Standards are crucial in many information technologies, but in no area are they more intertwined and vital than in Web services. Its no stretch to say that without standards, there would be no Web services.
The first phase of Web services followed the launch of XML in 1996. As XML use grew in enterprises, many of them built back-end services and XML-based processes that were clearly Web services in everything but name.
Starting in 2000, the releases of SOAP (Simple Object Access Protocol), UDDI (Universal Description, Discovery and Integration) and WSDL (Web Services Description Language) made it much easier to deliver, find and describe Web services. In so doing, these standards launched Web services as we know them today.
In a typical year, no more than three or four proposed standards reach full-standard level (or recommendations, as the World Wide Web Consortium calls them). So Web services developers can be forgiven if they were a little stunned when four new Web services standards were announced in the last week of January.
In one week, the W3C released three standards as recommendations: XOP (XML-binary Optimized Packaging), MTOM (Message Transformation Optimization Mechanism) and RRSHB (Resource Representation SOAP Header Block). And on the last day of January, the OASIS (Organization for the Advancement of Structured Information Standards) released the specifications for UDDI 3.0.
UDDI 3.0 is the biggest of these releases and will eventually affect every company using Web services. It is the one we recommend every Web developer evaluate and test as soon as possible.
UDDI 3.0 offers increased security and stronger verification, with new support for digital signatures. Using digital signatures, consumers of Web services will be able to verify the integrity of services delivered from a UDDI registry.
UDDI 3.0 makes it possible to create hierarchical registries, so developers can have top-level root registries of affiliated registries from which services can be accepted.
Beyond these standout features, UDDI 3.0 has added everything from improved querying to more flexible key management. The changes will be understandable to Web services developers and those who have worked with UDDI, but they are very detailed. Companies that wish to use these new features will probably need significant rewrites of their Web services.
Of the three recommendations from the W3C, two are tightly integrated and rely on each other. XOP makes it possible to leverage XML Infosets with binary content. We found XOP fairly simple and straightforward to implement—at least for anyone who has already worked with XML Infosets. The recommendation uses standard base-64 encoding and MIME (Multipurpose Internet Mail Extension) types to represent the binary data.
The SOAP MTOM recommendation itself relies heavily on XOP. Using MTOM, it is possible to speed up transmission of complex Web services by using XOP to encode select portions of the message without losing the overall XML Infoset.
RRSHB makes it possible to deliver data about a SOAP message through the header in cases where the message cannot—or should not—be opened. MTOM, XOP and RRSHB are interesting but are less compelling than UDDI 3.0. Most companies can probably wait for them to be implemented in forthcoming Web services tools.