This issue of XML Daily Newslink is sponsored by:
Microsoft Corporation http://www.microsoft.com
- IETF Approved RFC: Sharing Transaction Fraud Data
- Ecma ProxZzzy Standard Supports Energy Saving While Maintaining Presence
- New Support for W3C Unicorn Project Targets a Production Service
- Microsoft Releases IE 9 Preview 2
- Scribd Social Publishing Site Dumps Flash in Favor of HTML5
- WiMax Service from Clearwire and Sprint Coming to 19 New Cities This Year
IETF Approved RFC: Sharing Transaction Fraud Data
David M'Raihi, Sharon Boeyen, Michael Grandcolas (et al), IETF RFC
The Internet Engineering Steering Group (IESG) has announced approval of the specification Sharing Transaction Fraud Data as an IETF Informational RFC. This document describes a data-format and protocol for defining and exchanging Transaction Fraud (Thraud) Report data. It profiles the IODEF incident reporting format and uses IODEF's extensibility mechanism for transaction fraud specific data definitions. The schema defined in the specification extends the IODEF XML incident reporting schema; document 'Appendix A' presents the Thraud Record XML Schema.
Background: "Financial organizations and merchants that offer online access to their services frequently encounter fraud perpetrated against their customers' accounts. In their attempts to combat these frauds, the organizations and their law enforcement agencies could benefit greatly by sharing intelligence about fraud incidents and patterns with similar organizations and agencies. This specification standardizes a document format by which they can share such information. It is intended to facilitate multi-vendor interoperability between conformant components of an open fraud reporting framework. Information sharing can take place directly between financial organizations and merchants. However, the power of shared intelligence is multiplied many times if the information is gathered from multiple sources by a shared network, consolidated and redistributed to participants.
In this arrangement, incident reports submitted to the network are called inbound reports, and reports issued by the network are called outbound reports. Inbound reports will be submitted using a push-style protocol (such as email or SOAP). And outbound reports will either be distributed using a push-style protocol or a request/response protocol (such as HTTP). Inbound reports identify the contributor of the report, as this information is essential in evaluating the quality of the information it contains and in contacting the source for the purpose of clarification. But, outbound reports commonly do not identify the original sources, as those sources may not wish to be identified to other subscribers. Such reports should, instead, identify the consolidator as the source... A report may describe a particular transaction that is known to be, or believed to be, fraudulent, or it may describe a pattern of behavior that is believed to be indicative of fraud. The former type of report is called an 'activity report' and the latter a 'signature report'.
Although there are no existing implementations that we are aware of, Entrust has stated plans to support this in their Open Fraud Intelligence Network (OFIN). Roman Danyliew (one of the authors of the IODEF specification, upon which this document is based) provided a thorough review of this document. His comments and questions resulted in significant clarifications as well as technical improvements to this document. At this time, the document has addressed all issues raised by all reviewers, to their satisfaction... This document, and all previous versions, were developed within the Initiative for Open Authentication (OATH) Technical Committee and was extensively reviewed by its members. In addition, the document has also been reviwed by the co-authors of 'The Incident Object Description Exchange Format' specification (draft-ietf-inch-iodef-14.txt), recently accepted for RFC publication. This Thraud draft is a profile of the IODEF specification. In addition, this specification has also been reviewed by members of an FSTC project that is working on the same issue from the perspective of the banking and financial servicies industry..."
Ecma ProxZzzy Standard Supports Energy Saving While Maintaining Presence
Staff, Ecma International Announcement
Ecma International has published the ProxZzzy Standard (proxZZZy for Sleeping Hosts) for network connected sleep states. ECMA-393 in Information and Communications Technology (ICT) is available on the Ecma public website for unrestricted download. The Standard specifies responses to traffic so sleeping PC or ICT devices maintain network presence.
The ProxZzzy standard addresses a fundamental problem with today's PCs: when they go to sleep, they 'fall off' the network. This is a reason that many PCs are left on continuously, both in homes and offices. It is estimated that most computing energy consumption in the U.S. occurs when no one is present. The energy savings potential of a ProxZzzy enabled device is measured in billions of dollars per year for PCs, and grows even larger when application to game consoles, printers, set-top boxes and other digital devices is considered...
As a result of implementing ProxZzzy functionality in PCs going forward, PCs should always be immediately available for use, but asleep whenever possible. Today's PCs do wake up quickly in response to ordinary user input, but are not comparably present and available on the network. ProxZzzy-enabled PCs will make sleeping machines just as responsive on the network as they are to users at the keyboard. Access over the network could be from another part of the house or office building, or from anywhere on the Internet. Those who routinely use the sleep state already built-in to their computers will also gain functionality from their computers' continuous network presence..."
