WIDEX                                                          V. Stirbu
Internet-Draft                                                     Nokia
Intended status: Informational                                D. Raggett
Expires: October 13, 2006                                   W3C/Volantis
                                                          April 11, 2006


        Widget Description Exchange Service (WIDEX) Requirements
                    draft-ietf-widex-requirements-01

Status of this Memo

   By submitting this Internet-Draft, each author represents that any
   applicable patent or other IPR claims of which he or she is aware
   have been or will be disclosed, and any of which he or she becomes
   aware will be disclosed, in accordance with Section 6 of BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-
   Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/ietf/1id-abstracts.txt.

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html.

   This Internet-Draft will expire on October 13, 2006.

Copyright Notice

   Copyright (C) The Internet Society (2006).

Abstract

   This document defines functional requirements for a framework and a
   protocol used to support XML-based user interfaces, where the user
   interface and application logic may be on different machines, and
   coupled via an exchange of XML DOM events and update/mutation
   operations.





Stirbu & Raggett        Expires October 13, 2006                [Page 1]


Internet-Draft             WIDEX Requirements                 April 2006


Requirements Language

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in RFC 2119 [RFC2119].


Table of Contents

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  4

   2.  Widex Entities . . . . . . . . . . . . . . . . . . . . . . . .  4

   3.  Widex Terminology  . . . . . . . . . . . . . . . . . . . . . .  4
     3.1.  User Interface . . . . . . . . . . . . . . . . . . . . . .  4
     3.2.  Remote User Interface  . . . . . . . . . . . . . . . . . .  5
     3.3.  Widex Objects  . . . . . . . . . . . . . . . . . . . . . .  5
     3.4.  Transport Protocol . . . . . . . . . . . . . . . . . . . .  6
     3.5.  Simple vs. Complex User Interfaces . . . . . . . . . . . .  6
     3.6.  Session  . . . . . . . . . . . . . . . . . . . . . . . . .  6

   4.  Scenarios and Explanatory Discussion . . . . . . . . . . . . .  6
     4.1.  NAT Traversal  . . . . . . . . . . . . . . . . . . . . . .  6
       4.1.1.  Scenario 1: Widex Server and Renderer Located in
               Internet . . . . . . . . . . . . . . . . . . . . . . .  6
       4.1.2.  Scenario 2: Widex Server Located in Internet . . . . .  7
       4.1.3.  Scenario 3: Widex Renderer and Server in the Same
               Network  . . . . . . . . . . . . . . . . . . . . . . .  7
     4.2.  IPv4-IPv6 Interworking . . . . . . . . . . . . . . . . . .  8
       4.2.1.  Dual-Stack Widex Element Communicating with
               IPv4-Only Widex Element Using IPv4 . . . . . . . . . .  9
       4.2.2.  Dual-Stack Widex Elements Communicating over IPv4
               Segment using IPv6 . . . . . . . . . . . . . . . . . .  9
       4.2.3.  IPv4-Only Widex Element communicating with an
               IPv6-Only Widex Element  . . . . . . . . . . . . . . .  9
       4.2.4.  Application Aspects of IPv6 Transition . . . . . . . . 10

   5.  Requirements . . . . . . . . . . . . . . . . . . . . . . . . . 10
     5.1.  Architecture Requirements  . . . . . . . . . . . . . . . . 10
     5.2.  Discovery and Session Setup Requirements . . . . . . . . . 10
     5.3.  Widex Objects Requirements . . . . . . . . . . . . . . . . 10
     5.4.  Transport Requirements . . . . . . . . . . . . . . . . . . 11

   6.  IANA Considerations  . . . . . . . . . . . . . . . . . . . . . 11

   7.  Security Considerations  . . . . . . . . . . . . . . . . . . . 11

   8.  Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 11



Stirbu & Raggett        Expires October 13, 2006                [Page 2]


