Cover Pages Newsletter December 23, 2003

                      Cover Pages Newsletter
                           December 23, 2003

                           Hosted by: OASIS
               Sponsored by: Global eXchange Services,
           ISOGEN International, SAP, and Sun Microsystems

 Featured News Stories
 Selected Articles and Papers
 Selected from the Press
 Cover Pages Sponsors
Featured News Stories

Recently featured news stories from the Cover Pages news at: [Full abstract] [Brief summary] [RSS]

FISD XML Messaging Specification for Real Time Streaming XML-Encoded
Market Data.
SIIA's Financial Information Services Division has released a beta
version of "FISD's XML Messaging Specification: fisdMessage Reference
Guide", together with Appendices and Enumerations. The fisdMessage
specification defines a standards-based protocol for delivering static
XML content like Market Data Definition Language (MDDL) information
between a data provider and consumer. The protocol optimizes updates
using minimum bandwidth.

W3C Publishes First Working Draft for Extensible Stylesheet Language
(XSL) Version 1.1.
W3C has released an initial public working draft for "Extensible
Stylesheet Language (XSL) Version 1.1," together with a companion WD
"Extensible Stylesheet Language (XSL) Version 1.1 Requirements." New
functionality has been added in V1.1 to support change marks, indexes,
multiple flows, and bookmarks. Existing functionality has been
extended for graphics scaling, 'markers' and their retrieval in tables
to support partial sums, and page number referencing.

Selected Articles and Papers
Selections of abstracted and annotated articles/clippings at:

"Web Services and C++." By Peter Lacey (Systinet). In Dr. Dobb's
Journal #355 Volume 28, Issue 12 (December 2003), pages 54-58. While
there's no shortage of information on how to implement web services
using Java, C#, or even Perl, there's little information on how to
bring web services to the C++ world. This article closes the gap by
showing how to develop SOAP services and clients in C++ using the WASP
Server for C++ from Systinet.
"XML 2003 Session Report: Namespace Routing Language." By Uche Ogbuji.
From (December 22, 2003). At the XML 2003 Conference in
Philadelphia James Clark followed a block of sessions on ISO Document
Schema Definition Languages (DSDL) with a presentation on Namespace
Routing Language (NRL), which is a key contribution to DSDL Part 4:
"Selection of validation candidates."
"XML 2003 Conference Diary." By Eric van der Vlist. From
(December 23, 2003). The author of O'Reilly's books on RELAX NG and
W3C XML Schema shares his personal view of December's XML 2003
Conference held in Philadelphia, PA, USA. The conference featured
several presentations on schema languages and revealed a rise in
interest for the Semantic Web, with an increasing number of
presentations showing concrete problems solved by its technologies.
"Editing and Authoring: A Structural Adviser for the XML Document
Authoring." By Boris Chidlovskii (Xerox Research Centre Europe,
France). Pages 203-211 in Proceedings of the 2003 ACM Symposium on
Document Engineering. With 14 references. The author describes a
structural adviser for the XML document authoring. The adviser
intervenes at any step of the authoring process to suggest one tag or
entire tree-like pattern the user is most likely to use next; its
suggestions are based on finding analogies between the currently
edited fragment and sample data being either previously generated
documents in the collection or the history of the current document
"XML and Information Integration: Conceptual Modeling of XML Schemas."
By Bernadette Farias Lóscio, Ana Carolina Salgado, and Luciano do Rêgo
Galvão (Centro de Informática, Universidade Federal de Pernambuco,
Brasil). In Proceedings of the Fifth International Workshop on Web
Information and Data Management (WIDM 2003) (November 7-8, 2003). This
paper presents an extension of the Entity Relationship (ER) model,
called X-Entity, for conceptual modeling of XML schemas. The authors
also present the process of converting a schema, defined in the XML
Schema language, to an X-Entity schema.
"Security Analysis of the SAML Single Sign-on Browser/Artifact
Profile." By Thomas Gross (IBM Zurich Research Laboratory). Paper
presented Thursday, December 11, 2003 at the 19th Annual Computer
Security Applications Conference (December 8-12, 2003, Las Vegas,
Nevada, USA). With 21 references. We are convinced that the SAML
Single Sign-on Browser/Artifact profile is in general a well-written
protocol, and is one of the most carefully designed browser-based
protocols in federated identity management. Nevertheless, several
changes are required to improve its security and prepare for its broad
application in industry.
"An Editor for Adaptive XML-Based Policy Management of IPsec." By Raj
Mohan (Indian Army, India) with Timothy E. Levin and Cynthia E. Irvine
(Naval Postgraduate School, USA). Paper presented at the 19th Annual
Computer Security Applications Conference (December 8-12, 2003, Las
Vegas, Nevada, USA). With 19 references. The KeyNote Policy
Specification language is complicated and could lead to incorrect
specification of the desired policy, thus degrading the security of
the network. We present an alternative XML representation of this
language and a graphical user interface to create and manage a
consistent and correct security policy.
"An Analysis of XML Database Solutions for the Management of MPEG-7
Media Descriptions." By Utz Westermann and Wolfgang Klas (University
of Vienna). In ACM Computing Surveys (CSUR) Volume 35, Issue 4
(December 16, 2003), pages 331 - 373. [ISSN: 0360-0300] For the
management of MPEG-7 media descriptions we see the need for a new
generation of XML database solutions which recognize the central
importance of exploiting the type information contained in schema
definitions for the adequate management of XML documents.
"Butting Heads Over B2B. ebXML Battles Web services Over Which Will
Become the E-Business Platform of Choice." By Paul Desmond. In Network
World (December 22, 2003). Desmond argues that users must choose a
platform for conducting business online -- Web services or the older
but more established electronic business with XML (ebXML).
"Comparing WSDL-based and ebXML based Approaches for B2B Protocol
Specification." By Martin Bernauer, Gerti Kappel, and Gerhard Kramler
(Business Informatics Group Business Informatics Group, Institute of
Software Technology and Interactive Systems, Vienna Universiy of
Technology. Presented at the First International Conference on Service
Oriented Computing (ICSOC 2003), Trento, Italy, 15-18 December 2003.
This paper introduces a conceptual framework for B2B protocols, and
based on this framework, a methodical comparison of the two [WSDL-
based vs ebXML-based] approaches is provided, answering the questions
of what the differences are and whether there are chances to achieve
"Beyond Instant Messaging: Platforms and Standards for These Services
Must Anticipate and Accommodate Future Developments." By John C. Tang
and James "Bo" Begole (Sun Labs). In ACM Queue Volume 1, Number 8
(November 2003), pages 28-37. ACM Queue Special Issue on Instant
Messaging. The recent rise in popularity of IM (instant messaging) has
driven the development of platforms and the emergence of standards to
support IM. In this discussion of 'awareness services' the authors
demonstrate how research prototypes that explore future directions can
be used to guide and inform current efforts to develop an
"Nine IM Accounts and Counting." By Joe Hildebrand (Jabber). In ACM
Queue Volume 1, Number 8 (November 2003), pages 44-50. ACM Queue
Special Issue on Instant Messaging. The key word with instant
messaging today is interoperability, but various standards are in
contention. Unlike e-mail, no common standard exists for IM, so users
feel compelled to maintain multiple accounts -- for example, AOL,
Jabber, Yahoo, and MSN.
"On Helicopters and Submarines." By Marshall T. Rose (Invisible
Worlds). In ACM Queue Volume 1, Number 8 (November 2003), pages 10-13.
Rendezvous protocols are great, and so are data-exchange protocols.
The problem is that if you try to build one protocol to perform two
fundamentally different jobs, you're going to get a protocol that does
neither job well. In other words, SIP and IM are sufficiently
different that trying to do them both in the same protocol is
"Broadcast Messaging: Messaging to the Masses." By Frank Jania (IBM).
In ACM Queue Volume 1, Number 8 (November 2003), pages 38-43. ACM
