Web Services, Web 2.0 & SOA - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Web Services, Web 2.0 & SOA


Web Services Specs Meet Open Source



 By: Darryl K. Taft
2005-07-19
Article Rating:starstarstarstarstar / 1


There are 0 user comments on this Web Services, Web 2.0 & SOA story.


Rate This Article:
Poor Best
The outcome of WS-Security licensing talks between Apache and Microsoft and IBM will go a long way toward determining how Web services specs will evolve in the open-source world.

As the Apache Software Foundation, Microsoft Corp. and IBM sort out licensing issues around making the WS-Security specification open-source-friendly, the issue becomes something of a precedent for how Web services specifications will evolve in the open-source world.

Meanwhile, IBM and Microsoft have announced plans to submit three additional Web services specifications to a standards body, and Hewlett-Packard Co. has announced that three Web services specifications it turned over to Apache have now left the incubator stage.

At issue with WS-Security is Apaches intent to implement the specification although WS-Securitys licensing policy, based on policies laid out by the Organization for the Advancement of Structured Information Systems, is incompatible with Apaches own.

In essence, OASIS policies allow for royalty-free specifications, but they have not been adopted specifically for the open-source way of the world. OASIS has three modes of intellectual property rights coverage: a RAND (Reasonable and Non-Discriminatory) mode, an RF (Royalty-Free) on RAND mode and an RF on Limited Terms mode. So while the WS-Security specification is royalty-free, the current policy would require users to go back to the authors of the specification and holders of the license—IBM and Microsoft—to negotiate transfer rights for the technology if they intended to redistribute it.

Open-source advocates call on OASIS to make its patent policies more open-source-friendly. Click here to read more.

Cliff Schmidt, Apaches vice president of legal affairs, said he is looking forward to meeting with Microsoft later this week to discuss ways to overcome the incompatibility.

A resolution could be something as simple as a clause added to the current license, he said.

However, some observers said the WS-Security issue could be a precedent as it is the first of what will likely be several Web services specifications to come up against obstacles regarding open-source implementation, as patent policies that have been in place for standards organizations such as Apache are not necessarily applicable for open-source licensing.

Resource Library:
Apache ran into a similar situation with the Sender ID framework, a Microsoft specification issued through the IETF (Internet Engineering Task Force). The licensing policies around Sender ID were not compatible with Apaches own policies, and the open-source organization decided not to implement Sender ID.

"The same Sender ID kind of issues are showing up in the Web services space," Schmidt said. "This is a bigger issue now. These are the same questions that are likely to come up with every Web services specification. So this is now becoming more important as it finds its way in Web services specifications."

OASIS upgraded its intellectual property rights policies earlier this year to be more flexible.

Click here to read more on how OASIS clarified its intellectual property rights policies.

"We respect Apache for calling attention to this situation and for articulating the needs of open-source developers and the transfer of licenses," said Patrick Gannon, president and CEO of OASIS. "The rapid growth of open-source business models and their distinct licensing requirements pose a challenging problem of adaptability for all standards bodies. Apaches conversation with IBM and Microsoft reveals that a lot more creative work needs to be done to harmonize traditional patent policy frameworks with the new business models to protect all parties from legal risk, while allowing for implementation of standards under the open-source development and licensing models."

Added Gannon: "Fundamental to OASIS is the principle that standards development should be driven by the needs of the marketplace. Its gratifying for us to see Apache, IBM and Microsoft engage in a productive dialogue that hopefully will result in the widest possible adoption of the WS-Security OASIS standard."

Meanwhile, last week IBM and Microsoft announced that they will turn three additional Web services standards over to OASIS—WS-SecureConversation, WS-SecurityPolicy and WS-Trust.

The WS-SecureConversation (Web Services Secure Conversation Language) specification is built on top of the WS-Security and WS-Policy models to provide secure communication between services, the companies said.

The WS-SecurityPolicy is designed to work with the general Web services framework, including WSDL (Web Services Definition Language) service descriptions, UDDI (Universal Description, Discovery and Integration) and SOAP (Simple Object Access Protocol), the companies said.

And WS-Trust (Web Services Trust Language) uses the secure messaging mechanisms of WS-Security for issuing security tokens and credentials in different trust domains.

Meanwhile, in related news, HP announced that it has contributed implementations of three emerging Web services standards—WSRF (Web Services Resource Framework), WSN (Web Services Notification) and WSDM (Web Services Distributed Management) have graduated from incubator projects to official open-source Web services projects at Apache.

