Web Services Workshop Scribe Notes: 12 April 2001

Go to the complete list of minutes.

Alan Brown reviews slides in reference to Reliable Messaging.

Roger Cutler: how much will EBXML reliable messaging satisfy these requirements
Alan: the document mostly talks about things that are hard to do.
      there is a long list of percieved challenges to getting the security actually done
sankaar: confused by reference to PI calc
  you assert that pica is a way of reasonaing about messaging
  to what extent did pica help you develop xlang?
alan: we focus on typed versions of the calculus
      we'd have to discuss particular calcula.
      was not involved in XLang.
      as i understand they assure things like XLock freeness
 (mitre): "both parties better be aware of failure." why?
alan: you can present an interface where both ends need to do very little when failure occurs
tim: it is a fact that you can't design a protocol where both parties know that they're done
     how do they know 
alan: they do not both know that the other is done.
      the know that there is some circumstance has been terminated wihtout success.
      we use timeout
(mitre): does your assumption take in to consideration asynchronous ? and network partitioning?
alan: does not consider network partitioning.
Uche reviews slides in reference to Invited paper: Supercharging WSDL with RDF.

John Munter (Intel): what's the value propositon of expressing UDDI in RDF?
Uche: if one company wants to maintain a subset of the information from the whole ...
      benifits are purely in terms of commonality of tools and integration with other tools.
Ken West: what is the diff between RDF query and XML query?
Uche: XML query is coming along. it may not be different, but that's probably inefficient
      queries for predicate sub, ob will be much simpler
(SAIC): what if it has no URI?
Uche: you can generate them on the fly.
Tim: the next layer above RDF is DAML which allows you to describe a predicate as unambiguouis and unique.
(SAIC): you can specify any unique idnetifyer ias the uri?
Tim: when two things use the same ID, you get it
     otherwise, you need to use deduction from u, 
Uche: :what would
(SAIC): what if i want to talk about george washington? he doesn't have an id.
Tim: when you publish a document on George Wash, you can provide an ID and others can re-use your ID for GW.
Mathew Fukes: What you are doing is taking info that's already in the document and repeating properties.
              Wouldn't you want to specify a mapping from document schema 
Uche: that's correct, you can do that.
      there doesn't have to be a lot of shoehorning, but i don't see the reason not to use RDF so you can get unifictaion
sankaar: re scalability on the order of rDBs, it seems that the languages to support transitive closures don't scale.
         the simple queries scale, but the power of RDF is shot when you do that.
Uche: if you tried to do the same forward/backword chaining on a rDB, you'd have the same scale of problem.
      I'm just saying it's on the same order.
Noah: I'd like to endorse Matt.
      Conceptually, there's no problem with tweaking documents that work as RDF.
      There's lots of languages to code the transformations
      We want to enfranchise the data into the semantic web.
      Put the engergy into the general approach by providing a bulk solution.
Uche: I did agree with Matt's point.
      However, those tools don't exist.
      I don't think it's a prob to use rdf:ID instead of name.
Philip Halom Baker reviews slides in reference to Verisign's position paperXKMS.

Cutler: in you diagram, XKMS servers protect the transmision between Bob and Alice.
        What protetst the Bob- server
Baker: right now, 501
       in the future, X... and trust axion service
Oracle: how does slide n work with an intermediary?
Baker: this is years on research in 15 mins
       one solution in DNS
       if i'm in verisign, 
       one fedaral gov solution is that each office have a caching XKMS (x509, SPKI) server
Cutler: one PKI function is to verify that a message was not messed with.
        does this mean you have to send the whole message?
Baker: it just deals with public keys.
       there are some processing models where you ship whole documents
scribe: will the servers be deployed at the client sites or the server sites?
Baker: that's up to verisign
       this talk is about an adopted industry standard
       other vendors will be producing product solutions.
       any model you can imaging has probably been implemented.
Scaling Web Services (Mark Nottingham, Akamai)

Mark closed with: are people interested in developing a proxy characterization language?
Dave Winer (Userland): very interested in this technology
Gerald (Boing): we have a number of apps that may become web services so we are interested too.
Joel: Mark asked how would we develop a caching language...
Sankaar: caching works for deployment scenarios
         in instant scenarios, error handling may be more important.
         The role of intermediaries are more like what IBM was talking about.
         Akami is mostly interested in performance
Mark: reliability is more important to our customers than performance
sankaar: one answer: look at work at @@@hora and works and berkely@@@ where intermediary knows where it is in queue
Mark: one of my use cases is where the intermediary is just for reliability
      if there were a standard apporach, we would have to deploy just one kind of ...
Winder: this is not an acedemic issue so much as polticial
        we've talked for years about relationship between content systems and search engines
        we run 20K sites, all dynamic.
        search engines drive our systems to out knees
larry masinter: there are already widely deployed balacning and reliablity services for the web.
        generally, these are done in ignorance of the application, might look at mime-type but that's  it.
        need to make sure that any web service mechanism handles existing services
        look for mapping of existing systems
Mark: depends on the infrastructure you are talking about
      web caching on proxies is not cool because they don't have server security, only client security
      IETF mechanisms are using URI regexps
fuzzy: you want to describe what, now how so it can be optimized in different scnearios
tim: how about generically looking at queries
Anne Manes (Sun): i would never assume you can look in the message body 'cause it could be encrypted.
      build an XML protocol module that
Baker: a lot of web servers provide encrypted data
       how much can you cache this?
Mark: one solution is to have a business relationship with the server
      the proxy becomes your port.
Jamcracker Position Paper (David Orchard, Jamcracker)

