |
XML Daily Newslink: http://xml.coverpages.org/newsletter.html
Newsletter Archive: http://xml.coverpages.org/newsletterArchive.html
Newsletter subscribe: newsletter-subscribe@xml.coverpages.org
Newsletter unsubscribe: newsletter-unsubscribe@xml.coverpages.org
Newsletter help: newsletter-help@xml.coverpages.org
Cover Pages: http://xml.coverpages.org/