From the specification Scope statement: "This Standard specifies maintenance of network connectivity and presence by proxies to extend the sleep duration of hosts. This Standard specifies: (1) Capabilities that a proxy may expose to a host. (2) Information that must be exchanged between a host and a proxy. (3) Proxy behaviour for 802.3 (Ethernet) and 802.11 (WiFi). (4) Required and Option behaviour of a proxy while it is operating, including responding to packets, generating packets, ignoring packets, and waking the host..."
See also: the ECMA-393 specification text
New Support for W3C Unicorn Project Targets a Production Service
Staff, W3C Announcement
W3C announced that community contributions to the W3C Validator Campaign have led to support for the work of Thomas Gambet, who will spend the next year at W3C turning the Unicorn project into a production service. The Unicorn Project aims to provide the big picture about the quality of a Web page by gathering the results of various tools into a single page. Both Unicorn and the W3C's Validators are open source projects. W3C invites developers to participate in these projects or to provide feedback on functionality. The goal of the Unicorn project is to create a universal validator that will be able to validate and check multiple quality aspects of a document through a single Web interface.
Development and maintenance of the Unicorn is done under the auspices of W3C's QA-dev Tools development effort. Current projects under QA-dev Tools include maintenance and development of the W3C Markup Validator, W3C CSS Validator, and W3C Link Checker; development of the Log Validator, maintenance of the RDF Validation service, and aintenance of an instance of the Feed Validation Service. Original development phase of Unicorn was performed in 2006 by W3C interns Damien Leroy and Jean-Guilhem Rouel, with help and supervision from Bert Bos, Karl Dubost, Dominique Hazael-Massieux, Yves Lafon, and Olivier Thereaux.
Unicorn Architecture Overview: "The basic mechanism of Unicorn is thus: after receiving a request from a user (via The Unicorn User Interface), the Unicorn Framework creates and sends a sequence of observation requests to a number of observers. The observers (validators, checkers, anything...) perform, and then report their observations (a list of errors, warnings or information) back to the framework in their observation response. The framework gathers and processes all observation responses, and displays the final result for user consumption...
Unicorn uses a number of specific document formats. They are all documented, with examples. E.g., The Unicorn Contract Specification describes a contract between the framework and one observer is composed of two files located on observer side (observer.wadl, observer.rdf)... The application element is the root of the WADL file and contains an optional grammars element acts as a container for definitions of any XML structures exchanged during the execution of the protocol described by the WADL document, where such definitions may be included inline or by reference, and an optional resources element that acts as a container for the resources. Child resource element describes a single resource provided by the application. Details are provided in the Unicorn Requirements, the use cases and Implementation Questions documents, prepared during the original development of the tool..."
See also: the Unicorn Project Documentation
Brice Mason, IBM developerWorks
Ext JS has a history of confusion among developers that its licensing is closed and expensive. Ext JS is a for-profit company and certainly supports different models based on the intended use: open source, commercial, and OEM. However, the framework has remained open source and continues to benefit from a large group of community supporters who contribute user extensions and donate their time as forum moderators. Ext Core continues this line of openness by being distributed under the permissive and easily understood Massachusetts Institute of Technology (MIT) license...
With all the great improvements to Ext JS, there is still a missing piece. There has never been an easy way to create custom themes in Ext JS, and this continues to be a disappointment. Although the CSS framework has been broken up into structural and visual bits, it does not address the need for a way to create the images used in the visual rendering of Ext JS components. Creating a theme for Ext JS 3.0 is more straightforward than in previous versions, but because components are image-heavy, it leaves the solution half-done..."
Microsoft Releases IE 9 Preview 2
Kurt Mackie, Application Development Trends
"Microsoft on has released the second platform preview of Internet Explorer 9 to gather further input from Web developers and testers. Version 2 of the browser preview, which works only on Windows Vista- and Windows 7-based machines, can be downloaded from Microsoft's test site. Like its predecessor, this prototype lacks the basic features of a browser, such as an information bar. It also lacks basic security protections for Web browsing built into Internet Explorer 8.
Users can install IE 9 platform preview alongside Internet Explore 8 without conflict, according to Microsoft's announcement on its IE Blog. The installation will overwrite the first version of the preview. Microsoft announced the first version of the preview back in March 2010 at its MIX 10 Web developer event. At that time, the company announced plans to release updates to the preview about every eight weeks...
Platform preview No. 2 also includes some customer-requested features. One of those features is CSS3 Media Query support, which allows the browser to rapidly change display attributes, such as the display's width and height, adapting to the different screen sizes of desktop PCs, netbooks and mobile devices. Another requested feature added to the new IE 9 platform preview is DOMContentLoaded, which makes content available to users after the page parses, rather than waiting for everything to load. The point is illustrated in a Microsoft Channel 9 video by Tony Ross, a program manager for Internet Explorer. Microsoft's best-practices advice to developers, according to Ross, is to test for Worldwide Web Consortium (W3C) HTML 5 standards support and features support first, and include fallback measures when those standards and features aren't supported by the browser... Microsoft has been submitting test cases to W3C committees to ferret out different interpretations of the still- evolving HTML 5 spec. The spec still awaits ratification as a standard, which may not happen for 10 years, according to a Forrester Research report..."
