This issue of XML Daily Newslink is sponsored by:
Microsoft Corporation http://www.microsoft.com
- OASIS Announces Preliminary Program for Identity Management 2009
- Revised IETF Internet Draft for The 'about' URI Scheme
- OMG Review: Product Lifecycle Management Services Version 2.0
- W3C XQuery Update Facility Test Suite
- Indirect Presence Publication with the Session Initiation Protocol (SIP)
- Microsoft IE 8 Shines in Web Browser Security Test
OASIS Announces Preliminary Program for Identity Management 2009
Staff, OASIS Announcement
The OASIS Identity Management 2009 Conference, with focus on "Transparent Government — Risks, Rewards and Repercussions", will be held September 28-29, 2009. The National Institute of Standards and Technology (NIST) is hosting the Identity Management 2009 Conference at the Gaithersburg, MD facility.
"As national and international governments endeavor to manage citizen's identities while providing open, transparent and trusted services, the challenges of managing identities and access to information on such huge scales require careful planning, a strong policy focus, and attention to standards and interoperability. This two-day Identity Management Conference will provide users who are evaluating or looking to deploy such security infrastructures with an opportunity to explore the state of the art in security services, standards and products. It will also provide users with an opportunity to present and share their use cases, requirements and (initial) experience with other users and with some of the leading experts in this field..."
Revised IETF Internet Draft for The 'about' URI Scheme
Joseph A.P. Holsten and Lachlan Hunt; IETF Internet Draft
An updated -02 version of the Informational IETF Internet Draft "The 'about' URI Scheme" is available for review. Discussion of this I-D should take place on the IETF Proposed URI Schemes Discussion List.
The document 'specifies the URI (Uniform Resource Identifier) scheme 'about'. About URIs are designed to be an internal, application-level identifier. Unlike many other URI schemes, the resolution of, and resources represented by, about URIs are left largely to each individual application. Only the 'about:blank' URI must be the same."
"An about URI is designed to be used internally by applications for almost any desired purpose. Such URIs have commonly been used by web browsers for providing access to built-in functionality, such as application information, preferences, settings, or 'easter eggs'. While any number of existing schemes could be used to identify such resources, about URIs have become the de facto standard. Browsers already use the about scheme. The 'about:blank' URI is ubiquitous, and some browsers also provide other resources with the about scheme..."
"Resolving About URIs: In general, applications are free to resolve any about URI to any resource, either internal or external, or redirect to an alternative URI, with about:blank being the only exception. As about URIs are designed to be internal to each application, there is no expectation of any URI, except about:blank, returning the same resource among different applications. However, it is worth noting that some conventions have arisen for providing particular functionality via common about URIs. Because about URIs identify application specific information, applications should not retrieve remote information for such a resource. The about:blank URI is the only about URI reserved by this specification..."
OMG Review: Product Lifecycle Management Services Version 2.0
Staff, Object Management Group
The Object Management Group (OMG) has published a review copy of the PLM specification "Product Lifecycle Management Services Version 2.0" OMG Document 'smsc/09-08-02' is 403 pages; normative machine-readable files accompanying the specification are provided in an extra structured archive document. They include XMI (XMLformat) for Platform independent informational model of PLM Services 2.0, Platform independent computational model of PLM Services 2.0, XML Schema Platform specific model of PLM Services 2.0, and WSDL Platform specific computational model of PLM Services 2.0.
The OMG PLM specification "defines a Platform Independent Model (PIM) for Product Lifecycle Management Services V2.0. Its informational model is derived from the ISO 10303-214 STEP model by an EXPRESS-X mapping specification and an EXPRESS-to-XMI mapping process. The functional model is derived from the OMG PDM Enablers V1.3 and to fulfill requirements of the associated RFP. The specification defines a Platform Specific Model (PSM) applicable to the Web Services implementation defined by a WSDL specification, with a SOAP Binding, and an XML Schema specification.
In Chapter 10 (WebServices PSM), a projection of the PIM into the platform specific model (PSM) with an execution infrastructure given by XML is defined. The projection is done via an enrichment of the model by a customized UML profile for XML Schema, where a UML profile is given for informal purposes."
"Founded in 1989, the Object Management Group, Inc. (OMG) is an open membership, not-for-profit computer industry standards consortium that produces and maintains computer industry specifications for interoperable, portable, and reusable enterprise applications in distributed, heterogeneous environments... OMG member companies write, adopt, and maintain its specifications following a mature, open process. OMG's specifications implement the Model Driven Architecture (MDA), maximizing ROI through a full-lifecycle approach to enterprise integration that covers multiple operating systems, programming languages, middleware and networking infrastructures, and software development environments. OMG's specifications include: UML (Unified Modeling Language); CORBA (Common Object Request Broker Architecture); CWM (Common Warehouse Metamodel); and industry-specific standards for dozens of vertical markets..."