In a statement regarding the news, HP said: "Exiting the Apache incubator phase is significant because this was HPs first offering to the Apache Organization, and HP succeeded in ensuring that these became full-fledged Apache projects. This is an important milestone on the path toward industry-wide adoption of standards-based management solutions and the end goal of simplified management of heterogeneous IT environments."

WSRF, formerly known as Apollo, defines a generic and open framework for modeling and accessing "stateful" resources using Web services, the Apache Web site entry on the project said.

WSN, formerly known as Pubscribe, defines a set of specifications that standardize the way Web services can interact using the Notification pattern, which defines a way for consumers to subscribe to a producer for notifications whenever a particular situation occurs, Apache said. It builds upon the WS-ResourceFramework family of specifications.

And WSDM provides a model for managing distributed services.

Check out eWEEK.coms for the latest news, reviews and analysis in Web services.



  Reader Comments: Web Services Specs Meet Open Source
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Web Services, Web 2.0 & SOA Articles          >>> More By Darryl K. Taft
 


x}r㶲s\@♵MQGJɖ<45SHHbL IVrO]'7nBKL&{Ɩ4Fw?Hp4ô'sc }{Τ>w߽ ߛF0Bo92r;sوlnAZ|Yk׷V7`Kk'^3Q&ںa#jCICw:|&޺xr9%9Ioȿ `lDiYܾ̑\yǛȃka)(7F`XӀ7? iP2ZM8X@.@ש#07ۯrxxf-Mf "dh|]ͻzp- @lo Kj(:H)5?&F`Mil&XJp7Q m̗U/d`(AM/g- 5t*\($ɛ!"ˆG9x|!XsI((GNlO|yx>zY]5'dauEUis[fh.ϱ'vs"e~ *WFnZ` QMm{QVc1WPT;.Cpk hS2e8l İ2nб6?σ@uti3c|>9Gm'!|e mx=Z.s3IXn`΀&Hqpy4ڭ-%H_ >< zN==H}m`95$&CMߟs#09w ښA<QБ4|a hp.ppyY?90D>o iL L<ģ\>Ԇ!~9.b&A/tKt=JI ڂ"D%  h4A'EENN@@7w$]KI+\fz"BI*Cvn ˥=*%nqR%a 3ʬ$&vϏ[LboD6], S mo3-muk{T*aiқM݄%Gn]ռ's2H`w?e!1q WQe@s's<4ğN'}ǺdmA 9g߃)兏u5dMjE3ӆԧ$rW"Chj5Xjoc Yu-y^UX! t34TyvwӏϞ3ۀ}Q>T5I5);eڷS \ۊv!39n! hW.Y 2cxRUyRt+[[3R7)\P{`MLE2a==%fQ/0}ԙQĠ3BZSOs\| g:[6[7˦EI8ەi]jk-\<W7Bɶ/²xcP66R(k5Ӳ =2P" Cx Eä 7u(= > XU.