Microsoft has announced a technical preview for the Microsoft Web Services Development Kit (WSDK), which "provides the tools developers need to build advanced Web services applications using the latest Web services specifications, such as WS-Security, WS-Routing and WS-Attachments. The WSDK is a new Microsoft .NET class library for building Web services using the latest Web services protocols, including WS-Security, WS-Routing, DIME and WS-Attachments. The WSDK offers a low-level API that allows you to apply these protocols directly to individual SOAP messages being sent using HTTP. The library also integrates with the higher-level Microsoft ASP.NET Web service APIs (ASMX) included in the Microsoft .NET Framework. The design of the WSDK reflects the principles of the basic message-level protocols themselves, as outlined in the document 'Understanding GXA': Decentralization and federation; Modularity; XML-based data model; Transport neutrality; Application-domain neutrality... The WSDK incorporates Microsoft's recent work with industry customers and partners to develop Web services specifications beyond XML and SOAP, such as WS-Security, that address the core challenges of Web services in a way that is broadly interoperable across heterogeneous systems. The core features included in the technology preview of the Microsoft WSDK include (1) the ability to help secure XML Web services across platforms and trust domains, including digital signing and encryption of SOAP messages that are compliant with the WS-Security specification; (2) the ability to route an XML Web service through intermediaries using the WS-Routing specification; (3) communication between XML Web services can contain attachments that are not serialized into XML."

From 'Programming with the Web Services Development Kit Technology Preview':

"Security is just one of the architectural problems that the basic Web-service stack does not address. There is no standard approach to routing messages, ensuring reliable delivery, coordinating distributed work using compensating transactions or a number of other common problems. Given that these problems are not application-specific, it makes sense to develop common solutions as part of the next generation Web service infrastructure. This is the goal of a collection of Web service architecture protocols written by Microsoft, IBM and others describing ways to implement these features. The WSDK is one implementation of (a subset of) these protocols. The first version of the kit focuses on the basic message-level protocols: WS-Security, WS-Routing (and WS-Referral), and DIME and WS-Attachments. It does not support WS-Inspection, WS-Coordination or WS-Transaction."

"At its heart, the WSDK is an engine for applying advanced Web service protocols to SOAP messages. This entails writing headers to outbound SOAP messages and reading headers from inbound SOAP messages. It may also require transforming the SOAP message body; for instance, encrypting an outbound message's body and decrypting an inbound message's body, as defined by the WS-Security specification. This functionality is encapsulated by two sets of filters: one for outbound messages and one for inbound messages. All messages leaving a process -- request messages from a client or response messages from server -- are processed using the outbound message filters. All messages arriving in a process -- request messages to a server or response messages to a client -- are processed using the inbound message filters."

From the announcement: The supported 'beyond XML and SOAP' specifications "are designed to be modular so developers using Microsoft's WSDK can incorporate a specific specification functionality, on an as-needed basis, into the different levels of their Web services applications. The core features included in the technology preview of the Microsoft WSDK include these:

• Security. Ability to help secure XML Web services across platforms and trust domains, including digital signing and encryption of SOAP messages that are compliant with the WS-Security specification. Jointly introduced by Microsoft, IBM Corp. and VeriSign Inc. in April 2002 and submitted to OASIS in June, WS-Security is one of the first Web services standards to support, integrate and unify multiple security models, mechanisms and technologies, allowing a variety of systems to interoperate in a platform- and language-neutral manner.

• Routing. Ability to route an XML Web service through intermediaries using the WS-Routing specification, which describes how to place message addresses in the SOAP message header and enables SOAP messages to travel serially to multiple destinations along a message path. The route a SOAP message takes to an XML Web service can be transparently delegated among Web servers.

• Attachments. Communication between XML Web services can contain attachments that are not serialized into XML. The WSDK provides the ability to add attachments to SOAP messages following the WS-Attachments specification, jointly submitted with IBM to the IETF in July 2002.

"The Web Services Development Kit (WSDK) provides features to secure XML Web services, route them through more than one destination, and to add attachments to the SOAP messages. Security features include digital signing and encryption of SOAP messages that are compliant with the WS-Security specification. The SOAP router implemented by the WSDK follows the WS-Routing specification. Likewise, the ability to add attachments to SOAP messages follows the WS-Attachments specification. In short, the WSDK allows three major features to be added to distributed applications using XML Web services: (1) Applications can be secured across platforms and trust domains; (2) The route a SOAP message takes to an XML Web service can be transparently delegated among Web servers; (3) Communication between XML Web services can contain attachments that are not serialized into XML." [from the download page]

From 'Understanding GXA': "The Microsoft Global XML Architecture (GXA) is a protocol framework designed to provide a consistent model for building infrastructure-level protocols for Web services and applications. In addition to this underlying protocol framework, GXA defines a family of pluggable infrastructure protocols that provide applications with commonly needed services such as security, reliability, and multi-party agreement. This document describes the basic design principles of GXA and provides a roadmap for understanding how the individual GXA infrastructure-protocols are composed to provide a cohesive platform for Web services and applications..."