Queue Special Issue on Instant Messaging. With respect to messaging,
we have an unprecedented number of communication tools that provide
both synchronous and asynchronous access to people: E-mail, message
boards, newsgroups, IRC (Internet relay chat), and IM (instant
messaging) are just a few examples. ICT is a suite of IBM applications
that incorporates broadcast messaging and IM; there are five
applications for broadcast messaging: w3alert, TeamRing, SkillTap,
FreeJam, and PollCast.
"IM: A Conversation with Peter Ford." By Eric Allman and Peter Ford.
In ACM Queue Volume 1, Number 8 (November 2003), pages 18-27. ACM
Queue Special Issue on Instant Messaging. Instant messaging (IM) may
represent our brave new world of communications, just as e-mail did a
few short years ago. Microsoft is moving toward the Session Initiation
Protocol (SIP) as its protocol choice for IM. Providing the Microsoft
perspective on IM is Peter S. Ford, chief architect for MSN Messenger.
"XML for the Rest of Us. Once Eclipsed by Machine-To-Machine
Communications, the Human Factor of XML is Starting to Emerge." By Jon
Udell. In InfoWorld (December 19, 2003). XML is a disruptive
technology that is almost certainly replumbing the IT infrastructure
of that bank. But to those bankers booting up their PCs and sipping
coffee in early morning CRT glow, XML is still probably just plumbing
-- if that.
"To Boldly Go." By Martin Sexton (London Market Systems). In Financial
IT [IncisiveMedia] (October 2003). Since 2000, a number of industry
and proprietary XML standards have emerged, raising concerns that
there were too many XML vocabularies being developed. This has led to
a general misconception that the market is full of competing XML
standards, causing many participants to adopt a wait-and-see approach.
"XML: We Ain't Seen Nothin' Yet." By A. Russell Jones (DevX, Executive
Editor). In XML Zone (December 16, 2003). From interprocess
communications to file systems to operating systems, XML is a magic
elixir that provides new possibilities and solves a host of ailments.
XML's evolution has sparked an explosion of innovation that's touched
nearly every facet of computing, even the most basic computing
building blocks, such as file systems, databases, displays, and
"Q&A: Web Services Security." By Jack Vaughan [and Toufic Boubez]. In
Appliccation Development Trends (December 01, 2003). Toufic Boubez has
a stellar record in Web services, co-authoring UDDI and foundeing
Layer 7 Technologies, which recently released SecureSpan to promote
Web services security and integration policy creation. Vaughan
interviews Boubez on Web services and loosely coupled systems.
"xmltramp and pxdom." By Uche Ogbuji. From (December 17,
2003). In his Python column, Uche Ogbuji covers "xmltramp", a tool for
parsing XML documents into a data structure that's very friendly to
Python, and "pxdom", a highlight-compliant, DOM Level 3
"Lack of Windows 98 Support Could Have Wide Impact: Study." By Jack
Kapica. In The Globe and Mail (December 11, 2003). Many companies are
going to find themselves more vulnerable to viruses and security
attacks on January 16, 2004, the Canadian AssetMetrix Research Labs
says. On that day, Microsoft Corp ceases to offer technical support
and security updates for its five-year-old operating system Windows
"An Open Letter From Jonathan Schwartz." By Jonathan Schwartz
(Executive Vice President, Sun Microsystems). From Sun News, Video,
and Resources. December 17, 2003. Microsoft's recent unilateral
decision to discontinue support for Windows 98 and other products as
of December 23, 2003 offers users a lesson in how a company with
legendary market dominance can lose sight of customer priorities, and
force an unnecessary transition onto a customer base already paralyzed
with viruses and security breaches.
"OpenOffice Makes Government Inroads." By Matthew Broersma. In CNET (December 18, 2003). Two significant government bodies, the
Israel Department of Commerce and the City of Austin, Texas, are
moving toward replacing Microsoft Office installations with the productivity suite. This continues a worldwide trend of
governments attempting to cut costs with open-source software.
"New Storage Management Specification Key to Managing Multi-Vendor
SANs." By Shankar Subramanian. In CNETAsia (December 09 2003). Storage
management will take a major step forward this year when SNIA
completes work on SMI-S, a specification for a standardized interface
for storage management applications. SMI-S specifies a protocol stack
consisting of CIM-XML (object descriptions and management actions)
over HTTP (session), over TCP (transport), over IP (interconnect).,39006407,39160252,00.htm
"DoS Flaw in SOAP DTD Parameter." By Ryan Naraine. From (December 15, 2003). IBM and Microsoft have released
fixes for a potentially serious vulnerability in various Web Services
products that could be exploited to trigger denial-of-service attacks;
the companies said the vulnerability was caused by an error in the XML
"OASIS Members Demo Interoperability." By Dave Kearns. In Network
World (December 17, 2003). The author references the Liberty
Alliance's recent conformance testing results and looks at a more all-
encompassing group of interoperability tests being developed by OASIS
Technical Committees.
"Incremental XML Parsing and Validation in a Text Editor." By Uche
Ogbuji. From (December 15, 2003). At XML 2003 in
Philadelphia, James Clark presented the ideas and implementation
behind his nXML XML editing mode for GNU Emacs. The goal is to provide
the user with as many cues as possible to the user as to well-
formedness and validity without interfering with the basic text
editing, similar to Rick Jelliffe's Topologi XML editor.
"Incremental XML Parsing and Validation in a Text Editor." By James
Clark. Presentation given at XML 2003. A normal XML parser or
validator starts at the beginning of the document and processes the
entire document. This kind of implementation is not useful for an XML
editor since completely reprocessing the document on every edit cannot
scale to large documents. To solve this problem, XML processing must
work incrementally.
"Atom Authentication." By Mark Pilgrim. From (December 17,
2003). Atom is a new standard that uses XML over HTTP to publish and
syndicate web-based content. As a sequel to his article on the Atom
API, Mark Pilgrim discusses Atom authentication using extended HTTP
authentication and the WSSE Username Token.
"Roll Your Own Secret Santa Web Application, Part 1: The Beans. A
Step-By-Step Guide to the Tools, Technology, Design, and
Implementation."  By Merlin Hughes. From IBM DeveloperWorks. December
17, 2003. "Merlin Hughes presents the design and implementation of a
J2EE-based Web application, along with a discussion of the tools and
technologies that can be used to ease the development of such
applications. The 3-part series provides a broad overview of how to
build a J2EE application from the ground up.

