The Cover PagesThe OASIS Cover Pages: The Online Resource for Markup Language Technologies
Advanced Search
Site Map
CP RSS Channel
Contact Us
Sponsoring CP
About Our Sponsors

Cover Stories
Articles & Papers
Press Releases

XML Query

XML Applications
General Apps
Government Apps
Academic Apps

Technology and Society
Tech Topics
Related Standards
Last modified: April 19, 2010
XML Daily Newslink. Monday, 19 April 2010

A Cover Pages Publication
Provided by OASIS and Sponsor Members
Edited by Robin Cover

This issue of XML Daily Newslink is sponsored by:
ISIS Papyrus

Meebo Launches XAuth Open Framework to Enable the Social Web
Staff, Meebo Announcement

"Meebo has introduced Extended Authentication (XAuth), an open technology platform designed to increase social engagement by making it easier for users to connect to their friends no matter where they are online. Meebo has been joined in the XAuth initiative by major internet and social services like Google, Microsoft Corp., MySpace, Yahoo!, JanRain, DISQUS, and Gigya. The XAuth framework will be made available via open source and will be refined throughout the year. Further collaboration with additional partners, the Open Identity Exchange (OIX) and the OpenID Foundation is planned to facilitate an open consortium to host the XAuth technology...

XAuth is designed to help publishers and providers of social applications balance two things: the need to give users a diverse set of choices for logging into their experience with a third-party identity provider, and the need to also ensure that sign-in and registration flows remain as simple and elegant as possible. The XAuth specification addresses this issue by enabling the ability to recognize when a visitor is already logged into a communication and social networking service of their choice, such as Google, Microsoft Corp., MySpace, Yahoo! and others, and then making it easy for the user to utilize that existing channel to share content, links or feeds with their friends, use instant messenger or e-mail, and otherwise participate in the site's community.

With XAuth, publishers will be able to escape the handicap of not having insight into their users' preferred social services and instead can present their users with a host of relevant options. This will lead to increased engagement, relevancy and participation in the social ecosystem for web site publishers, service providers, and users...

One example of a use-case for XAuth would be if a user frequents Gmail and MySpace (services from providers) and visits a website that has a Meebo Bar, the bar will recognize the user via XAuth. If the user then clicks on the Meebo Bar, it will prompt him or her to connect to friends on Gmail and MySpace—the two services with the most relevance to the particular user in this case... Participating XAuth services generate a browser token for each of their users. Publishers can then recognize when site visitors are logged in to those online services and present them with meaningful, relevant options. Users can choose to authenticate directly from the publisher site and use the service to share, interact with friends, or participate in the site's community. The XAuth Token can be anything, so services have the flexibility to define whatever level of access they choose..."

See also: the Extended Authentication (XAuth) specification

Associating Schemas with XML Documents 1.0 (First Edition) Published
Paul Grosso and Jirka Kosek (eds), W3C Technical Report

The W3C XML Core Working Group has published a Group Note for Associating Schemas with XML Documents 1.0 (First Edition). The technology defined in this specification allows schemas using any schema definition language to be associated with an XML document by including one or more processing instructions with a target of 'xml-model' in the XML document's prolog.

This specification is being jointly developed by W3C and ISO/IEC JTC1/SC34. The technical content of this W3C specification and that of ISO/IEC 19757-11 is expected to be identical, so the basic content of this WG Note may be or may become referenceable in ISO form.

There are several document schema definition languages in common use today that can be used to specify one or more validation processes performed against Extensible Markup Language (XML) documents. Some schema languages provide their own syntax for associating schemas with documents (DTD, W3C XML Schema) and some languages (RELAX NG, Schematron) do not provide schema association mechanisms at all. The purpose of this specification is to define a common, schema-agnostic syntax for associating schema documents written in any schema definition language with a given XML document.

The specification defines the syntax and processing expectations for an 'xml-model' XML processing instruction. Such processing instructions associate one or more schemas with the XML document in which they are present. The associated schemas may be written in any schema definition language. Applications can use the associated schemas for any purpose including those such as document validation, content completion in interactive editors, or creating models for data binding. Presence of an 'xml-model' processing instruction is not in itself an instruction to any processor to validate the document, nor is it a statement that the document is not to be processed without validation. It is a declarative statement of a relationship between the document and one or more external schemas... This specification is not meant as a replacement for other technologies that provide more general and indirect schema association features like NVDL and XProc. The specification is complementary technology which can be used when it is necessary to store ad-hoc schema associations directly inside XML document...