reagle: these questions of "what is the order of transforms?" are addressed in XML signature.
winer: why don't you use XML-RPC in the list?
       it's left out of almost every list
       it has lots of developers and support
orchard: when i talk about protocols, i generally do
sankaar: is your UDDI postion that "there are other thing to do that need to be finished to so don't work on it".
      or "UDDI is mature enough to be used for all your needs."
orchard: both. i don't think the W3C should standardize it yet.
      there was work on rDBs before SQL was standardized.
Suresh Damodaran (Sterling Commerce): if you don't standardize when you build something, you may not get a chance to later on.
      better to get the IP on the table.
orchard: clearly it's valid postion. i'm quesitoning the order.
bob sutor (IBM): there is a plan to standardize UDDI outside W3C.
BEA Position paper (Jay Ramnarayan, BEA)

Joel (Intel): it sounds like you're not sure where UDDI is going.
    i'll take it back to UDDI to address this.
(Shwab): what are you saying about the next higher layer and where you want to go from there.
         Shwab would probably not adopt a transactions
Jay: BEA promotes transactions
      based on customer feedback, the next layer should include transactions
(shwawb): i'm not sure that long-term transactions ...
Anne: you need to get away from two-phase commit when dealing with long-term transactions
(shwab): i think they're not stable yet.
Anne: do you say W3C should not focus on high level?
Jay: not saying that at all. just saying ...
Uche: trying to understand long-running transactions.
      heard about intermediaries and non-repudiation
      understand low level.
Jay: there is a need to identify standards right from the implementation phase
      a long running transaction does not necessarily require two-phase commit.
fallside: we will identify W3C topics this afternoon.
      we can use this time to specify long-running transations and their priority
winer: addressing SOAP non-interop, there is a group working on interoperability
      probably about misreadings and misunderstandings.
Jay: i agree, probably just misunderstandings
Web Services Framework (Andrew Layman; IBM & Microsoft)

(Hp): you can't take out the discovery because you want to knwo who is asking what questions
andrew: that's good information
winer: like to point out that there are lots of applications that don't require more than SOAP 1.1
       you are describing a system that my bank might use.
       i want to be able to use SOAP to pass info to a 
andre: the whole should be desigtned as a whole, even if not ever part is used
Suresh Damodaran (Sterling Commerce): other stacks to the right (contract and business process) that you havne't discussed
andres: i wonder what the minimum you can design is
cootton: composibiliyt of W3C work is really important - "that's how we get buy in from the web community"
: traditionally, we think of messaging pattersn as one way or request/reply and choreog as something on top of that.
      it seems you are moving toward thingking of averything as choreg
andrew: in certain protoc, HTTP, you can't get away from req/resp
      i belevie we get a simpler abstract designe if we mode message interaction rather than req/resp atoms
roger: wire stuff is the stuff you really need, process flow and service discription you can get away with manual agreements.
       it appears there's a priorty stack.
andrew: there's a tremenedous amount of feedback between the presented parts
ray: i don't buy that we are talking about a mechanism between services
      i think we're talking about cleint/server
andrew: p2p basis does not prevent client/server
      strapping in p2p after the fact is hard
tim: i got the impression from allan brown that reliabliyt could be looked at as a process flow.
      an earlier speaker sepparated the basic protocol from the error management/recovery, i think we have s simpler model if that's in the base protocol
anderes: yes, we can model these protocols in math.
tim: composability is implicit
andres: yes
simon: you say we can put discover away for later.
andrew: i say you can, Hp says you can't.


Discussion on moving forward, for example:

OASIS Position Paper (Karl Best, OASIS)

(Intel): request to go back to first slide
Global Electronic Market klaus (uncfacc)
UN orgaanization - implies all members have th same status
W3C could be a member. we are discussing it now
"anyone anywyaere to do business with anyone anywhere over the internet"
need to look at world as people as well as techies

