[
Lists Home |
Date Index |
Thread Index
]
One of my favorite topics. :)
I sat on a panel at a Web Services conference back in June, and other
than security the largest number of questions I received were regarding
this issue of "competing camps" for Web Services standards. First off, I
believe it's important to point out that Liberty Alliance and WS-I are
different "animals" than W3C and OASIS - yet the author of the article
treats all 4 as equal (at least at the beginning of the article).
Secondly, in the panel I also pointed out that there are "competing"
standards sometimes even within the same consortium (more on this
later).
On the royalty issue: I recall an instance earlier this year in an OASIS
TC where we incorporated another OASIS standard, but made the usage of
this standard in implementations optional due to royalty issues for the
standard, because we were concerned about the effect on adoption of our
own standard.
On the W3C vs. OASIS issue: I've always had a theory that there is not
as much competition here as folks may believe. To illustrate, here are
the current Web Services-related OASIS TCs (apologizes if I've missed
any):
- UDDI
- WS BPEL
- WS-CAF (Composite Application Framework)
- WSDM (Web Services for Distributed Management)
- WSIA (Web Services for Interactive Applications)
- WSRP (Web Services for Remote Portlets)
- WSRM (Web Services Reliable Messaging)
- WS-Security
Of the above, the only TCs that I believe could potentially be viewed as
"competing" with a W3C specification (at whatever level) are:
- WS BPEL
- WS-CAF
which is 25%. Of these two, is there *really* competition? Thinking in
terms of WSCI (if it were to be adopted by W3C), I don't view WS BPEL as
a direct competitor to WSCI, as WSCI describes the observable behavior
of a Web Service through description of its interfaces (i.e. it's view
is from the point of view of the Web Service itself), while WS BPEL
describes the behavior of a business process based on interactions
between the process and its partners (i.e. it is much more business
process-focused). So WS BPEL is actually at a "higher point" in the
emerging Web Services stack than WSCI.
WS-CAF (a new OASIS TC) is not a full-fledged choreography specification
- it concentrates on the area of transactions (in which case it can
"compete" with GXA's WS-AtomicTransaction and WS-BusinessActivity),
coordination (in which case it can "compete" with GXA's
WS-Coordination), and context. WS-CAF does not compete head-on with
WSCI, as WSCI simply provides a mechanism for a Web Service to assert
that it has transactional capabilities. From an OASIS standpoint, WS
BPEL could potentially defer to WS-CAF for its
transactional/coordination/context capabilities, or to the aforemented
GXA specifications as well.
Furthermore, WS-Security provides a framework that leverages multiple
W3C specifications for security functionality, such as W3C Signature and
W3C Encryption. So this is a case where there is interoperability
between standards, not competition.
On competition within consortiums: There are some OASIS standards that
can be viewed as "competing" with each other; one example is ebXML
Messaging Service and WSRM, as ebMS has some of the reliable messaging
features that the WSRM TC is tackling. Another example is ebXML Registry
and UDDI (for Web Services descriptions).
Finally, some further observations from the article:
- The article references IBM and Microsoft "publishing 20 different
specifications for Web Services". Although not named, this reference is
to GXA. The article states that 2 specifications have been submitted to
standards organizations to date - my understanding that it is only one
so far (WS-Security).
- The article states that WS-Security and Liberty Alliance "tread near
the same turf". This is not so. Liberty Alliance is focused on
mechanisms for federated identity networks and single sign-on, while
WS-Security provides a standard framework for representing security
infomation (such as tokens, signatures, etc.) in a SOAP header. While
both utilize SAML, they do so in different ways. WS-Security can use
SAML tokens, and a document is (I believe) in process within the
WS-Security TC on specifying this mechanism. Liberty Alliance leverages
SAML assertions in its discovery processes.
Kind Regards,
Joe Chiusano
Booz | Allen | Hamilton
Jonathan Robie wrote:
>
> Just saw this article:
>
> The Battle for Web Services
> by Christopher Koch
> CIO Magazine, Oct. 1, 2003
> http://www.cio.com/archive/100103/standards.html
>
> This article suggests that the overlap in Web services standards is going
> to force companies to waste a great deal of money:
>
> > IT'S ALREADY A GIVEN: Your company is going to waste money on Web
> > services.
> >
> > Research company Gartner predicts American business is going to
> > squander $1 billion on misguided Web services projects by
> > 2007. Exactly how much of that will come out of your pocket depends
> > in part on how many confusing, overlapping Web services standards
> > emerge in the next few years.
> >
> > Right now, it looks like there's going to be a lot of them.
>
> It claims that the standardization process has fragmented, basically into
> two camps, and that there is a great deal of duplication and confusion:
>
> > The Web services standards process began to fall apart this year. No
> > fewer than four organizations - Liberty Alliance, Oasis, W3C and
> > WS-I - are vying to preside over the process, each with different
> > goals, each with differing degrees of power and influence.
> >
> > And two opposing camps of vendors have emerged: an uneasy alliance
> > of IBM and Microsoft versus nearly everyone else. Both groups are
> > busy duplicating each other's work.
> >
> > Both are proposing Web services specifications - some proprietary,
> > some not - with unclear patent and licensing implications for
> > CIOs. In an arena as complex as Web services, confusion is not a
> > good thing. But right now, that's the situation.
>
> Is this article accurate? Is there any hope for the situation to improve?
>
> Jonathan
>
> -----------------------------------------------------------------
> The xml-dev list is sponsored by XML.org <http://www.xml.org>, an
> initiative of OASIS <http://www.oasis-open.org>
>
> The list archives are at http://lists.xml.org/archives/xml-dev/
>
> To subscribe or unsubscribe from this list use the subscription
> manager: <http://lists.xml.org/ob/adm.pl>
begin:vcard
n:Chiusano;Joseph
tel;work:(703) 902-6923
x-mozilla-html:FALSE
url:www.bah.com
org:Booz | Allen | Hamilton;IT Digital Strategies Team
adr:;;8283 Greensboro Drive;McLean;VA;22012;
version:2.1
email;internet:chiusano_joseph@bah.com
title:Senior Consultant
fn:Joseph M. Chiusano
end:vcard
|