*rȄejeVcګY3ld xAq!r?-j(6 3XSq;hzE>uI{Lcg@>`ǟG(a!w1ZJkX$ U)=̔:Y[ ^|@'K |o2tJ.k1sM^^.V꺰']69g&A(|p$'Z>plZ`/R7&Ŀ4wڳJ1SQ_)~D[d"vd\6˰@e9ִ&3v,˹F z4f/Ht]i)e5y(p?CU^fx"jXUclxcC(Jz\R*7+|~~{ ߥ:q@˻SA~M4,}. A_!m^:J[09X>: ;212& z#Cv5  Oʌr9B4By^ Yp-\pRj ͔ߛyx 䂲h3 ]lW 19L_߀S)!(zo|ɲIXё1[DG {@nȵ( 5zfy@Lt@qHGؽL HMҜNyT>RRjELRG cqe@Y@z]-3b_@וBVT+kiyEW‡v1"ር54Mt8&ڳ"ZJ qvsTy9kZ%f+aEL4=:]CP,,< ?~WӅLoɧ37 dZp|]aP;E9Ȳ (3Jnbۤs:n&20061c'Ww}\cpA J'}sWn~-۠|m,Mn1yc%[Ŵw)n<0{L3gF> in`$dmPPÊ Z;k}zGdCRi -OR9L8n7= BRӳ(R+H@ekrฦ[?iJ#ohks7E) Zxh R̚,RBW}X`"Mݸ1uA`n>2N*,E%b ()OUKj{[ 3/0ւBMAh|?tѝxAcEi\hobʧb DuQTn URXUʅ7 \ZE/ha~%36R-ܛ`,@N|KO]T2wI$̸y0ŗ%Kg o@@lXC-B5)7 u -r/鉚ƲR@3?0TiʊZ;T$ujMRԞ'sL؞E(FߏCWeRԣo{{C4}3݀,+(|ݙCadJHT]{ 1i0F\0R=B$Kr]N6[_T ad9CT`|"@)c'd8'l{H ' aV*S7~.RH#+#I q`w0Db*nLgFDssbh^f{q`z o@/I6S.:;Ղ_tMb3axք-$Qԕº}wi ΏHQegˁtv.> ?k;N;QaVvҸ'^@C~:H˖6߷pC-Y2a'A)h]1~̮WVs^ц.g0F@q Ɂ^W6w.ŗtO{k~R\t.R1AJdG1 yyyru8+DEy|ly0amG 'EL9\?8I]+H0 RXz׭5'^ t&֒}UYxr!qa4lS돽5/qĚ_f?!|Fg<A(5@kNF:vZfp5"BtX 1uJ0_RJI"Q6#=)#hY}ڻnr#Klo}AǯNd~v Z-[I7S+d$ c=]Я8݃͟ɢ.VRmZOwq@HE >_9/g`P1IB882 7?xKP .M>Ro4 jGYk.NEm{-~8 cl9GaR)%B~( [4wiaE%eь9rdJ)%SBt+(2L PU7,O$y=%lQ2 (KBh%lbTHGZoOռ6<1ޥ]晿BNmK$cΖ&"ė4 E) -|8ORB[(GH Tդ Zz]UH*?vƇ%b.Ly~@0Hv刜|)}~"U9b{k&bi4W3XTGO{َNHIh8=żɁ`4ӠÁS]s'I1ʚ\Љ/A&r#isWؔЫɡo8Nêݓ>5sTWsg0HOdʎ7^"%w%?|9ySKb*Fbm}x/`1˦Q-91dqSiџO&@0Kw2g@W Ԁ)@)r@,B'&(}'IhTLF'<8~/n!++Iϝ{iଶYM4 T}@gSqkJcuL"Pv?G,3JAvL=Mâ3 n$$6KxT?ɓ%WCޮ8YuW q=SnI:%u`JmUpM>vjjV;.˕RtoNF^ք\BU-!ܒMGã_D σ}xkj[`0AM%n2 !`Xe͢^04= k.MoBDj91j7_z  ? z bsO ~9 \L^f˥7p:)b"obr'M,>&P<+G6fVF k M_L:bIh<[ׅ+7濤(Ryw) ?w] %LvʟלxR+j-F` KX[1X*uixiƫ$"*ELغhp[*mEN aR0gwL@9hVRV2(J)/̃G$=LJFASi nq`NڀJ*emLBX*#~l)[! +,qMu(ݗGڊy5^Ҷ[r mnS0|aNu=ti3{ZR UJU-n $`ȼ ^X< [K]x/fY,+Lg Lx|B\ͧͧͧͧ§^0s}|}:n2Tԃ@>{ ]Y H\jD.ËνKݢm$Tg4kC[d, z !髙g"ɻ;mab0OAV pf0 hwtN`%;ÚP,wr]V@ş-L{;-.븚e)7}M\AW{z/cvGon"IK0D T{mYo9$]k3I")A5[o&d6௺eula}2^%/{*qdyΜ;mV)Mj;1eLLzl~Bif#e։ V(4Ng5skx"([0sO7z= r|py0KǠKt.k;4|R__VUȉG}˼ vMZNܓma4ch{8S[xv1D1H15#3M^lkwT18{7~vPL7ƵVxrڦLv_@ǵX@ iHጸ:[V5V]K5Pl&1`=60߻s{YV^݀96Y lnҤEg+vl"6B<\s˩^Dyj$Z(Lϱ{ sđjۋuN퇩ўb0,9) p ͬG[Vj湐.0$4]slS;W@C"jj|G,%_݄g;>|>U=-Dl5Xn?