See also: W3C XML specifications

XEP: Activity Stream over XMPP
Laurent Eschenauer (ed), OneSocialWeb Community Specification

"The specification 'Activity Stream over XMPP' defines an XMPP protocol extension for sharing, archiving and retrieving generic social networking activities. It supports simple activities like blogging, microblogging, bookmarking, sharing pictures, etc. and also supports custom activities. The activity publishing supports fine grained privacy control: users can assign access control rules on a per activity basis. This protocol aims at providing a flexible platform for social activities management in a decentralized social network, thus enabling all social network use cases related to sharing of activities.

This extension is part of the OneSocialWeb suite of XMPP extensions. The data format for Activities closely follows the standard with a few additions/clarifications. The protocol flow is based on XEP-0277 ('Microblogging Over XMPP') and is therefore using XEP-0163 (PEP).

This protocol can be used to turn any XMPP server into a full fledged social network, participating in the OneSocialWeb federation. The suite of XMPP extensions covers all the usual social networking use cases such as user profiles, relationships, activity streams and third party applications. In addition, it provides support for fine grained access control, realtime notification and collaboration.

About: "The purpose of OneSocialWeb is to enable free, open, and decentralized social applications on the web... The project has been built upon the shoulders of other standardization initiatives aiming to open up the web and we have been inspired by the visionaries behind them:, portablecontacts, OAuth, OpenSocial, FOAF, XRDS, OpenID and more..."

See also: OneSocialWeb resources

Alfresco Community 3.3 Supports CMIS, Google Docs, Enhanced WCM Collab
Staff, Alfresco Announcement

"Alfresco Software, leader in open source enterprise content management (ECM), has announced the immediate availability of Alfresco Community Edition 3.3 for download. This release includes a range of content services for developers, including integrations with IBM Lotus Social software and a preview of an upcoming Google Docs integration. With LGPL licensing and enhancements to document and web content management (WCM) functionality, Community 3.3 is also the first ECM tool to enable developers to deliver content-rich business applications leveraging CMIS 1.0 open source standards... Alfresco Community Edition is a free-to-download, free-to-use version developed on an open source stack that runs on Windows, Linux or Mac for the Alfresco Community..."

John Newton, CTO, Alfresco Software: "From CMIS 1.0-compliance that will 'future proof' content application development, to LGPL licensing, Community 3.3 offers a range of new features and functionality that will continue to extend the free distribution and presence of Alfresco open source ECM. The enhanced content services in Alfresco Community 3.3 are designed to help organizations better manage web presence with tools designed to simplify the process of building content-rich web applications using CMIS."

Significant enhancements to Alfresco Community Edition 3.3 includes content services that provide core content management capabilities, in a free-to-distribute CMIS runtime: (1) CMIS 1.0 Compliance; (2) Inline Content Editing Services for in-context editing, allowing non-technical content authors to edit content directly from the web page; (3) Content Repurposing—automated content formatting functionality that allows developers to build solutions to easily repurpose content for the web; developers can use automated rules and existing FreeMarker and XSLT templates to format content for multiple delivery channels; (4) Repository Replication and Web Deployment, where developers can utilize the transfer service to build solutions that transfer content between Alfresco repositories, enabling them to maintain rich content structures and relationships between Alfresco environments...

Alfresco Community 3.3 extends Alfresco support to include IBM Lotus and Google Docs' online editing capabilities... New enhancements to Alfresco's collaborative content management platform (Alfresco Share) include repository-wide content access, automated content rules, collaboration lists for tracking lists of items within the context of a project, and Google Like Search, which allows fields to be queried alongside text searches, such as finding documents by a given author created since a given date and containing a given text..."

See also: CMIS resources

Apache Chemistry Meeting Wrap Up
Florent Guillaume, Blog

"Last week a meeting took place in Munich between the main developers behind the two Java Chemistry projects: Chemistry and OpenCMIS. I can say that the meeting was a success and that the two codebases are now in the process of actively being merged...

People from Open Text, SAP, Alfresco, and Nuxeo were present. There were lively discussions about many technical points, but following the Apache rules of conduct for such meetings all points were summarized each day to the mailing-list for larger visibility and input by the whole community.. The remaining work to do for this merge will be logged in the Apache JIRA issue tracker, again to provide visibility.

Once the current code base is stabilized, which we hope will take no more than one or two weeks, we want to make a first 0.1-incubating release, in order for clients to be able to start using a fixed version of the library. I will be the release manager for the first release, which will likely be the most complex one for us as we learn the ins and outs of releasing an Apache project.