Internet-Draft             WIDEX Requirements                 April 2006


   9.  References . . . . . . . . . . . . . . . . . . . . . . . . . . 12
     9.1.  Normative References . . . . . . . . . . . . . . . . . . . 12
     9.2.  Informative References . . . . . . . . . . . . . . . . . . 12

   Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 13
   Intellectual Property and Copyright Statements . . . . . . . . . . 14













































Stirbu & Raggett        Expires October 13, 2006                [Page 3]


Internet-Draft             WIDEX Requirements                 April 2006


1.  Introduction

   With the Internet reaching out to more and more devices, people are
   increasingly expecting to have access to services at anytime, from
   anywhere and using any device.  Such services are being developed
   using Web technologies such as XML and distributed across the network
   rather than resident on any one device.


2.  Widex Entities

   The following picture shows the primary Widex entities in a simple
   and basic architecture.

                    +--------+                  +--------+
                    |        | update interface |        |
                    | Widex  |----------------->| Widex  |
                    | Server |<-----------------|Renderer|
                    |        | event interface  |        |
                    +--------+                  +--------+

                         Figure 1: Widex Entities

   The two primary Entities are described as follows:

   Widex Server (WS):
      The entity that holds the application logic.

   Widex Renderer (WR):
      The entity that renders the user interface.

   There might be several Widex Servers in the same device, one for each
   application that can export the user interface and for each Widex
   server there might be several Widex Renderers which are rendering the
   user interface.


3.  Widex Terminology

   The terminology and definitions detailed below include both terms
   that, besides the Widex entities are used in the requirements section
   of this document.

3.1.  User Interface

   In the context of Widex working group, the user interface is
   understood as XML [XML1.0] data describing the user interface.
   Typically, the XML data is manipulated as levels 2 and 3 in the W3C



Stirbu & Raggett        Expires October 13, 2006                [Page 4]


Internet-Draft             WIDEX Requirements                 April 2006


   Document Object Model (DOM), see [DOM2.Core], [DOM3.Core], and
   [DOM2.Events] (W3C has yet to complete work on DOM3 events).  Style
   information associated with the user interface can be manipulated via
   the DOM, see [DOM2.Style].

3.2.  Remote User Interface

   The Remote User Interface (RUI) is a technique in which a user
   interface is rendered on another device than the one that runs the
   application logic while keeping the user interface synchronised with
   the application logic.

3.3.  Widex Objects

   One of the goals of the Widex working group is to define Widex
   Objects (WO), to be used to convey information about interface
   updates and events.  WOs are used to keep the rendered user interface
   synchronised with the application logic.

   There are two types of WOs:

   WO Update (RUI.Update):
      WO.Update messages contain description of changes to XML DOM
      trees.  The updates can target individual nodes in order to update
      their properties and attributes, or can target parts of the DOM
      tree in order change its structure, e.g. add/delete/replace nodes
      or branches.

   WO Event (WO.Event):
      WO.Event messages are primarily used to carry events triggered on
      the Widex Renderer side so that they can be caught by the
      application logic event handlers on the Widex Server side.  Not
      all events need to be forwarded to the application logic, as some
      events are have local scope and may be intended for default event
      handlers or for local scripted event handlers.  The application
      logic in the Widex Server may only be interested in specific
      events.

      WO.Event messages may carry data according to the type of the
      event, e.g. application defined events with structured payloads as
      per Extensible Multi-Modal Annotations [EMMA], which uses XML for
      annotated interpretations of user input.

      A secondary use of WO.Event messages is where the application
      logic itself raises events that may be caught by event handlers
      associated with the remote user interface, see for example Web
      Applications 1.0 [WhatWG.WebApps1.0].




Stirbu & Raggett        Expires October 13, 2006                [Page 5]


Internet-Draft             WIDEX Requirements                 April 2006


3.4.  Transport Protocol

   The Transport Protocol is a protocol that just transports the RUIOs
   as a string of bits, without looking at them.

