Re: [uddi-spec] FW: UDDI's UUIDs issue

[Andrew Hately <hately@us.ibm.com>]

Anne,

Feel free to forward this to the parties
below.  I was writing a note for Ugo on this subject which came up
at our last TC meeting...

Paul touched on the main issue that
UDDI is designed as a centralized system for discovery.  The principal
reason to make it centralized is that no single criteria allows for decentralization
without runtime (or cached) query federation.  The UDDI inquiry API
allows for two distinct types of inquiry, the first being an inquiry along
many facets (the find_* APIs such as name, categorizations, identifiers,
service properties...) and the second is the inquiry to get a particular
resource based on the UDDI internal identifier, or key (the get_* APIs).
 The centralization is on a per registry basis, and thus the scope
of uniqueness of a key is on a per registry basis.  It is then approrpiate
to define a scheme that has uniqueness scoped to a registry and also define
it such that there is not also an external resource that bears the same
unique identifier.

By example, if in the UDDI registry,
a businessEntity were to have the key http://www.ibm.com/, one might infer
some meaning for the businessEntity from the web site http://www.ibm.com/.
   If the external resouce was UDDI discovery data, there is
the issue of synchronization between the data served by an HTTP server,
versus the data indexed for central search in the UDDI registry.

The HTTP get service described in UDDI
provides a registry scoped HTTP URI to access the same XML entity as would
be obtained using a get_** API.

A more detailed explanation/justification
of the centralized replication model is something I posted on the old uddi-technical
Yahoo group:

"The replication model first assumes that all nodes are equal and have a complete replica of the whole data set.  The alternative to complete replication is a partioning of the data across nodes, which is typically hieararchical.  One assumption in applying this a hiearchical model is that a root was agreed to and recognized by nodes or registries in all of the branches.  A second assumption is that data can be scoped globally and that there is a sensible way to seperate the data across registries according to a criteria that complements the global scoping.  While this type of heirarchical model has been applied successfully to a data model with fixed data relationships such as a key and a value with a self-regulating root used for partitioning.  DNS as illustrated below is a succesful example of this.  I would assert that the lack of a globally accepted root for directories suchs as LDAP would indicate to me that it becomes more challenging to apply it to a data model that allows for composite or complex queries.  Within an enterprise, ! it is often possible to establish such a root, but deterministic query results (latency aside) accross the enterprise becomes a significant technical challenge, as does establishing a sensible data partition that will persist over time.

Since it is possible to inspect UDDI data along many facets, it seems a difficult task to seperate a data set along one criteria, such as geographic location of the servers.  While this may be relevant to organizational constraints, or relevant to a particular inquiry, it may not always be relevant to a query based solely on technical criteria, such as implementation of a particular Web service interface.  Another illustration of this is that a particular use of the data in UDDI might take advantage of a particular taxonomy for discovery, such as geographic constraints, and another use of data discovery may be business function related, and a third type of discovery may be related to technical specifications and limitations.  It is further possible to combine several criteria which may typically be independent of how data may be partitioned accross a hiearchical federate registry or set of registries.

It has also been recognized that there still exists a need for several different registries serving different purposes for discovery.  As an example, the UDDI Business Registry is an example of a registry that could be considered a public "root", but it is not, obviously, appropriate for discovery of internal enterprise services.  This alone means that it will be typical for at least two UDDI registries to be used in discovery.  It has been further recognized that in some cases the data listed in a public registry could be the same data listed in an enterprise registry.  I would assert that it is not widely believed that service discovery at the enterprise level should automatically federate results from a global "root", at least in the public case.  

Another consideration that fed into the V2 specification development was the challenge in federating results according to different query criteria, which may not map to the data partitioning criteria, and produce a complete response in a timely manner.  This was one of the primary design points for designing a replication model for UDDI instead of a federated, or distributed query model.  A similar benefit of the replicated data model is that read access to discovery data is redundant and available at all nodes should a node become unavailable for a period of time.

For UDDI V1 and V2, the above assumptions resulted in a decision to not pursue a model that required hierarchical partitioning of the data.   Going forward, pushing all of the burden to a client to query multiple registries in all cases has also been recognized as an issue that needed to be addressed.  There are certainly use cases where the V1 and V2 single registry scoping of the data presents a significant burden for UDDI clients.  Some of this is addressed in V3 using registry affiliation where the administrators of a given set of registries and the publishers of data in each of those registries can use key partitions and certain keying policies to propogate discovery data to other registries with a different scope of inquirers.