'Apache Chemistry' continues to be the global umbrella hosting CMIS-related projects at the Apache foundation. The particular Java sub-project providing a general-purpose library for the client and server side, that was the object of this merge, is named OpenCMIS in recognition of the origin of the majority of the code. Other sub-projects (e.g., a python library, a Javascript one, various other clients, etc.) will be encouraged to find their own name to have an easily remembered identity under Chemistry. The website will also soon be updated with more documentation about all the projects, including the new OpenCMIS... At the moment Apache Chemistry is still in the incubation phase, but given that the community around it is now well established we hope to start the process of becoming a fully fledged top level Apache project soon... Meanwhile the OASIS CMIS standard itself is now being voted upon by the voting members of OASIS..."

See also: the Apache Chemistry Project web site

Session Initiation Protocol (SIP) Resource Availability Event Package
Parthasarathi Ravindran and Sheshadri Shalya (eds), IETF Internet Draft

IETF has published an initial level -00 specification for the Session Initiation Protocol (SIP) Resource Availability Event Package. The Resource Availability Indication (RAI) document format is XML, embedded as message body in NOTIFY message of resource-availability package. This XML document contains (1) Entity parameter in Resource-availability to specify the entity whose resource information is available as part of this message; (2) System Tuple to indicate whether the whole system is overloaded or not; (3) Resource Tuple indicates the individual resources total and available capabilities, and also whether the resource is available for further new dialog processing; (4) Resource Subtype provides the granular information within the particular resource...

Specification abstract: "Overload occurs in Session Initiation Protocol (SIP) networks when B2BUA, proxies, and user agents have insufficient resources like CPU, memory, DSP, or bandwidth to complete the processing of a request. SIP provides limited support for overload handling through its 503 response code, which tells an upstream element that it is overloaded. This document defines explicit SIP based resource monitoring and overload avoidance mechanism based on the resource availability of the entity."

Background: "In Voice/Video over IP (VoIP) network, Session Initiation protocol (SIP) as defined in RFC 3261 is widely deployed as a signaling protocol and overload occurs in the SIP network has limited support using 503 response. Overload is said to occur if a SIP server does not have sufficient resources to process all incoming SIP messages... In case of CPU overload, when the number of incoming dialogs are reduced then the system comes to normal situation in a short span of time whereas DS0/DSP resource overload will come back to normal after the set of dialogs are terminated. It is necessary for the system to understand its current resource capability and indicate to the neighboring entity in right time to avoid congestion collapse... As SIP is used for overload protection, it is easy to relate the overload protection information to specific SIP entity within the SIP network without having any separate naming or addressing scheme.

Apart from overload scenario, the administrator might be interested in monitoring the resource utilization pattern at any given time for deciding whether the VoIP network resources need to be expanded or it is under utilized. SIP based resource utilization is preferred within SIP network and removes the need for using any other management protocol for resource monitoring purpose..."

See also: the IETF Session Initiation Proposal Investigation WG Status Pages

W3C Issues Last Call Review for Digital Signatures for Widgets
Frederick Hirsch, Marcos Cáceres, Mark Priestley (eds), W3C Technical Report

Members of the W3C Web Applications Working Group have published a Last Call Working Draft for the specification Digital Signatures for Widgets. The Last Call review period ends on May 06, 2010. The title of the document has been changed from "Widgets 1.0: Digital Signatures", and the processing of same-document XML References has been changed to require use of a Transform to specify Canonical XML 1.1 to minimize ambiguities, while recommending validators also support the case without a transform for backward compatibility. Specification references have also been updated.

The document 'Digital Signatures for Widgets' defines a profile of the XML Signature Syntax and Processing 1.1 specification to allow a widget package to be digitally signed. Widget authors and distributors can digitally sign widgets as a mechanism to ensure continuity of authorship and distributorship. Prior to instantiation, a user agent can use the digital signature to verify the integrity of the widget package and to confirm the signing key(s). The document also specifies conformance requirements on both widget packages and user agents.

A 'widget package' is a ZIP archive that conforms to the Widgets Packaging specification. The root of the widget package is the top-most path level of the widget package that can logically contain one or more file entries, as defined in the Widgets Packaging specification. A file entry is the data held by a local file header, file data, and (optional) data descriptor, as defined in the ZIP specification, for each physical file contained in a ZIP archive. A file name is the name of a file contained in a widget package (derived from the file name field of a local file header of a file entry), as defined in the Widgets Packaging specification, where all file names MUST be treated as case-sensitive. In other words, case matters in file name comparisons... A digitally signed widget package is a widget package that contains one or more signature files... An unsigned widget package is a widget package that does not contain any signature files...

