This issue of XML Daily Newslink is sponsored by:
Microsoft Corporation http://www.microsoft.com
- W3C Last Call Working Draft: CSS Backgrounds and Borders Module Level 3
- Internet Architecture Board Issues Call for Comments on Encodings for IDNs
- European Union Project on Economic Effects of Open Government Data
- Express Social Objects in Atom Format: The Activity Streams Standard
- Revised Version of The OAuth 2.0 Protocol
- Microsoft Launches Expression Studio 4
W3C Last Call Working Draft: CSS Backgrounds and Borders Module Level 3
Bert Bos, Elika Etemad, Brad Kemper (eds), W3C Technical Report
Members of the W3C Cascading Style Sheets (CSS) Working Group have published a Last Call Working Draft for "CSS Backgrounds and Borders Module Level 3." When markup elements are rendered according to the CSS box model, each element is either not displayed at all, or formatted as one or more rectangular boxes. Each box has a rectangular content area, a band of padding around the content, a border around the padding, and a margin outside the border. The margin may actually be negative, but margins have no influence on the background and border.
This specification describes styles for borders and backgrounds. It includes and extends the functionality of CSS level 2 by adding such features as: borders consisting of images, boxes with multiple backgrounds, boxes with rounded corners, and boxes with shadows. The properties of this module deal with the decoration of the border area and with the background of the content, padding and border areas. Additionally the box may be given a "drop-shadow" effect with the 'box-shadow' property. If an element is broken into multiple boxes, 'box-decoration-break' defines how the borders and background are divided over the various boxes. An element can result in more than one box if it is broken at the end of a line, at the end of a column or at the end of a page; and continued in the next line, column or page. The relative stacking order of backgrounds, borders, and shadows is specified in this module. Appendix E defines how these layers interact with other rendered content...
The following features are at-risk and may be dropped at the end of the Candidate Recommendation (CR) period if there has not been enough interest from implementers: 'box-decoration-break' and 'box-shadow'. The CSS WG maintains an issues list for this module. A test suite for CSS Backgrounds and Borders Level 3 will be developed during the Candidate Recommendation phase... All persons are encouraged to review this document and send comments to the W3C public www-style mailing list.
The deadline for comments is 6-July-2010. If there is a conflict between CSS Backgrounds and Borders Level 3 and CSS 2.1, please report it to the CSS Working Group. Since these specifications are intended to be consistent with each other, conflicts indicate an error in one or both specifications. Changes since the last Candidate Recommendation are listed in the document's 'Changes' section.
Internet Architecture Board Issues Call for Comments on Encodings for IDNs
Olaf Kolkman, IAB Chair Announcement
On June 14, 2010, the Internet Architecture Board (IAB) announced a Call for Comments in connection with the Internet Draft "IAB Thoughts on Encodings for Internationalized Domain Names." The IAB intends to submit this document for publication and welcomes public comment through June 22, 2010.
This document explores issues with Internationalized Domain Names (IDNs) that result from the use of various encoding schemes such as UTF-8 and the ASCII-Compatible Encoding produced by the Punycode algorithm. It focuses on the importance of agreeing on a canonical format and how complicated it ends up being as a result of using different encodings today... A domain name consists of a set of labels, conventionally written separated with dots. An Internationalized Domain Name (IDN) is a domain name that contains one or more labels that, in turn, contain one or more non-ASCII characters. Just as with plain ASCII domain names, each IDN label must be encoded using some mechanism before it can be transmitted in network packets, stored in memory, stored on disk, etc. These encodings need to be reversible, but they need not store domain names the same way humans conventionally write them on paper. IDNA is the standard that defines the use and coding of internationalized domain names for use on the public Internet. It is described as 'Internationalizing Domain Names in Applications (IDNA)' and is defined in several specifications... The goal of this document is to explore what can be learned from some current difficulties in implementing Internationalized Domain Names (IDNs).
The Internet Architecture Board (IAB) is "chartered both as a committee of the Internet Engineering Task Force (IETF) and as an advisory body of the Internet Society (ISOC). Its responsibilities include architectural oversight of IETF activities, Internet Standards Process oversight and appeal, and the appointment of the RFC Editor. The IAB is also responsible for the management of the IETF protocol parameter registries."
