Feeds

W3C, vendors dust down over WS-Choreography?

Or dust up Or dust up Or dust up

  • alert
  • submit to reddit

Top three mobile application threats

ComputerWire: IT Industry Intelligence

A New Year stand-off is brewing, after a leading standards group kicked off its ratifcation procedure for Web services choreography but three major vendors remained aloof from the process,

Gavin Clarke writes

.

The World Wide Web Consortium (W3C) is creating a working group to develop a standard for WS-Choreography, a proposed means to describe the flow of messages exchanged by a Web service in a particular process.

Approximately six specifications are floating around the industry, and the W3C said it hopes to consolidate at least three.

However, the owners of one major specification - Business Process Execution Language for Web services (BPEL4WS) - are keeping mum over which standards body will receive their offering. BPEL4WS is owned by BEA Systems Inc, IBM and Microsoft Corp.

It is feared a failure to integrate different choreography specifications will create different implementations and limit web services uptake. Oracle Corp, helping push W3C's efforts, called this a "worst case scenario".

"All that does is confuse the market place," Oracle vice president of standards strategy and architecture Don Deutsch told ComputerWire.

Licensing of the vendors' intellectual property (IP), used in web services specifications, is believed to be a potential sticking point in this issue.

IP licensing emerged as the web services bogey man in 2002. It is believed vendors who do not license IP under a Royalty Free (RF) mechanism leave the door open to charge royalties at a later date under the Reasonable And Non-Discriminatory (RAND) model.

webMethods Inc and Epicentric Inc caused a stir after they notified the W3C they might have patents that cover technologies being used in Simple Object Access Protocol (SOAP) 1.2. IBM also caused ripples over elements of its technology used in ebXML.

CrossGuard Inc, which is involved in development of eXtensible Rights Management Language (XrML) at the Organization for the Advancement of Structured Information Standards (OASIS), makes a business from charging companies for its digital rights management expertise.

Bethesda, Maryland-based CrossGuard has notified OASIS it believes it has patents that may be infringed by the use of digital rights management language.

The W3C's WS-Choreography working group's proposed charter supports RF and it said BPEL4WS will be considered in its work "if made available to the W3C by its owners." The charter says it will also consider Web Services Architecture and Web Services Choreography Interface (WSCI) co-developed by Sun Microsystems Inc.

IBM's director of dynamic ebusiness technology Karla Norsworthy and a Microsoft spokesperson said no decision had yet been reached about which standards body should receive BPEL4WS. BEA, based in San Jose, California, was unable to respond at time of going to press.

Norsworthy said, though, "we hope to have something early next year." One W3C member, meanwhile, said the organization expects its own working group to be up-and-running in the new year.

However, concerns linger that vendors are "forum shopping" for a standards body with a friendly IP policy. Concerns surfaced after IBM and Microsoft submitted WS-Security, co-developed with VeriSign Inc, to OASIS earlier this year instead of the W3C.

OASIS supports RF and RAND whereas W3C - despite some recent issues - supports RF.

Some W3C members feel IBM and Microsoft took WS-Security to OASIS because of that group's looser IP constraints, having borrowed elements of WS-Security from W3C's own work. WS-Security was published just eight days after one W3C member decided it was time to convert W3C grass roots discussion over security for Simple Object Access Protocol (SOAP) - dating from August 2001 - into a standard.

WS-Security uses XML Digital Signatures and XML Encryption, which were floating around the W3C.

Furthermore, as IBM, Microsoft and VeriSign prepared to go public with WS-Security, one Microsoft W3C representative voiced concern that any public W3C technical discussions would "create IP risks" for members for any related specifications. The Microsoft representative did not respond to ComputerWire's questions.

Norsworthy denied Microsoft and IBM went forum shopping over WS-Security, saying OASIS was a suitable group given its existing work on the related Security Assertion Mark-up Language (SAML).

Redwood Shores, California-based Oracle called IP a "red herring" as vendors instead choose forums on the basis of how much they can control development of a proposed specification. Oracle is a big player behind W3C's WS-Choreography proposed working group.

Deutsch said: "People make decisions for various reasons to do with maintaining control of the specification."

He added, though, W3C is the best place for WS-Choreography because of its use of RF. "If your objective is to anoint your technology then your decision will be to go somewhere else because you won't want a level playing field," Deutsch said.

"We believe in encouraging IBM and Microsoft to do the right thing, and bring BPEL4WS to the W3C table," Deutsch said.

© ComputerWire

Combat fraud and increase customer satisfaction

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Kingston DataTraveler MicroDuo: Turn your phone into a 72GB beast
USB-usiness in the front, micro-USB party in the back
AMD's 'Seattle' 64-bit ARM server chips now sampling, set to launch in late 2014
But they won't appear in SeaMicro Fabric Compute Systems anytime soon
Brit boffins use TARDIS to re-route data flows through time and space
'Traffic Assignment and Retiming Dynamics with Inherent Stability' algo can save ISPs big bucks
Microsoft's Nadella: SQL Server 2014 means we're all about data
Adds new big data tools in quest for 'ambient intelligence'
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.