A widget package can be signed by the author of the widget producing an XML-DSIG signature that cryptographically includes all of the file entries other than signature files. A widget package can also be signed by one or more distributors of the widget, producing XML-DSIG signatures that each cryptographically includes all of the non-signature file entries as well as any author signature..."

See also: the W3C Web Applications (WebApps) Working Group

Talend 4.0 Integrates Data Management
Charles Babcock, InformationWeek

"Talend has now integrated its three major data integration products into Talend version 4.0. The combination represents the first attempt to supply integrated data integration, data cleansing, and master data management in one open source product.

Talend springs out of a French-based open source code project that has become a leading supplier of adapters and connectors that tie applications to databases, other data sources and other applications. In late January 2010, it introduced a general purpose, open source master data management product based on the acquisition of a proprietary supplier, Amalto. Master data management acts as an arbiter of various data sets, insuring consistency and "one version of the truth" when data conflicts arise..."

According to the announcement: "Talend 4.0 delivers improvements in resource optimization and utilization, and project consistency. Key features include: (1) Single development studio based on Eclipse, that provides users with consistent ergonomics, fast learning curve and a high-level of reusability. (2) A common metadata repository, that promotes sharing of vital information assets including user data, application metadata, business models, business rules, transformation and validation rules, connectors, data validation and workflows. Cross project data lineage and impact analysis is also available throughout the repository. (3) Unified deployment environment, that includes a distributed and high availability execution paradigm, single monitoring console and real-time execution reporting...

Talend is a recognized market leader in open source data integration, leveraging the open source model to make data integration available to all types of organizations, regardless of their size, level of expertise or budgetary constraints. Talend's solutions connect to all source and target systems and they can be downloaded at no cost. Talend also offers data quality solutions, fully complementary to its data integration solutions... Data integration is the process of moving and combining data across the information system. It typically consists of extracting data from different sources (databases, files, applications, Web Services, emails, etc.), applying transformations (join, lookup, deduplication, calculation, etc.) to this data and sending the resulting data to target systems..."

See also: the Talend announcement

NaviSite Cloud-Based Managed Infrastructure, Applications, and Messaging
Staff, NaviSite Announcement

NaviSite, a premier provider of complex hosting, application managements and managed cloud services for enterprises, has announced the availability of cloud-based managed infrastructure, applications, and messaging services for enterprise customers in North America. NaviSite's cloud-based services are offered with guaranteed infrastructure and application SLAs, predictable usage-based pricing and are delivered on the enterprise-class, highly available, scalable and secure application-focused NaviCloud platform.

With more than 300 business applications experts on staff that understand the complexities of managing and running business applications, NaviSite becomes a trusted partner and transparent extension to enterprise IT organizations, mitigating their risk as they move both their infrastructure and applications to a cloud environment...

The initial set of NaviSite cloud-based services includes: (1) NaviCloud Managed Infrastructure Services, designed to deliver secure on-demand infrastructure for complex IT environments with enterprise-class performance for web hosting, server management, storage, database, network and security management, and disaster recovery; (2) NaviCloud Managed Application Services to mitigate risk and ensures optimal performance as enterprises move their business-critical applications to cloud computing environments; (3) NaviCloud Managed Messaging Services: hosted Microsoft Exchange and SharePoint, Lotus Domino, and Notes mobile messaging, and email archiving services that integrate messaging environments to deliver anytime, anywhere access to email, contacts, and calendars, and protects from virus and spam...


XML Daily Newslink and Cover Pages sponsored by:

IBM Corporation
ISIS Papyrus
Microsoft Corporation
Oracle Corporation

XML Daily Newslink:
Newsletter Archive:
Newsletter subscribe:
Newsletter unsubscribe:
Newsletter help:
Cover Pages:

Hosted By
OASIS - Organization for the Advancement of Structured Information Standards

Sponsored By

IBM Corporation
ISIS Papyrus
Microsoft Corporation
Oracle Corporation


XML Daily Newslink
Receive daily news updates from Managing Editor, Robin Cover.

 Newsletter Subscription
 Newsletter Archives
Globe Image

Document URI:  —  Legal stuff
Robin Cover, Editor: