W3C home > Mailing lists > Public > www-ws-arch@w3.org > February 2003

RE: A question for our leaders (was RE: AR023.7.1 (was Re: Dead trou t

From: Burdett, David <david.burdett@commerceone.com>
Date: Sun, 23 Feb 2003 15:56:06 -0800
Message-ID: <C1E0143CD365A445A4417083BF6F42CC079B1112@C1plenaexm07.commerceone.com>
To: "Champion, Mike" <Mike.Champion@softwareag-usa.com>, www-ws-arch@w3.org

Mike

Thanks for the feedback. I suppose that the motivation for my asking this
question, is that there are various requirements for using web services for
business that, although they may seem minor, have some major architectural
implications. Here are three examples:

1. Semantic free URIs
In an earlier email, I suggested that if you want to keep the content of a
message sent to a web service confidential, then you should not put ANY
sensitive information such as the operation to be carried out on the message
in the URI

2. Use of non-HTTP Protocols
I really think that SMEs (Small to Medium Enterprises) will want to provide
a Web Service capability using email protocols rather than HTTP. The EDI use
case at in the WSA Usage Scenarios document is a good example of this.
Also, within an enterprise, other non-HTTP protocols could be used such as
MQ Series. This is suggested in the Transport section of the Web Services
Architecture Document.

3. Preservation of Message Integrity
Many messages sent to web services providing a business function will be
digitally signed, probably with XML Dsig, as they provide a *persistent*
record of the origin and authenticity of the message that lasts after the
transport of the message is complete. For example, you could store the
message in a database or file system without losing any integrity
information.

The conclusion I draw from these example requirements is that you have to
put all the semantic information required to process a message actually
*inside* the message. If information is contained at the transport level as
Mark and others have suggested, then it MUST be a copy.

Thoughts?

David



-----Original Message-----
From: Champion, Mike [mailto:Mike.Champion@softwareag-usa.com]
Sent: Thursday, February 20, 2003 5:56 PM
To: www-ws-arch@w3.org
Subject: RE: A question for our leaders (was RE: AR023.7.1 (was Re: Dead
trou t



>  
>  
> -----Original Message-----
> From: Burdett, David [mailto:david.burdett@commerceone.com] 
> Sent: Thursday, February 20, 2003 2:02 PM
> To: Dave Hollander (E-mail); Mike Champion (E-mail)
> Cc: www-ws-arch@w3.org; 'Cutler, Roger (RogerCutler)'; Mark Baker
> 
> A question for our leaders ...
> 
> To what extent is the requirement to develop a Web Services 
> Architecture that supports the needs of business/ecommerce a 
> formal objective of this activity?

The answer is "yes, of course."  Oddly enough, the Requirements don't say
this as explicitly as I remembered, maybe because we "just knew" that the
objective is to support the needs of business.  

What the Requirements doc does say is: "Of course, it is also important to
recognize that an important motivation for the product of this Working Group
is to support the needs of enterprises that use Web services for the purpose
of engaging in e-business."

This is clearly not just an academic exercise; an intellectually pure
architecture that doesn't actually have real-world implementations or
reflect practical business knowledge would not meet the requirements of this
activity.

Of course, one would be forgiven for not getting that impression from this
mailing list :-)  But that's the price we pay (and benefit we get) from
doing the technical work in public.
Received on Sunday, 23 February 2003 18:56:44 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 3 July 2007 12:25:15 GMT