The Web Services Interoperability Organization (WS-I) has published draft documents on web services and security with an emphasis on service oriented architecture (SOA), seeking public feedback.

SOA architects have been waiting for these deliverables, which provide guidance on interoperability for core web services and business processes in enterprises, WS-I said.

"The web services specifications and the web services stack is the underlying technology for SOA," said Michael Bechauf, WS-I chairman and SAP vice president of industry standards.

Formed in 2002, WS-I focuses on helping vendors and users implement web services. "At the end of the day, the end user really shouldn't care about the underlying specifications," Bechauf said.

WS-I features members such as IBM, Microsoft, Oracle, SAP, and Sun Microsystems.

Working Group Drafts being published include Basic Profile 1.2, Basic Security Profile 1.1, and Reliable Secure Profile 1.0 Usage Scenarios. The draft documents are up for public and member review and are expected to be approved early in 2007.

"The tangible results will be that vendors will actually build solutions according to those profiles," with users assured that the systems will work together, Bechauf said.

Basic Profile 1.2 is the revision of the Basic Profile 1.1, which offers guidance on basic interoperability of the web services stack. Version 1.2 incorporates errata and includes requirements pertaining to serialisation of web services envelopes and their representation in messages from the WS-I Simple SOAP Binding Profile 1.0.

The new profile was constructed mostly using WS-Addressing, which defines a standard mechanism for identifying and exchanging Web services messages between endpoints. Specifications incorporated into Basic Profile 1.2 include Core, SOAP Binding, and WSDL Binding specifications pertinent to WS-Addressing 1.0.

Comments on Basic Profile may be e-mailed here: [email protected]

WS-I Basic Profiles make life easier for developers by focusing on what they need to know to make Web services work, said analyst Anne Thomas Manes, vice president and research director at Burton Group.

"I think the WS-I Basic Profiles are always a good thing because they constrain the specifications, so it gives developers fewer things to worry about," Manes said.

"The main reason that you want profiles is they explain how to use the specifications the right way and ensure that you will get a better chance of achieving interoperability," Manes said.

She acknowledged that the plethora of web services specifications can cause confusion among developers. Manes said she has counted 52 WS-* (spoken as "ws star") specifications for standardising web services operations.

"That's enough to make anybody's head spin," Manes said.

WS-I has been providing guidance on web services specifications to the standards group OASIS, which oversees many of them, Manes said.

"A lot of people think that WS-I hasn't done anything for two years but in fact it has," Manes said.

Also on the WS-I docket yesterday, the Working Group Draft of Basic Security Profile 1.1 was due to revise the 1.0 version of the document and incorporate errata to data. It profiles WS-Security 1.1 and WS-Security token profiles, including Username, X.500, Kerberos, and security access markup language (SAML).

Feedback on Security Profile 1.1 can be submitted to this e-mail address: [email protected]

The Working Group Draft of Reliable Secure Profile 1.0 Usage Scenarios features guidance on use of Reliable Secure Profile. It features specifications such as WS-ReliableMessaging 1.1 and WS-SecureConversation 1.3 as well as WS-I's Basic Profiles and Basic Security Profiles. Feedback on the Usage Scenarios can be e-mailed to this address: [email protected]

WS-I documents are accessible at the WS-I website.