Note in this connection that a new IETF working group has been formed in the Applications Area: Preparation and Comparison of Internationalized Strings (PRECIS). The use of non-ASCII strings in Internet protocols requires additional processing to be handled properly. A "stringprep" method (RFC 3454) defines the overall framework whereas specific protocols define their own profiles, and at least seven IETF profiles are known to exist... The goal of this working group is to assess whether a new method based on the new IDNA2008 algorithmic approach is the appropriate path forward for existing stringprep protocols as well as for other application protocols requiring internationalized strings. The group will evaluate if a new generalized framework based on the algorithmic approach is appropriate and, if so, define it..."
European Union Project on Economic Effects of Open Government Data
Andy Oram, O'Reilly Radar
"Earlier this week I talked to writer and open source advocate Marco Fioretti, who has just announced the start of a study on open data for the European Union... Fioretti held a seminar about open and prorietary formats at Pisa's Sant'Anna School of Advanced Studies, a major European college in the field of economics. Several problems impelled Fioretti to propose this study: (1) Government claims are hard to verify: how can the public determine whether costs are reasonable? (2) Lots of value is hidden away in government data. When data is released without fees or restrictions on use, businesses tend to spring up to exploit that data; maps are one obvious example. (4) One can't really anticipate how much economic value one will create by releasing data.... (5) Data that is not open is silo'd; for instance, two adjoining geographic regions may have map data, but no one can calculate geographic information spanning the two regions...
Releasing data that was collected for public use with public taxes is an appealing goal, but it faces innumerable hurdles. First, governments usually contract out both data collection and data analysis to private firms. Right away we're faced with the challenges of incompatible, proprietary, and even arbitrary formats, along with the firm's understandable preference to keep data to itself.
So government contracts must be very specific about the delivery of data that it commissions—and not just the data, but the formulas and software used to calculate results. For instance, if a spreadsheet was used in calculating the cost of a project, the government should release the spreadsheet data and formulas to the public in an open format so that experts can check the calculations.
On top of these barriers lie the usual difficulties of inconsistently recorded data, missing metadata such as dates and times, etc. Fioretti hopes to shine a bit more light through all this smoke, finding out what data is being released right now and how businesses are using it. He's concentrating on local governments, first because of their importance, and second because the data will be more consistent that way..."
See also: Open Data, Open Society
Express Social Objects in Atom Format: The Activity Streams Standard
Ben Werdmuller, IBM developerWorks
"On the web, feeds are machine-readable summaries of content, usually arranged in reverse chronological order. Most feeds have traditionally been used to syndicate blog content in the popular RSS or Atom XML-based formats. Once published by a site, the content can be read through user-friendly aggregators, or transformed and interpreted by networked software products... Syndicated feeds have been consumed in this way since 1999. However, in recent years, web users have also been consuming content in a more social way, through sites like Facebook, MySpace, and Twitter...
An activity stream (also sometimes called a lifestream) is the collection of all the activities a person undertakes on a particular site. As web users rely more and more on activity streams for information consumption, it makes sense to be able to syndicate and subscribe to activity stream data. But since RSS and Atom don't support social metadata, a new format is needed to syndicate social activity...
Activity Streams emerged from the DiSo Project, an open source effort to build a decentralized social web using plug-ins developed for the WordPress blogging platform as a starting point. In the DiSo model, each user's profile is a separate WordPress blog that can be hosted on any Internet-connected infrastructure. Social actions then occur across the Internet among these WordPress sites.
XML is the perfect technology for implementing this approach, because it is cross-platform, easy to publish and parse, and doesn't require any specialist technology. The DiSo Project went one step further and conceived of the Activity Streams standard as an extension of the Atom feed format... In March 2009, MySpace became the first major social media provider to publish feeds in the Activity Streams format. Since then, many more have followed, including Facebook, Hulu, TypePad, and Opera. But the scope for Activity Streams isn't limited to sites like Facebook. Intranets, for example, can be greatly enhanced by knowledge of social activity within a company, or between companies..."