3.5.  Simple vs. Complex User Interfaces

   Simple User Interface:
      A simple user interface allows the user interface to be
      represented with only one XML DOM object.

   Complex User Interface:
      A complex user interface may include scripted client-side event
      handlers or there can be more than one XML DOM in the user
      interface, e.g. different DOMs for different modalities, but see
      also SVG's XML Binding Language [sXBL] for the role of shadow
      DOMs.

3.6.  Session

   The Widex Session is initiated between a Widex Servers and a Widex
   Renderer for exchanging information about user interface updates and
   events in order to control applications remotely.  A Widex Session
   relate to a single User Interface, which can be simple or complex.


4.  Scenarios and Explanatory Discussion

   In this section we introduce short scenarios to illustrate how Widex
   services can be deployed in some environments.

4.1.  NAT Traversal

   In the following sections we will describe some of the common
   scenarios involving Widex Elements and NAT traversal.

4.1.1.  Scenario 1: Widex Server and Renderer Located in Internet

   In this scenario both the Server and Renderer are located somewhere
   in the Internet and are globally accessible via public IP addresses
   and/or Fully Qualified Domain Name (FQDN).










Stirbu & Raggett        Expires October 13, 2006                [Page 6]


Internet-Draft             WIDEX Requirements                 April 2006


                               **************
                  +--------+  *  Public      *  +--------+
                  | Widex  |--*    Network   *--| Widex  |
                  | Server |  *              *  |Renderer|
                  +--------+   **************   +--------+

          Figure 2: Widex Server and Renderer Located in Internet

4.1.2.  Scenario 2: Widex Server Located in Internet

   In this scenario the Server is located somewhere in the Internet, has
   a globally routable, public IP address (and/or FQDN), and the client
   is behind a NAT device.  The access network is a network where
   private IP addresses are used and NAT is required in order to access
   the public network, e.g. a home network, a hotspot.

                   +--------+   **************
                   | Widex  |  *  Public      *
                   | Server |--*    Network   *
                   +--------+  *              *
                                **************
                                       /
                                  +--------+
                                  |  NAT   |
                                  +--------+
                                      /
                              **************
                             *  Private     *  +--------+
                             *    Network   *--| Widex  |
                             *              *  |Renderer|
                              **************   +--------+

                Figure 3: Widex Server located in Internet

4.1.3.  Scenario 3: Widex Renderer and Server in the Same Network

   In this scenario the Server is located behind the same NAT device as
   the Renderer.













Stirbu & Raggett        Expires October 13, 2006                [Page 7]


Internet-Draft             WIDEX Requirements                 April 2006


                               **************
                              *   Public     *
                              *    Network   *
                              *              *
                               **************
                                     |
                                 +--------+
                                 |  NAT   |
                                 +--------+
                                     |
                               **************
                 +--------+   *  Local Area  *   +--------+
                 | Widex  |---*    Network   *---| Widex  |
                 | Server |   *              *   |Renderer|
                 +--------+    **************    +--------+

      Figure 4: Widex Renderer and Server in the same private network

   The network might be managed in which case a centralised service
   discovery and session setup mechanism should be used, or unmanaged
   and a peer-to-peer service discovery and session setup mechanism
   should be used.

4.2.  IPv4-IPv6 Interworking

   The global deployment of IPv6 is underway, creating an IPv4/IPv6
   Internet consisting of IPv4-only and dual-stack IPv4/IPv6 networks
   and nodes.  There may also be IPv6-only nodes.  It is highly probable
   that there will be situations when IPv4-only Widex entities will want
   to communicate with dual-stack IPv4/IPv6 Widex entities.  Also, a
   valid scenario is where two dual-stack IPv4/IPv6 Widex entities are
   communicating over a network that includes an IPv4-only segment.  In
   these scenarios, it is expected that at least one Widex Element will
   be attached to an unmanaged network or to a 3GPP network; IPv6
   transition scenarios for unmanaged networks are described in RFC 3750
   [RFC3750] and for 3GPP networks are described in RFC 3574 [RFC3574].