See also: OMG specifications
W3C XQuery Update Facility Test Suite
Andrew Eisenberg, Carmelo Montanez (et al), W3C Announcement
Members of the XML Query Working Group have anounced the availability of version 1.0.0 of the XQuery Update Facility Test Suite (XQUTS). This test suite reflects the XQuery Update Facility 1.0 Candidate Recommendation published earlier. Members of the development team have provided guidelines on how to run the test suite, how to provide feedback, and how to send your results. If enough positive results are received, then the team will be able to request a transition to Proposed Recommendation. Questions about the XQuery Update Facility Test Suite can be sent to the XQTS public mailing list.
The XQuery Update Facility 1.0 Candidate Recommendation defines an update facility that extends the XML Query language, XQuery. The XQuery Update Facility provides expressions that can be used to make persistent changes to instances of the XQuery 1.0 and XPath 2.0 Data Model.
The XQuery Update Facility Test Suite (XQUTS) was designed to test whether the W3C XQuery Update Facility can be implemented interoperably as published. If you have implemented the XQuery Update Facility, using this test suite facility is a good way to ensure that your implementation follows the specification, and to identify aspects of the specification that should be changed if there are implementability issues. XQUTS 1.0.0 reflects the third publication of the W3C XQuery Update Facility Candidate Recommendation published on June 9, 2009. The XQuery Update Facility Test Suite contains a catalog that contains general information on the test suite as well as test descriptions for each of the test cases included in this release. Test queries and expected results are contained in individual files. All interpretations of this Recommendation are subject to confirmation by the XML Query Working Group.
See also: XQuery Update Facility 1.0
Indirect Presence Publication with the Session Initiation Protocol (SIP)
Miguel A. Garcia-Martin, Hannes Tschofenig (et al), IETF Internet Draft
Members of the IETF Geographic Location/Privacy (GEOPRIV) Working Group have published an initial version -00 Internet Draft for "Indirect Presence Publication with the Session Initiation Protocol (SIP)."
"SIP is extended by the SIP-events framework to provide subscriptions and notifications of SIP events. One example of such event notification mechanism is 'presence' and this presence information is carried in XML-based Presence Information Data Format (PIDF) documents.
The SIP PUBLISH method specified in IETF RFC 3903 carrying a PIDF document is typically used when presentities publish their own presence since these presentities are typically the source of the information. However, there are cases when the presentity is not the direct source of the presence information. One such example is location information where the end host may obtain a reference to location information as opposed to as a value. The endpoint is typically not interested in knowing its own location information, but other users or entities might be. There is a need for a mechanism that the presentity can use to publish indirect references, such as indirect location references. This document discusses a few variants that may be used to provide this functionality..."
Microsoft IE 8 Shines in Web Browser Security Test
Ellen Messmer, Network World
"Microsoft's Internet Explorer 8 rated tops among five browsers tested by NSS Labs for effectiveness in protecting against malware and phishing attacks—though NSS Labs acknowledges Microsoft paid for the tests. Nevertheless, the test process, which lasted over a two-week period in July 2009 at the NSS Labs in Austin, evaluated the browsers based on access to live Internet sites and in theory could be duplicated elsewhere. Apple Safari 4, Google Chrome 2, Mozilla Firefox 3, and Opera 10 beta were evaluated as being behind Microsoft IE 8 when it comes to browser protection against phishing and malware, mainly because Microsoft was deemed more speedy and comprehensive in delivering updates about known phishing and malware to the user's desktop browser...
Time is of the essence to use the browser as protective cover, one of the two NSS Labs reports issued Thursday notes. The report cites an Anti-Phishing Working Group estimate that more than 47,000 unique attacks occurred in the second half of 2008 with an average lifespan of 52 hours... In a test based on 608 potentially malicious URLs, IE 8 achieved an 81% mean block rate for socially-engineered malware, while Firefox 3 logged in at 27%, Safari 4 at 21%, Chrome 2 at 7% and Opera 10 beta at 1%. On average, 197 new validated URLs were added to the test each day, more or less depending on "criminal activity levels" as malicious URLs quickly rolled in and out of use. IE Explorer 8, which calls its protection mechanism SmartScreen , did best for protecting against socially-engineered malware in what was called the "zero hour" timeframe when a malicious URL was spotted by blocking 51% of the time..."
See also: the NSS reports
XML Daily Newslink and Cover Pages sponsored by:
|Sun Microsystems, Inc.||http://sun.com|
XML Daily Newslink: http://xml.coverpages.org/newsletter.html
Newsletter Archive: http://xml.coverpages.org/newsletterArchive.html
Newsletter subscribe: firstname.lastname@example.org
Newsletter unsubscribe: email@example.com
Newsletter help: firstname.lastname@example.org
Cover Pages: http://xml.coverpages.org/