Selected from the Press
Selected references for abstracted and annotated industry news at:

"DMTF Announces New Server Management Working Group. Dell, HP, IBM and
Intel Lead Formation of New Effort to Satisfy Customer Server Hardware
Management Requirements."

Selected references from the events calendar at:

Workshop on XML-Based Richly Annotated Corpora.  LREC 2004 Post-
Conference Event.  May 29, 2004.  Lisbon, Portugal.

WWW2004. The Thirteenth International World Wide Web Conference. May
17-22, 2004.  New York Sheraton, New York, NY, USA.

ODRL International Workshop 2004. April 21 - 23, 2004. Vienna
University of Economics and Business Administration, Vienna, Austria.

XML Europe 2004. "Documenting the Future."  April 18 - 21, 2004.
Amsterdam, Netherlands.

The Gilbane Conference on Content Management.  March 24 - 26, 2004.
Los Angeles, CA, USA.

DATAX Workshop 2004.  International Workshop on Database Technologies
for Handling XML information on the Web.  March 14, 2004, Heraklion,
Crete, Greece.

AIIM 2004 Conference. March 8 - 10, 2004. Javits Convention Center,
New York, NY, USA.

Web Services Edge 2004 East International Conference & Expo.  February
24 - 26, 2004.  Hynes Convention Center, Boston, MA, USA.

OMG Workshop on Deploying Service Oriented Architectures.  February
23 - 26, 2004.  San Jose, CA, USA.

SIGS Datacom OOP 2004. "From Technology to Business."  January
19 - 23, 2004. International Congress Center Munich (ICM), Germany.

Third Annual O'Reilly Emerging Technology Conference.  February
9 - 12, 2004. Westin Horton Plaza San Diego, San Diego, CA, USA.

National Information Standards Organization's (NISO) Annual Meeting.
January 9 - 12, 2004.  U.S. Grant Hotel, San Diego, California, USA.

First International Conference on Service Oriented Computing (ICSOC
2003). "The New Computing Paradigm for the Networked World."  December
15 - 18, 2003.  Trento, Italy.

Cover Pages Sponsors
Publication costs for the Cover Pages website and for
this newsletter are underwritten by OASIS Members committed
to providing this OASIS resource freely to the public:
Sun Microsystems, Inc.    URL:
SAP                       URL:
ISOGEN International LLC  URL:
Global eXchange Services  URL:
To unsubscribe from this list send a post to:

Prepared by Robin Cover for The XML Cover Pages archive.