   A good guideline, when talking about migrating from IPv4 to IPv6, is
   to select such protocols that do not have big issues with NAT
   traversal and IPv6 transition mechanisms.

   In the following sections, we will describe some of the common
   scenarios involving Widex Elements and IPv4-IPv6 interworking.








Stirbu & Raggett        Expires October 13, 2006                [Page 8]


Internet-Draft             WIDEX Requirements                 April 2006


4.2.1.  Dual-Stack Widex Element Communicating with IPv4-Only Widex
        Element Using IPv4

                  +---------+                 +---------+
                  |  Widex  |                 |  Widex  |
                  | Element |   ***********   | Element |
                  +---------+  *           *  +---------+
                  |IPv4/IPv6|--* IPv4/IPv6 *--|IPv4-only|
                  +---------+  *           *  +---------+
                                ***********

    Figure 5: Dual-stack WE communicating with IPv4 only WE using IPv4

4.2.2.  Dual-Stack Widex Elements Communicating over IPv4 Segment using
        IPv6

   +---------+                                               +---------+
   |  Widex  |                                               |  Widex  |
   |  Server |   ***********    ***********    ***********   | Renderer|
   +---------+  *           *  *           *  *           *  +---------+
   |IPv4/IPv6|--* IPv4/IPv6 *--* IPv4-only *--* IPv4/IPv6 *--|IPv4/IPv6|
   +---------+  *           *  *           *  *           *  +---------+
                 ***********    ***********    ***********

    Figure 6: Dual-stack WE communicating over IPv4 segment using IPv6

   When dual-stack Widex Elements communicate using IPv6 over an IPv4-
   only segment, tunneling mechanisms such as 6to4 [RFC3056], ISATAP
   [RFC4214] or Teredo [RFC4380] MAY be used by the intermediate nodes
   or by the nodes hosting the Widex Elements to tunnel the IPv6 traffic
   over the IPv4-only segment.

4.2.3.  IPv4-Only Widex Element communicating with an IPv6-Only Widex
        Element

    +---------+                                              +---------+
    |  Widex  |                                              |  Widex  |
    | Element |   ***********   +----------+   ***********   | Element |
    +---------+  *           *  | Protocol |  *           *  +---------+
    |IPv4-only|--* IPv4-only *--|Translator|--* IPv6-only *--|IPv6-only|
    +---------+  *           *  |   /ALG   |  *           *  +---------+
                  ***********   +----------+   ***********

         Figure 7: IPv4-Only WE communicating with an IPv6-Only WE

   Protocol translation / Application Level Gateway (ALG) functionality
   is necessary in the network in order to enable the communication
   between an IPv4-only Widex Element with an IPv6-only Widex Element.



Stirbu & Raggett        Expires October 13, 2006                [Page 9]


Internet-Draft             WIDEX Requirements                 April 2006


   This is not a typical case as the assumption is that IPv6-only nodes
   will not be common in the near future.

4.2.4.  Application Aspects of IPv6 Transition

   Application developers, implementing the Widex framework and
   services, which want to enable IPv6 support in implementations
   running on IPv6 hosts or want to develop IP version-independent
   implementations SHOULD consider recommendations written in RFC 4038
   [RFC4038].


5.  Requirements

5.1.  Architecture Requirements

   o  The framework MUST be modular, e.g. multiple session setup
      mechanisms may be used.
   o  The synchronisation MUST occur at a fairly loose level that allows
      for a simple approach to propagating changes.
   o  The framework and the synchronisation protocol SHOULD be
      stateless.
   o  The framework SHOULD be consistent with the W3C Multimodal
      Architecture [MMI.Arch].