[there were no questions]
wrap up session philippe ()

what you say will be taken into acount in the formal review after briefing package

want to structure:
  brainstorming session - what needs to be standardized
    don't bother picking and disagreeing here
  prioritization - limited bandwidth in various organizations
  which orgs should do what

fallsixe: we've seen diagrams with veriaous blocks
      what will those blocks be?
simon: what level granularity do you want us to work at?
fallsize: there are 3 or 4 levels
populace: let;s start with andrew's list
philippe: what specs do you want to see coming in the next few years?
glen: what about scoping issues?
philippe: we'll talk about this in refinement.
anne: CG to do web services
(boing): extend to extra-W3C
geln: service desc
simon: something around registry
Suresh Damodaran (Sterling Commerce): ua apis
Suresh Damodaran (Sterling Commerce): conversations
boiin: security
james: context definitions
:contrat negotiations
simon: identity
:reliable messaging
mark?: management
glen: note on what a web service is
mark?: i view requirements as part of that effort
: web services architecture
anne: intermediaries
simon: preferences
: different areas of applicability
noah: composability
:trading partner profiles
: scope of the work
henrik: path modeling
: discovery
mark?: messaging
anne: privacy
: service negotiation
: transactions
glen: what is semantic transparancy?
uche: needed by several blocks
anne: mechanism to represent business process and the state change behind the process
winer: publish and subscribe
: messaging models
:scalability and performance
: notification
Suresh Damodaran (Sterling Commerce): evolvability over time of contracts
: higher level semantic reliability

philippe: refinement stage
glen: could we take proposals from folks for chunking these items
    mechanism to represent business process
[haggle over where conversations go]
: let's out stuff in more than one place
    mechanism to represent business process

Suresh Damodaran (Sterling Commerce): i see three states:
  define actions
  perform them
  report on them


[discussion of what QOS means]

tim: i'd like queries handled in a generic way
uche: this obviates the need to mention semantic transparancy.
[long discussion of where security goes:
  folks made cases for security is lots of places]

[discussion of logging]
glen: i propose a new category: enterprise level extensions
      this includes logging, security, 
[long discussion of treating security as an extension
 glen describes how it works in XMLP
 moral: never mention that security could be an extension]
(jamcracker): this list is way too long. let's pick something like the orchestration
: i see three
  1. XML protocol activity WG to extend SOAP headers to do as much as possible of the upper layer stuff
      left hand side of andrew's diagram - SOAP bubbles
  2. wide scope orchestration
  3. definition language
[brief discussion of hurrying or being toast
  :who's the toaster?
  :the market place
  tim: for example, HTML2 was toast]
ibm: it's a wonderful excersise to look at the full range
      let's not scale back out of fear of a big list
reagle: how we did it in ...
      take the to 5 issues, work on them for four months, evaluate whether that worked
uche: it seems odd to charter W3C to do orchestration, perhaps ebXML
      discover,description and wire seem like W3C doamin
: worried about leaving security for two or three years
  would like to make identity a priority
(boing): need a definition of web services
      we need that list so we can talk with others
(commerce1): surviver of XML schema effort
      by the time your done, the industry may have done everything
Suresh Damodaran (Sterling Commerce): W3 should take lower stuff. ebXML has already done the higher level stuff.
massinger: i'm worried about defining an architecture as a task as there already is an architecture
      charting a commit to invent new pieces is a bad idea
baker: people think "if we don't get somehting out there, then the market will lock us into stuff."
      there's no real problem with having two different web services that have different syntax with the same semantics.
      we're not as bad off as we were with HTML 2 where lack of a blink support meant you were toast.
      we don't have the security folks here. we need some peer review.
      proper security does not mean users won't screw it up
jamcracker: i'm already involved in Oasis WG on security
      we'll have 4 to 6 WGs, just not all in W3C
tim: we need to first decide what needs to be done first, then where
      the prioritization should not be a function of where it happens
: coord group need to work with existent/de facto standards

We talked about priorities, for instance, definition language.
Is there a WG that should happen in W3C that is missing in this list.
: discover and associated services
: add registry/repository to discovery
: does managability come into a coor group?
cotton: what do folks mean by coord group?
      are you just talking about people to liason to the public?
glen: is that the same thing as an architecture group?
      is CG the wrong term?
anne: this is similar to what i meant when i suggested a coord group, someone to make sure W3C wasn't duplicating other efforts
: i'd like to see an architecture group
fallside: W3C already has coord with other orgs and many different leves, AC, coord group, monthly ietf call, WG level
      coord with external groups does tnot need to be an extra group
jamcracker: prob with arch is what authority/empowerment have?
      i'd like to see a W3C document on how this fits together.
cotton: the AB is looking at a technical archtecture group to write arch documents.
      it will be going before the AC in a few days.
      most coord happens at the staff level.
simon: there's a lot of coord at the WG level
      often the info flow is inward and not outward, frequently because of confidentiality issues.

1: XMLP extensions: a lot
2: def lang: slightly more
3: orch: 10
4: disc/reg: 5
5: management: 0
6: arch: 15
7: CG: 

winners: 2,1

fallside: how long will it take to produce a BP
philippe: indeterminate
tim: depends on how much help there is
cotton: every one should go home and write one
      they're not hard to write

Valid XHTML 1.0!

Eric Prud'hommeaux

CVS revision: $Id: 12-WebServicesScribeNotes.html,v 1.5 2001/05/07 03:09:47 hugo Exp $
Last modified: Wed Apr 11 21:08:11 EDT 2001