The replication protocol itself was
also further scoped to only carry the information that is relevant to the
UDDI inquiry requests.  This means that the inquiry access control
policies at all nodes will be equivalent, while the publication access
control policies can be either uniform across all nodes or  differentiated
at each node.  In the business registry, this is particularly useful
to seperate the authentication protocol at each node from the service discovery
data (or UDDI data provided in the publication APIs).  It is then,
up to the adminstrator of each node to determine what authentication controls
to use on publication while using UDDI data model.  Coupled with the
ability to separate authentication at each node from the data is the concept
that a single master model should be used to reduce the complexity of the
protocol.  While the single master model means there is a single point
of failure for updating a piece of data, it removes the possibility of
conflicts and the necessity for a change negotiation protocol used in multi-master
models."


Andrew Hately
IBM Austin
UDDI Development, Emerging Technologies 
Lotus Notes: Andrew Hately/Austin/IBM@IBMUS
Internet: hately@us.ibm.com
(512) 838-2866,  t/l 678-2866

Anne Thomas Manes <anne@manes.net>

12/04/2002 09:59 AM

To	Uddi-Spec <uddi-spec@lists.oasis-open.org>
cc
Subject	[uddi-spec] FW: UDDI's UUIDs issue

There's been some discussion on ws-arch as to why
uddi.org is trying to
create a new URI scheme rather than just using http:.

Could someone reiterate the reasoning and justification for creating a
new
scheme?

Anne

-----Original Message-----
From: www-ws-arch-request@w3.org [mailto:www-ws-arch-request@w3.org]On
Behalf Of Munter, Joel D
Sent: Wednesday, December 04, 2002 9:04 AM
To: Anne Thomas Manes; Munter, Joel D; Paul Prescod
Cc: www-ws-arch@w3.org
Subject: RE: UDDI's UUIDs issue



I agree with you and urge you to forward the results of this thread directly
to the UDDI TC for their response and commensurate action.  As you
know UDDI
began discussing this late in the V3 dialogues (afaik all UDDI Keys from
V3
and up are already modeled as URIs) and I agree that HTTP GET support should
be considered for UDDI V4 work.
Joel

-----Original Message-----
From: Anne Thomas Manes [mailto:anne@manes.net]
Sent: Wednesday, December 04, 2002 6:26 AM
To: Munter, Joel D; Paul Prescod
Cc: www-ws-arch@w3.org
Subject: RE: UDDI's UUIDs issue


So Joel, are you saying that there is no reason to create a uddi: scheme?

I don't think that Karsten's explanation really addresses the core issue.
The tModelKey is supposed to be a URI. The current tModelKey is a UUID.
Although it's a unique identifier, it doesn't give you the ability to GET
it
using simply the ID.

I think Paul has proposed that we use an http:// URI rather than invent
a
new uddi: scheme to identify a tModel. The point I was making is that you
cannot do an HTTP GET on http://[tmodelname] to retrieve the tModel details.
You have to compose a fairly complicated composed URL (e.g.,
http://[server_name]/modelDetails.aspx/[uuid]) as decribed by Karsten below.

If we create a uddi: scheme, I can see the UDDI TC developing a mechanism
that would allow you to perform a GET on a uddi: URL and retrieve the
resource.