5.2.  Discovery and Session Setup Requirements

   o  The service discovery mechanism MUST be able to discover both
      Widex Renderers and Widex Servers.
   o  The service discovery mechanism MUST be able to negotiate the
      capabilities of both Widex Renderers and Widex Servers, e.g.
      supported devices physical characteristics, supported markup
      languages, etc.
   o  The session setup mechanism MUST be able to establish sessions
      from both Widex Renderers and Widex Servers, e.g. remote user
      interface pull and push.

5.3.  Widex Objects Requirements

   o  The WOs MUST NOT be aware of the semantics of the markup that is
      synchronized.
   o  The WOs MUST support client initiated updates.
   o  The WOs MUST support server initiated updates.
   o  The WOs MUST contain only information having remote scope.
   o  The WOs MUST indicate the target XML DOM tree when Complex User
      Interfaces are involved.





Stirbu & Raggett        Expires October 13, 2006               [Page 10]


Internet-Draft             WIDEX Requirements                 April 2006


   o  The WOs MAY support multiple modes of interaction, and it is the
      responsibility of the application to synchronise modalities and
      not that of the Widex protocol.

5.4.  Transport Requirements

   o  The Widex protocol MUST deliver WOs in the order determined by the
      originator regardless of the underlying network topology.  The
      order is relevant within a single Widex Session.  The co-
      ordination between several Widex Sessions in a Widex Server is
      outside the scope of this document.
   o  The Widex protocol MUST provide reliable delivery of messages.  If
      this proves to be impractical in a given situation, the protocol
      MUST provide the means for application to detect such failures.
   o  The Widex protocol MUST tolerate limitations in available
      bandwidth.
   o  The Widex protocol MUST tolerate delays caused by network induced
      latency.  Latency and time-outs may need to be handled at the
      application level.
   o  The Widex protocol MUST have support for authentication and secure
      sessions, e.g. data privacy and integrity.


6.  IANA Considerations

   This document makes no request of IANA.


7.  Security Considerations

   As a means to support remote user interfaces, a number of security
   considerations need to be addressed, including the potential for
   unauthorized access to application services, monitoring of
   interactions by unauthorized third parties, spoofing of application
   services as a means to support phishing attacks, and denial of
   service attacks.  Requirements defined in this document MUST allow
   for the implementation according to best common practices.


8.  Acknowledgements

   The authors would like to thank Juha Wiljakka for good input and
   comments that helped writing this document.


9.  References





Stirbu & Raggett        Expires October 13, 2006               [Page 11]


Internet-Draft             WIDEX Requirements                 April 2006


9.1.  Normative References

   [DOM2.Core]
              Le Hors, A., Le Hegaret, P., Wood, L., Nicol, G., Robie,
              J., Champion, M., and S. Byrne, "Document Object Model
              (DOM) Level 2 Core Specification", W3C Recommendation,
              November 2000.

   [DOM2.Events]
              Pixley, T., "Document Object Model (DOM) Level 2 Events
              Specification", W3C Recommendation, November 2000.

   [DOM2.Style]
              Wilson, C., Le Hegaret, P., and V. Apparao, "Document
              Object Model (DOM) Level 2 Style Specification",
              W3C Recommendation, November 2000.

   [DOM3.Core]
              Le Hors, A., Le Hegaret, P., Wood, L., Nicol, G., Robie,
              J., and S. Byrne, "Document Object Model (DOM) Level 3
              Core Specification", W3C Recommendation, April 2004.

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, March 1997.

   [XML1.0]   Yergeau, F., Bray, T., Paoli, J., Sperberg-McQueen, C.,
              and E. Maler, "Extensible Markup Language (XML) 1.0 (Third
              Edition)", W3C Recommendation, February 2004.

9.2.  Informative References

   [EMMA]     Johnston, M., Chou, W., Dahl, D., McCobb, G., and D.
              Raggett, "Extensible Multi-Modal Annotations (EMMA)",
              W3C Last Call Working Draft, September 2005.