See also: the Activity Streams web site
Revised Version of The OAuth 2.0 Protocol
Eran Hammer-Lahav, David Recordon, Dick Hardt (eds), IETF Internet Draft
Members of the IETF Open Authentication Protocol (OAuth) Working Group have released an updated level -08 version of The OAuth 2.0 Protocol. Appendix D ('Document History') summarizes the principal changes in this revision of the specification: renamed verification code to authorization code; revised terminology, structured section, added new terms; changed flows to profiles and moved to introduction; added support for access token rescoping; cleaned up client credentials section; new introduction overview; added error code for invalid username and password, and renamed error code to be more consistent; added access grant type parameter to token endpoint. Revision -07 was major rewrite of entire document structure (removed the device profile, added verification code support to user-agent flow, removed multiple formats support, leaving JSON as the only format).
From the Introduction: "With the increasing use of distributed web services and cloud computing, third-party applications require access to server-hosted resources. These resources are usually protected and require authentication using the resource owner's credentials (typically a username and password). In the traditional client-server authentication model, a client accessing a protected resource on a server presents the resource owner's credentials in order to authenticate and gain access... OAuth introduces a third role to the traditional client-server authentication model: the resource owner. In OAuth, the client (which is usually not the resource owner, but is acting on its behalf) requests access to resources controlled by the resource owner and hosted by the resource server.
In addition to removing the need for resource owners to share their credentials, resource owners should also have the ability to restrict access to a limited subset of the resources they control, to limit access duration, or to limit access to the methods supported by these resources. Instead of using the resource owner's credentials to access protected resources, clients obtain an access token (which denotes a specific scope, duration, and other attributes). Tokens are issued to third-party client by an authorization server with the approval of the resource owner. The client uses the access token to access the protected resources.
For example, a web user (resource owner) can grant a printing service (client) access to her protected photos stored at a photo sharing service (resource server), without sharing her username and password with the printing service. Instead, she authenticates directly with the photo sharing service (authorization server) which issues the printing service delegation-specific credentials (token)... This specification defines the use of OAuth over HTTP per IETF RFC 2616 (or HTTP over TLS as defined by RFC 2818). Other specifications may extend it for use with other transport protocols..."
Microsoft Launches Expression Studio 4
Michael Desmond, Application Development Trends
"Microsoft at the Internet Week Conference in New York City announced the official release of Microsoft Expression Studio 4, the latest version of the company's Web design and rich user interface (UI) development tool. Targeted at digital designers and at Visual Studio developers designing rich application UIs, Expression Studio 4 adds more robust visual tools that eliminate the need to work with Extensible Markup Language (XAML) code and provide enhanced SketchFlow functionality for enabling interactive, prototype applications.
The Expression Studio 4 suite consists of four modules. Expression Blend is a visual UI builder for XAML-based WPF and Silverlight apps, and includes the SketchFlow app prototyping module. Expression Web is a site designer and HTML editor, while Expression Design is a graphics design application. Expression Encoder is a digital video encoding application. Of these, Expression Blend 4 is of greatest interest to Visual Studio developers, enabling them to manipulate working XAML code using rich, visual interfaces..."
From the announcement: "New features and functionality found within Expression Studio 4 enable the following: (1) Seamless flow between design and development. Expression Studio 4 Ultimate, which includes Blend and SketchFlow, allows the quick translation from ideas to rich, digital prototypes and simplifies the creation of applications for Silverlight and for mobile devices, such as Windows Phone 7. (2) Streamlined website creation. Its sophisticated toolset makes it easier than ever to build and deploy websites. Advanced visual diagnostics also speed browser compatibility testing. (3) Simplified video publishing. Encode a wide variety of video file formats, such as VC-1 and H.264, to make simple edits and enhance your media for distribution through players built with technologies such as Silverlight.
Expression Studio 4 complements creative tools already in use by design and development teams with high-quality import capabilities, ensuring that the best static design assets can be used in interactive design. It also provides fast, flexible workflow with Microsoft Expression Blend, Visual Studio and the Microsoft .NET Framework..."
See also: the Microsoft announcement
XML Daily Newslink and Cover Pages sponsored by:
XML Daily Newslink: http://xml.coverpages.org/newsletter.html
Newsletter Archive: http://xml.coverpages.org/newsletterArchive.html
Newsletter subscribe: firstname.lastname@example.org
Newsletter unsubscribe: email@example.com
Newsletter help: firstname.lastname@example.org
Cover Pages: http://xml.coverpages.org/