Anne

> -----Original Message-----
> From: Munter, Joel D [mailto:joel.d.munter@intel.com]
> Sent: Wednesday, December 04, 2002 12:39 AM
> To: Paul Prescod; Anne Thomas Manes
> Cc: www-ws-arch@w3.org
> Subject: RE: UDDI's UUIDs issue
>
>
>
> At Microsoft's implementation, you can do a poor man's UDDI GET today.
 As
> this behavior is not strictly specified, anyone could do this as
> well.  Here
> are the relevant details found at the 5 Aug 2002 submission to Karsten's
> blog  (http://www.gotdotnet.com/team/karstenj/blog.aspx)
>
>                  2002-08-05
- Providing Links to UDDI Entries
>                  Often
times, it is quite handy to provide a link for your
>                  UDDI
entry to someone else. "Check out my tModel at http://..."
>                  With
the new user interface both on the Microsoft public node and
>                  on
the UDDI Services in Windows .NET Server, this ability has been
>                  complicated
by the use of frames.
>
>                  However,
one can still achieve this behavior of providing a link to
>                  a
graphic rendering of your UDDI entry. The following patterns can
>                  be
used for the different entities: in UDDI:
>
>                  Business
Key:
> http://uddi.microsoft.com/details/businessdetail.aspx?key=ProviderGUID
>
>                  Service
Key:
> http://uddi.microsoft.com/details/servicedetail.aspx?key=ServiceGUID
>
>                  Binding
Key:
> http://uddi.microsoft.com/details/bindingdetail.aspx?key=BindingGUID
>
>                  tModel
Key:
> http://uddi.microsoft.com/details/modeldetail.aspx?key=tModelGUID
>
>                  In
UDDI Services, the pattern holds true, but you would use
>                  http://[server
name]/uddi or http://[server name]/uddipublic as the
> root,
>                  depending
on whether you were using Windows authentication or not.
>
>                  However,
users following these links will lose the ability to
> navigate,
>                  as
the navigation frames will be lost.
>
>                  Of
course, to provide an XML representation of the entity, you can
> use the
>                  discoveryURL.
The pattern for that syntax is as follows:
>
>                  http://uddi.microsoft.com/discovery.ashx?businessKey=ProviderGUID
>
>                  or
for UDDI Services
>
>                  http://[server
> name]/uddipublic/discovery.ashx?businessKey=ProviderGUID
>
> I also reference you to section 11.3.3 in the UDDI V3 spec where there
is
> some relevant discussion related to a specific tModel for the registration
> of services that are to be accessed through HTTP GET.
>
> Joel Munter
> Intel
>
> -----Original Message-----
> From: Paul Prescod [mailto:paul@prescod.net]
> Sent: Monday, November 25, 2002 4:39 PM
> To: Anne Thomas Manes
> Cc: www-ws-arch@w3.org
> Subject: Re: UDDI's UUIDs issue
>
>
>
> Anne Thomas Manes wrote:
>
> > Well for one thing, an http: URI lends the impression that you
might
> > be able to perform an HTTP GET to get the resource identified
by the
> > URI. But you can't do an HTTP GET on, say for example, a tModelKey.
>
> If you could do an HTTP GET on a tModelKey that would imply that every
> organization owned their own tModelKeys and that the system had no
> single point of failure. If you "discover" a tModelKey in
some data, you
> could resolve it without trying to determine WHICH of the UDDI servers
> might be able to give you information about that UDDI.
>
> In other words, UDDI as it exist is designed to be a centralized system
> with hierarchical control when it should be a decentralized system
where
> everybody controls their own information and anybody can become an
> aggregator of the information. examples of Web data aggregators include
> AltaVista, Google, Meerkat and Yahoo. So I'm not against
> registries/repositories. But they should
>
> The centralized model is architecturally unsound. And as far as I
know,
> has no advantages whatsoever. (I'm open to arguments on that
> point, however)
>
> I'm sorry to venture towards conspiracy theories but I have to say
that
> as far as I can see, the only reason someone would come up with such
an
> architecture is because in the back of their mind they see UDDI as
being
> analogous to DNS and they wish to be the NetSol or ICANN of UDDI.
This
> will not work because it will not scale as well as the decentralized
> solution.
>
> > Currently, the only way to get the resource identified by a uddi:
> > scheme is to issue the proper UDDI Inquiry API (e.g.,
> get_tModelDetails).
>
> Not only issue the proper query, but to the proper UDDI server (or
one
> in its federation. Given only a UUID or UDDI URI, you cannot know
> whether to use it inside the firewall or outside. (and which inside
or
> outside).
>
> >  At some point in the future (maybe UDDI V4) the API might
be extended
> > to allow you to do something like
>
> > a UDDI GET.
>
> IMHO, moving to a decentralized (not federated, but truly decentralized)
> model should be the highest priority of the UDDI V4 project. But it
is
> your standard, not mine.
>
>   Paul Prescod
>


----------------------------------------------------------------
To subscribe or unsubscribe from this elist use the subscription
manager: <http://lists.oasis-open.org/ob/adm.pl>