As reported in the MSIE Blog "HTML5 and Same Markup: Second IE9 Platform Preview Available for Developers" (Dean Hachamovitch): "Same Markup Web browsers should render the same markup—the same HTML, same CSS, and same script—the same way. That's simply not the case today. Enabling the same markup to work the same across different browsers is as crucial for HTML5's success as performance. While some people associate this same markup situation with IE6, it actually applies across browsers in general. Developers typically have to write different markup to get the same desired outcome, even across the latest versions of Firefox, Chrome, and Safari browsers... We're engaged with the standards working groups and other browser vendors as part of the web community with Same Markup as a key goal. Same markup is the real-world benefit of standards for developers, and through them, the rest of the web... Enabling an interoperable web so developers can create amazing HTML5 applications is at the core of what 'same markup' means. Our investments in standards and interoperability are all about enabling the same markup to just work. When developers spend less time re-writing their sites to work across browsers they have more time to create amazing experiences on the web. Today, we're submitting 88 new tests to the W3C bringing our total to 192 tests submitted during IE9. Our focus leading the HTML5 Working Group's testing task force is on thorough, professional-grade tests that enable developers..."
See also: Stephen Shankland's CNET News.com blog
Scribd Social Publishing Site Dumps Flash in Favor of HTML5
Paul Krill, InfoWorld
Social publishing site Scribd is making a big bet on HTML5 by joining Apple, Google, and Microsoft in promoting the HTML5 pec, leaving behind a three-year commitment to Flash...
The site, which features content from such publishers as Simon & Schuster and the Chicago Tribune, will have more than 200,000 pages of HTML5-based content live [soon] the company said. Plans call for converting tens of millions of documents representing billions of Web pages...
HTML5 is an upgrade to the HTML specification featuring multimedia capabilities. It has been gaining rapid momentum lately, with support from players such as Apple, Google, and Microsoft. Scribd will get rid of Flash entirely and convert all documents to native HTML5 Web pages, allowing any document to become a Web page, the company said...
Scribd's transition to HTML5 allows readers to download electronic versions of books and read them in their browser as opposed to downloading through Amazon's Kindle application, Scribd said. The company also is integrating with Google Docs, meaning any document in any format can be converted to HTML5 in coming months. Document types that could be converted include Google Docs, Microsoft Office, Adobe PDF, and ePub. Scribd's plans call for supporting HTML5 video at some point. HTML5 also will enable use of browser-based search engines for searching Scribd content..."
See also: the blog article
WiMax Service from Clearwire and Sprint Coming to 19 New Cities This Year
Stephen Lawson, InfoWorld
"Clearwire's WiMax mobile broadband will come to 19 more markets across the U.S. this summer, with Sprint Nextel reselling the service in all those areas and with Comcast and Time Warner Cable coming on board in some of them. Clearwire already offers WiMax in 32 markets, covering 41 million people, and plans to reach all major markets and 120 million potential customers by 2011. It sells the service, advertised as delivering 3Mbps to 6Mbps in homes and offices, as well as outdoors, under the brand Clear. Sprint, the majority owner of Clearwire, resells it under the Sprint 4G brand, and several cable companies also have begun to resell the service.
Before the end of summer, WiMax will go on sale by Clearwire, Sprint, and Comcast in 15 new markets: Jacksonville and Daytona, Fla.; Kansas City, Kan.; Nashville, Tenn.; St. Louis; Salt Lake City; Merced, Modesto, Stockton, and Visalia, Calif.; Wilmington, Del.; Grand Rapids, Mich.; Eugene, Ore.; and Yakima, Kennewick, Pasco, and Richland, Wash. Comcast brands the service as High-Speed 2go. In Kansas City, Kan., Time Warner Cable will also offer the WiMax service, which it calls Road Runner Mobile. In addition, Time Warner will launch WiMax with Clearwire and Sprint in Rochester and Syracuse, N.Y., by fall..."
According to the Clearwire announcement: "The CLEAR customer experience is similar to that provided by Wi-Fi, but without the short-range limitations of a traditional Internet hotspot. CLEAR uses a wireless 4G technology that differs from Wi-Fi called WiMAX, which provides service across entire metropolitan areas. Furthermore, CLEAR gives users average mobile download speeds of 3 to 6 MBPS with bursts over 10 MBPS..."
See also: the Clearwire announcement
XML Daily Newslink and Cover Pages sponsored by:
XML Daily Newslink: http://xml.coverpages.org/newsletter.html
Newsletter Archive: http://xml.coverpages.org/newsletterArchive.html
Newsletter subscribe: email@example.com
Newsletter unsubscribe: firstname.lastname@example.org
Newsletter help: email@example.com
Cover Pages: http://xml.coverpages.org/