1.1 Glossary

This document uses the following terms:

AND group: A conjunctive clause in a disjunctive normal form (DNF) formula. For example, in the formula (A AND B) OR (A AND C), the clauses "(A AND B)" and "(A AND C)" are AND groups.

client computer: (1) A computer that receives and applies settings from a Group Policy Object (GPO), as specified in [MS-GPOL].

(2) A computer that gets its updates from an update server. A client can be a desktop computer, a server, or the update server. For more information, see [MS-WUSP] and [MS-WSUSSS].

ClientIdString: A globally unique string that identifies a client machine to the update server. It is between 1 and 255 characters in length and contains only the letters a-z, the digits 0-9, or the hyphen.

conjunctive normal form (CNF): A logical formula consisting of a conjunction of disjunctions of terms in which no disjunction contains a conjunction. For example, A OR (B AND C) is not in CNF, whereas the equivalent (A OR B) AND (A OR C) is in CNF.

Cryptographic Application Programming Interface (CAPI) or CryptoAPI: The Microsoft cryptographic application programming interface (API). An API that enables application developers to add authentication, encoding, and encryption to Windows-based applications.

deployment: An administratively specified decision to make a specific update revision available to a specific target group.

disjunctive normal form (DNF): A logical formula consisting of a disjunction of conjunctions of terms in which no conjunction contains a disjunction. For example, A AND (B OR C) is not in DNF, whereas the equivalent (A AND B) OR (A AND C) is in DNF.

globally unique identifier (GUID): A term used interchangeably with universally unique identifier (UUID) in Microsoft protocol technical documents (TDs). Interchanging the usage of these terms does not imply or require a specific algorithm or mechanism to generate the value. Specifically, the use of this term does not imply or require that the algorithms described in [RFC4122] or [C706] must be used for generating the GUID. See also universally unique identifier (UUID).

locale: An identifier, as specified in [MS-LCID], that specifies preferences related to language. These preferences indicate how dates and times are to be formatted, how items are to be sorted alphabetically, how strings are to be compared, and so on.

man in the middle (MITM): An attack that deceives a server or client into accepting an unauthorized upstream host as the actual legitimate host. Instead, the upstream host is an attacker's host that is manipulating the network so that the attacker's host appears to be the desired destination. This enables the attacker to decrypt and access all network traffic that would go to the legitimate host. The attacker is able to read, insert, and modify at-will messages between two hosts without either party knowing that the link between them is compromised.

metadata: XML-formatted data that defines the characteristics of an update, including its title, description, rules for determining whether the update is applicable to a client computer, and instructions for installing the update content.

Microsoft Windows Installer (MSI): A file format that contains information used by Windows Installer to install software and software updates.

prerequisite graph: A directed graph with revisions as vertices and prerequisite relationships as edges.

quick fix engineering (QFE): Quick fixes by engineering, also called QFEs, are a small update designed to address a specific software bug. They are uniquely numbered to enable each fix to be identified easily by its associated QFE number.

Reporting Web Service: A Web service used by clients to report status to the server.

revision ID: A compact, server-assigned, 32-bit identifier for a revision that is used to identify the revision during client/server communication.

Secure Sockets Layer (SSL): A security protocol that supports confidentiality and integrity of messages in client and server applications that communicate over open networks. SSL uses two keys to encrypt data-a public key known to everyone and a private or secret key known only to the recipient of the message. SSL supports server and, optionally, client authentication using X.509 certificates. For more information, see [X509]. The SSL protocol is precursor to Transport Layer Security (TLS). The TLS version 1.0 specification is based on SSL version 3.0 [SSL3].

self-update: A process by which a client first communicates with the update server to detect updates to the executable files that implement the client role on computers running Windows, and then applies those updated executable files before carrying on further communication.

self-update content directory: A location on the update server containing update content files for the update client that is identified by an HTTP URL and exposed to clients.

SHA1 hash: A hashing algorithm defined in [FIPS180] that was developed by the National Institute of Standards and Technology (NIST) and the National Security Agency (NSA).

SHA-256 hash: The value computed from the hashing function described in [FIPS180-3].

SimpleAuth Web Service: A Web service on the server that is used to authorize what clients should get metadata for what revisions.

SOAP: A lightweight protocol for exchanging structured information in a decentralized, distributed environment. SOAP uses XML technologies to define an extensible messaging framework, which provides a message construct that can be exchanged over a variety of underlying protocols. The framework has been designed to be independent of any particular programming model and other implementation-specific semantics. SOAP 1.2 supersedes SOAP 1.1. See [SOAP1.2-1/2003].

target group: A named collection of client computers whose members are defined administratively.

UncPath: The location of a file in a network of computers, as specified in Universal Naming Convention (UNC) syntax.

update: The combination of metadata and associated content for a software update. An update is identified by a GUID.

update category: A group of updates. Each update belongs to zero or more update categories. An update category can be a product category that contains updates for a particular product, or a classification category that contains updates of a particular classification (for example, all security updates).

update content directory: A location on the update server containing update content files that is identified by an HTTP URL and exposed to clients.

update metadata: A combination of XML-formatted metadata and associated content that contains information about an update.

update server: A computer that implements the Windows Server Update Services: Server-Server Protocol or the Windows Server Update Services: Client-Server Protocol to provide updates to client computers and other update servers.

virtual directory: An HTTP URL that represents the root of a location where content can be published administratively.

web service: A software entity that responds to SOAP messages ([SOAP1.1],.[WSDL]).

Web Services Description Language (WSDL): An XML format for describing network services as a set of endpoints that operate on messages that contain either document-oriented or procedure-oriented information. The operations and messages are described abstractly and are bound to a concrete network protocol and message format in order to define an endpoint. Related concrete endpoints are combined into abstract endpoints, which describe a network service. WSDL is extensible, which allows the description of endpoints and their messages regardless of the message formats or network protocols that are used.

Windows Server Update Services (WSUS): An optional component that enables a machine to operate as an update server.

Windows Update Agent (WUA): A component originally introduced in the Windows 2000 Server operating system Service Pack 3 (SP3) operating system that enables a computer to operate as a client of an update server.

MAY, SHOULD, MUST, SHOULD NOT, MUST NOT: These terms (in all caps) are used as defined in [RFC2119]. All statements of optional behavior use either MAY, SHOULD, or SHOULD NOT.