   [MMI.Arch]
              Barnett, J., "Multimodal Architecture and Interfaces",
              W3C Working Draft, April 2005.

   [RFC3056]  Carpenter, B. and K. Moore, "Connection of IPv6 Domains
              via IPv4 Clouds", RFC 3056, February 2001.

   [RFC3574]  Soininen, J., "Transition Scenarios for 3GPP Networks",
              RFC 3574, August 2003.

   [RFC3750]  Huitema, C., Austein, R., Satapati, S., and R. van der
              Pol, "Unmanaged Networks IPv6 Transition Scenarios",
              RFC 3750, April 2004.



Stirbu & Raggett        Expires October 13, 2006               [Page 12]


Internet-Draft             WIDEX Requirements                 April 2006


   [RFC4038]  Shin, M-K., Hong, Y-G., Hagino, J., Savola, P., and E.
              Castro, "Application Aspects of IPv6 Transition",
              RFC 4038, March 2005.

   [RFC4213]  Nordmark, E. and R. Gilligan, "Basic Transition Mechanisms
              for IPv6 Hosts and Routers", RFC 4213, October 2005.

   [RFC4214]  Templin, F., Gleeson, T., Talwar, M., and D. Thaler,
              "Intra-Site Automatic Tunnel Addressing Protocol
              (ISATAP)", RFC 4214, October 2005.

   [RFC4380]  Huitema, C., "Teredo: Tunneling IPv6 over UDP through
              Network Address Translations (NATs)", RFC 4380,
              February 2006.

   [WhatWG.WebApps1.0]
              Hickson, I., "Web Applications 1.0", October 2005.

   [sXBL]     Ferraiolo, J., Hickson, I., and D. Hyatt, "SVG's XML
              Binding Language (sXBL)", W3C Working Draft, August 2005.


Authors' Addresses

   Vlad Stirbu
   Nokia
   Visiokatu 3
   Tampere  33720
   Finland

   Phone: +358 7180 08000
   Email: vlad.stibu@nokia.com


   Dave Raggett
   W3C/Volantis
   35 Frome Road
   Bradford on Avon, Wiltshire  BA15 2EA
   United Kingdom

   Phone: +44 1225 866240
   Email: dsr@w3.org









Stirbu & Raggett        Expires October 13, 2006               [Page 13]


Internet-Draft             WIDEX Requirements                 April 2006


Full Copyright Statement

   Copyright (C) The Internet Society (2006).

   This document is subject to the rights, licenses and restrictions
   contained in BCP 78, and except as set forth therein, the authors
   retain all their rights.

   This document and the information contained herein are provided on an
   "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
   OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
   ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
   INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
   INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
   WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.


Intellectual Property

   The IETF takes no position regarding the validity or scope of any
   Intellectual Property Rights or other rights that might be claimed to
   pertain to the implementation or use of the technology described in
   this document or the extent to which any license under such rights
   might or might not be available; nor does it represent that it has
   made any independent effort to identify any such rights.  Information
   on the procedures with respect to rights in RFC documents can be
   found in BCP 78 and BCP 79.

   Copies of IPR disclosures made to the IETF Secretariat and any
   assurances of licenses to be made available, or the result of an
   attempt made to obtain a general license or permission for the use of
   such proprietary rights by implementers or users of this
   specification can be obtained from the IETF on-line IPR repository at
   http://www.ietf.org/ipr.

   The IETF invites any interested party to bring to its attention any
   copyrights, patents or patent applications, or other proprietary
   rights that may cover technology that may be required to implement
   this standard.  Please address the information to the IETF at
   ietf-ipr@ietf.org.


Acknowledgment

   Funding for the RFC Editor function is provided by the IETF
   Administrative Support Activity (IASA).





Stirbu & Raggett        Expires October 13, 2006               [Page 14]