Mike et al,
Your concern about focus seems very reasonable. As you also say, however, “it is reasonable to ensure that the mechanisms used for the BDX specifications take into account the approaches adopted more widely in the industry”. And on that score, excited as I am about the Internet-scale potential of the BDX SMP/DNS model, the gap with current industry practices regarding identity management and security remains wide. The notion that Ariba, Oracle, SAP (and IBM!) will move away from requiring supplier identities to access enterprise systems, in favor of the BDX “open network” model seems to me fanciful (even with trusted providers and signed documents). Unless that issue is addressed, there’s some risk of this TC’s output gaining limited acceptance, even with PEPPOL on board.
My goal in introducing this issue – and in particular the possibility of an Id-Cloud liaison – was precisely to see how we might square this circle. By that I mean, to ask: how can we keep the work of this TC both focused AND grounded in industry realities, by leveraging other groups?
Mike, you refer to this being territory where there is “a great deal of activity being conducted elsewhere”. I would invite you and others to please call out specifically which groups and efforts you see as focused in this area. If we can find appropriate ways to leverage those efforts while minimizing scope creep here, that, to me, seems perhaps the best solution. The OASIS Id-Cloud group appears to be one such group. I will know more soon about the level of interest (and schedule fit) there.
Btw, re the Id-Cloud TC, I’ve noticed that Andrea Caccia, Peter Brown, Dale Moberg and Michele Drgon are also members of both TCs. Any insights that you folks in particular might have about how best to address these issues across the two groups would be appreciated.
From: Mike Edwards [mailto:firstname.lastname@example.org]
Sent: Monday, March 28, 2011 5:42 AM
Subject: Re: [bdx] Groups - Inter-Cloud BDX Identity Use Cases (OASIS ID Cloud - Inter-Cloud Doc Exchange Use Case v0.11 2011-03-25.doc) uploaded
Clearly, the BDX 4 corner model has a need for good use case descriptions and this applies to Identity and Trust as well as
to the other aspects of the infrastructure. Equally, it is reasonable to ensure that the mechanisms used for the BDX specifications
take into account the approaches adopted more widely in the industry.
However, I am very concerned with what I interpret as an expansion of the scope of the work of the BDX TC, particularly when
that expansion is into territory where there is already a great deal of activity being conducted elsewhere.
"a broader framework that can encompass the various 3-corner models" is the first example of this expansion.
The BDX TC is chartered to address the 4 corner model - to deal with 3-corner models also is to take on a lot more work
and I think that this is inappropriate for the BDX TC.
The establishment of a formal liaison between BDX and the Id-Cloud TC also appears to take the BDX TC into new territory.
"Cloud Computing" is not part of the work in the charter for the BDX TC. I fear that an expansion of the work of the BDX TC into
this area will be to the detriment of the work on the 4 corner model - Cloud computing is a big area with a lot of active work
going on in a variety of venues. I am doubtful that venturing into this space will serve the BDX TC well - and that it will likely
divert attention and energy from the matters that only the BDX TC is going to look at.
In standards work, it is usually best to stay focussed, otherwise there is a danger of never completing anything useful.
Dr Mike Edwards
Mail Point 137, Hursley Park
Winchester, Hants SO21 2JN
SCA & Services Standards
Co-Chair OASIS SCA Assembly TC
IBM Software Group
[bdx] Groups - Inter-Cloud BDX Identity Use Cases (OASIS ID Cloud - Inter-Cloud Doc Exchange Use Case v0.11 2011-03-25.doc) uploaded
We had some earlier email discussion on this list about defining identity /
Trust Framework use cases (a notion that Thomas Gundel I think supported).
Since then, I became aware of another OASIS TC on 'Identity in the Cloud'
(aka id-cloud). That TC has a use case analysis effort that seems well
matched to what seemed to be needed from this TC's perspective.
This initial draft is in considerable need of improvement, not least as to
my various errors and mis-characterizations of the BDX Addressing/Security
models. As stated in the document, one goal was to define a broader
framework that can encompass the various 3-corner network models, and
facilitate easy, end-to-end connection setup more broadly.
Feedback and suggested edits are very welcome. If the TC agrees, we might
even collaborate to get this to 'Approved Document' status for
re-submission to the Id-Cloud TC. (I have already posted it there for
feedback from that group).
I would also like to propose establishing a formal liaison relationship
between the two TCs. Id-Cloud TC members also seem well plugged into the
world of identity standards (i.e. KI, OIX etc) and may have useful input
about how best to move this forward.
The goal, obviously, is to get broad buy-in and adoption, in particular by
some of the larger industry players. With that in mind, the document uses
the term 'Inter-Cloud' to position the BDX requirements as a leading edge
use case for a big, important shift in the Cloud Computing world more
I look forward to any feedback and further discussion, whether via document
comments here, on the email list, or on upcoming TC calls.
-- Roger Bass
The document named Inter-Cloud BDX Identity Use Cases (OASIS ID Cloud -
Inter-Cloud Doc Exchange Use Case v0.11 2011-03-25.doc) has been submitted
by Roger Bass to the OASIS Business Document Exchange TC document
Use cases relating to identity issues in "Inter-Cloud" business
document exchange, including both 4-corner and 3-corner scenarios.
View Document Details:
PLEASE NOTE: If the above links do not work for you, your email application
may be breaking the link into two pieces. You may be able to copy and paste
the entire link address into the address field of your web browser.
-OASIS Open Administration
Unless stated otherwise above:
IBM United Kingdom Limited - Registered in England and Wales with number 741598.
Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 3AU