<3bdȴZ*f63ZM B\d[zJ<1E/gdr(W' #n%JYVmIr .kh>a蕡yG )VZaqb+ZAkb^=ҡO+qܖi C:o ɀ c Drt&7Az$Ǘp O?>|6ڄyi$Y>c r'73 â2K= o~{@r r,Ie%+փފ> sF@Yj$9G P56:iY7CsA.7`оU #O{D"8 xow͢~-)t=a:$.+JAWdu:dS' Z؟0J7 t$rkqCL9 חa(՝ chT`sjDȅd5B&t85{ߟ}n%[ lx Dxpn#bxL1fx 0mݚ36]?H1 3:ȧ^犱1rKT-C@a=Q#3( y/ɣ8E *D "}fA=bAa~L­!~P)awS0Zqn`:>0"(S[]ă04]h38OqW'Ng#j} `\oNի |{#@us,2usx\jJJj$!Ѕ8i,)@"!9͉#$u7úޝ/#~|aP8\  +zjJP&uO"weX &z( —(͊g2qѥ&JZ `xzNRsdhhz?;v@| LBz،Pfr5WWY4uMOםAwIN<m[8Z?N9>>u.WםAqfz1(kym21^ ΓQ9lvNSʙ`Q{¥,% Ew"f?VՑt.1]rRO-7AsV CrYmn\҄!>E/ڧһlIJ/6//2?@_k(\~JmfQ>\P~ s?n.?VieC:CL2~Q?o.A5Ӆw3,n~n~0n@ }v3y2cSF9gQޅnF9e^\f%e@2OK/C\}\e5uaa7ksG ?e>eSn&&~oon2/$)CAy3ϚWpz~;9(/'Rz UK˳C(ϐgg  z2*ϕbόW ~>{'sg+i\WKI0ntEճKL3cn5:vņ^_VD=՞bMxG,E<mc sbžȾ`T %/ܻ Gz‰nQ"/L~0IJi0?xqbUtsn y{s%> |SG0ӚܴOҸ/yd֦WV5lNA6K戧D>Y;yУx߇ oRg=j{$qAzhW_~J'܌Ӄ:X^Ai__6/WmОEA]adz37P !F0 d0<.9Sh ;Ǯ>10ɭүQ.h {vuP3ebHHTTR{5"/@  = G1}QTY)ȅ[V R`"! *s>P`26UJ` Pz!J1 =4cέdK_c wp!E#Уﴶk˘/͛YʋݢȖᄽI֯J!a`f@"b/^{8z5(ū[?4}NF.dЬ!cv[z0ͭS.ӹ)`șG ? 3Δq Ʊ ئGФSwӦB~Sf@g+ՇoTHτ[6#\S²%MkLw60/?՞/67[ncD塪$P#\"96>%20gHO,cV}<σ ྣ(,uy5!2̷4^\#V?Ap[b2 Ajrn`ԃ`wƨ&[c\bvG&]ӧ2 9çOn3 &X(3,>/޺}hd9?k+ɘPfuBlk8sX]񼶫Qg 5?,x`ނ[ϮdL~+TsȘ b0Oty'0Oqdgl0MDkfAl!3&y5q a('Tzgi@ ^Bc I=g9-CcΔ0ՀO' ؠ+.Ġ/>''4WB):3Uh6 ia4!"X_ r9'쭰F |m'\1PSFӹ"}ǚ x >1h'# jf\gHa)_ q+3n7$&b3@ gYlVxNDZZ=v %JvMf*od;BI<ŗ`U\<4TL,sD?>K9!31Q)jkI/?H3軱Wx&%w}YQ v.ycH#eUI;.~i%/]*Kx2Hqp;>~؉|%O' ϻytuF0~ϴ%sYT:>A{gٺ*عiUhHm;:d2֭0kc'p'!MX;:A\W Cw!ys޴soQcBA=٭ 0 p,[ftOG6AF|Joyk;(NaeRb0yMvFc ?dtA!b[p@ lџfѮRLnlPP`Olԙjsw6E}2\DGx kyf#ŧ3+owt-(5x*;nGOeg[(| _a[0~OX+JbA,\n2?>Şi3|@ }( oF865`y+@$4W qSGgwhp#15B\ (cto@ Q1?c]'nFQi#]QaW7n MywT \7o﹨+]ycQ1S?Il}X<ٰ޳sW=?5fl5ƿ;ijm,eL׎aYX&5y3/O 7Ѱ0K{,luEG%RprNCa 0D :h 1>.f@h<˜4W6QĶqy4}qX0#ŸEr ecW.^s {e75wHDR#.s-zk|XKc.n&Ա`=bj8Lse$Q3|JKl 胋yȽgz^4}jsX# *#f"e,Z*bB؉ZqpR.)C795GBiF 5cP.X$-'/B@ εxCG, ?ʋ| —yx Uf}')VS/ρ.ȟ$}E.tqea Vs*k P.Y۹|C*'Uώ7_a}BUFBl4*W7њE:?#KoyI˖V- QwjA0}U\OVīz S%ȕ/0f#xoUAF]Q+j5Nbi~wۊX#iQfrYO Zq+mN~늘P%On6%c(\ɜKRSk$5wXViQm&' #fan؄;.6BJF:6J]^[ P·.,