Re: Partial executability/ determinism of a Chor description language

Monica J. Martin wrote:

>
> Assaf Arkin wrote:
>
>>
>> <<Monica J. Martin wrote:
>>
>>> mm1:  I would say that the WSDL MAY be legally binding, but it is 
>>> not the contract.
>>
>>
>>
>> I'm not sure if we can go far without agreeing that WSDL is a 
>> contract, or binding agreement, between two parties, in our case 
>> services. If it's not a binding agreement, why even bother using it?
>
>
> mm1:  It is an expression that can reference back to an agreement. I 
> would ask: (1) Is it appropriate that WSDL be an expression of a 
> binding agreement or optionally designated as legally binding or not, 
> and/or (2) Is it appropriate that the WSDL point to the overriding 
> agreement associated with the context the agreement provides for the 
> expression?

A contract is a contract is a contract. It's a binding agreement between 
any number of parties (at least two). A contract that is enforecable by 
law is also said to be legally binding. A lot of contracts falls in this 
classification, but the term is more generic than one that requires the 
long arm of the law ;-)

When you develop an EJB bean you design the bean based on the 
bean-container contract and the client uses that bean based on the 
client-container-bean contract. The term 'contract' has been used in the 
EJB spec for a few years now and so far no one has complained about 
legal issues. If I remember correctly version 2.1 has four of them. 
Perhaps because there aren't any in that particular usage of a contract.

Some languages have contracts built into them, Eiffel is a good example 
for a design-by-contract language that never quite made it. Aspect 
oriented programming (AOP) is an even more evolved form of 
design-by-contract, it's Java incarnation is based on JSR 175. Maybe the 
term contract has been put out of context by software developers, but 
it's been around for so long that we can safely hijack it for our own 
purposes. It may have actually come from the hardware people ;-)

WSDL definitely falls into the design-by-contract model in expressing 
the binding agreement between the service provided and service 
requestor, and a choreography language - with or without WSDL - expands 
on that contract. As far as non-legal contracts go, WSDL is sufficient.


Now the question becomes, how would you associate WSDL to a legal 
agreement if you also had a legal agreement governing its use. I think 
the point it moot.

Let's say my supplier failed to deliver a product in time. I call them 
up to cancel the order and they immediately say it's being handled right 
now and they'll send it the next day. That's a verbal legal contract. 
That's also a very terse contract because it doesn't contain all the 
legal information you need to enforce it -- all that information comes 
from the original purchase contract. It would be more precise if they 
said something to the effect of "We the party known as Seller hereby 
enter a contract to send the product by 12:00 AM tomorrow based on the 
stipulations made in the contract between the Seller and Buyer party 
signed in good faith on ...". But who cares?

Let's say you have a contract with someone else and you are using WSDL 
based on that contract. Now something went wrong and you decide to sue 
them. For whatever reason you need to present that WSDL document as 
evidence. It would be admissable even if it never ever referenced the 
legal contract. The same way a million other types of business and 
technical docments are admissable without having to specify the contract 
which governs their use.

Think of software as a good example. I buy a software product with gold 
level customer support. I install the software, read the manual but no 
where would it say that my use of the software is subject to the terms 
of the customer support contract. Yet, it is perfectly understood that 
it is and the legal view is that my use of the software and the manual 
are subject to the contract (until it expires).

Imagine a world where you would have to sell several versions of the 
same product and print several copies of the same manual just so you can 
reference the support contract the customer has requested. And then 
you'll have to send them a new software or a new manual whenever the 
support contract expires, gets renewed or gets modified (e.g. to move 
from silver to gold or to renew it).


So should WSDL be a legally binding agreement? No need for that, 
sufficient that you execute on the WSDL based on a legal contract you 
already have. Should it reference the legally binding agreement? There 
is no legal justification to do so, and it just adds another technical 
requirement to the already inflated list.

I think we're creating a mountain out of nothing. I really recommend 
presenting some use cases to a lawyer and seeing if they think there's 
any problem that needs to be solved. We'll find out that there's really 
nothing to it*.


As a side not, being able to reference a WSDL to the original party that 
created it is quite frankly not super interesting. It is important if 
you want to ensure the WSDL you get from one of your partners has not 
been corrupted by some attacker that uses it to forward your sensitive 
data to their system. XML signatures would be sufficient. It is useful 
because it lets you track WSDLs coming from the same source, for 
example, to invalidate all of them if that partner goes out of business 
or you decide to not use them ever again. Any old tracking mechanism 
would work.

When it gets down to actually going to court to sue someone, the way we 
currently collect, present and judge evidence is good enough. Just make 
sure you have a legally binding contract that stipulates what you would 
be doing and that all WSDLs you are using are executed under the terms 
of that contract. And more specifically, get them from that party's UDDI 
directory (or whatever you use) and not from some unknown site on the 
Web - the contract would say that they are legally bound to the 
correctness of any WSDL contained there.

arkin

Received on Monday, 2 June 2003 22:48:05 UTC