The Cover PagesThe OASIS Cover Pages: The Online Resource for Markup Language Technologies
Advanced Search
Site Map
CP RSS Channel
Contact Us
Sponsoring CP
About Our Sponsors

Cover Stories
Articles & Papers
Press Releases

XML Query

XML Applications
General Apps
Government Apps
Academic Apps

Technology and Society
Tech Topics
Related Standards
Last modified: August 04, 2009
XML Daily Newslink. Tuesday, 04 August 2009

A Cover Pages Publication
Provided by OASIS and Sponsor Members
Edited by Robin Cover

This issue of XML Daily Newslink is sponsored by:
Sun Microsystems, Inc.

Cryptographic Message Syntax (CMS) Advanced to IETF Draft Standard
Russell Housley (ed), IETF Internet Draft

The Internet Engineering Steering Group (IESG) announced the approval of RFC 3852bis Cryptographic Message Syntax (CMS) to the status of IETF Draft Standard. Produced by members of the IETF S/MIME Mail Security Working Group, this document specifies the Cryptographic Message Syntax (CMS), which is used to digitally sign, digest, authenticate, or encrypt arbitrary message content. The content of this document is based on RFC 3852, but also incorporates errata and the clarifications previously published as RFC 4853.

RFC 3852 itself was a product of the S/MIME working group. CMS is widely referenced, and is a key building block for specifications developed by the S/MIME, ltans, and keyprov working groups in IETF. Two or more interoperable implementations have been identified for all features, as recorded in the published implementation report.

The CMS describes an encapsulation syntax for data protection, with support for digital signatures and encryption. The syntax allows multiple encapsulations; one encapsulation envelope can be nested inside another. Likewise, one party can digitally sign some previously encapsulated data. It also allows arbitrary attributes, such as signing time, to be signed along with the message content, and provides for other attributes such as countersignatures to be associated with a signature. The CMS can support a variety of architectures for certificate-based key management, such as the one defined by the PKIX working group. The CMS values are generated using ASN.1, using BER-encoding. Values are typically represented as octet strings. While many systems are capable of transmitting arbitrary octet strings reliably, it is well known that many electronic mail systems are not. This document does not address mechanisms for encoding octet strings for reliable transmission in such environments.

See also: the CMS Implementation Report

W3C First Public Working Draft: CSS Image Values Module Level 3
Elika J. Etemad (ed), W3C Technical Report

Members of the W3C Cascading Style Sheets (CSS) Working Group have published the First Public Working Draft for CSS Image Values Module Level 3. This CSS Image Values module defines the syntax for 'image' values in CSS,where 'image' values can be a single URI to an image, a list of URIs denoting a series of fallbacks, sprites (image slices), or gradients.

In CSS Levels 1 and 2, image values such as those used in the 'background-image' property could only be given by a single URI value. This new Level 3 module introduces additional notations that allow a 2D image to be given as a list of URIs denoting fallbacks.

"Image references and image slices make use of the 'url()' notation. A portion of an image may be referenced (clipped out and used as a standalone image) by use of fragment identifiers. The image sprites syntax is different from image slices: image slice syntax allows you to specify the coordinates of a region in the image and use that as a standalone image, but all the coordinates must be specified inline. This is great for one-off cutouts, but becomes unnecessarily verbose when the slices fit into a grid structure..."

See also: the W3C Cascading Style Sheets (CSS) Working Group

Explore Analytics in the Cloud with Zoho Reports and XML
Ryan Knight, IBM developerWorks

"Cloud analytics provide a business intelligence (BI) reporting engine without the overhead and cost to install and maintain a traditional reporting engine. They are also accessible to a wider audience, because they don't require specialized skills to set up and maintain them. Unlike traditional reporting engines, the data used for cloud analytics can reside in a number of locations outside the reporting engine. The primary challenge with cloud analytics is the efficient transfer of the data into the reporting engine. Many cloud analytics platforms allow you to import the data from a spreadsheet or a comma-separated values (CSV) file. They also provide a programmatic interface through Web services...

Zoho Reports provides a hosted database for storing data and a Representational State Transfer (REST)-ful API to allow for interaction with the data. A REST-style architecture is an ideal solution, because it allows for simple messaging over HTTP. With simple HTTP messages, you can communicate with the server, and the server can return the data in XML format. The example in this article shows how a traditional application might use Zoho Reports for data storage and retrieval as well as reporting purposes, plus provide the ability to embed the resulting graphs in your Web pages..."

See also: the Zoho Reports web site

Intuit Reaches Out to Open Source Community
Jeffrey Schwartz, Application Development Trends

"Looking to expand the reach of its popular QuickBooks software, Inuit has launched an open source effort. By launching the web site, Intuit said it is looking to bring developers to build cloud and online applications for its base of small customers. The open source effort is based on Intuit's new Federated Application platform, launched in June 2009, which allows developers to write software-as-a-service applications in key programming languages such as Java, .NET, PHP, Ruby, and others. The company's goal is to enable developers to bridge Quickbooks, used by millions of small businesses, to other applications..."

According to the text of the announcement: "Third-party developers are currently contributing code to the community. VerticalResponse, Inc. provided a sample Ruby SAML gateway that enables authentication between the Intuit Partner Platform and their application, VerticalResponse for Intuit Workplace...

The initial Intuit-sponsored projects under open source Common Public License include: (1) IPP Developer Toolkits: Language-binding libraries and sample code for the Intuit Partner Platform. The toolkits under development include Java, J2ME, Ruby, .Net, iPhone, and others. (2) IPP Federated Authentication: Working and sample code for Federated authentication for the Intuit Partner Platform using the SAML standard. (3) Princeussie for Flex: Adobe Flex components which extend the existing Intuit Partner Platform Kingussie frameworks. (4) IPP Deployer: Maven and Ant tools for deploying Intuit Workplace applications; this project is in incubation..."

See also: the Intuit announcement


XML Daily Newslink and Cover Pages sponsored by:

IBM Corporation
Microsoft Corporation
Oracle Corporation
Sun Microsystems, Inc.

XML Daily Newslink:
Newsletter Archive:
Newsletter subscribe:
Newsletter unsubscribe:
Newsletter help:
Cover Pages:

Hosted By
OASIS - Organization for the Advancement of Structured Information Standards

Sponsored By

IBM Corporation
ISIS Papyrus
Microsoft Corporation
Oracle Corporation


XML Daily Newslink
Receive daily news updates from Managing Editor, Robin Cover.

 Newsletter Subscription
 Newsletter Archives
Globe Image

Document URI:  —  Legal stuff
Robin Cover, Editor: