[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: [provision] SPML Requirements List
Darran, I propose reducing the scope for a first phase. Let me address each item separately. 1. First, what are the provisioning actions between an RA to a PSP? I suggest that all user operations could be out of scope. With all the talk around SAML lately, I believe the add, modify, delete user (VID) on a PSP falls into a category that could be handled by a separate identity based service, such as SAML itself or a common identity spec that could be useful for both SAML and SPML. I'm not sure that provisioning services should be entangled with identity management. Just by referencing an identity in a provision account (PSTIDs) request could allow any PSP to use such an identity service for authorization or simple tracking purposes. For example SAML assertions may be the only thing needed to get information about a user. 3. I think this could be handled in a later phase or out of scope completely by using other services such as UDDI. 4. I think this is strongly related to #3 and should be handled in a similar mechanism. I hope that reducing scope may make it easier for us to achieve goal #9. I think that it will be beneficial for us to submit something simple sooner and let the community get behind the additional scope before we complicate matters now and possibly introduce controversy. I would bet that including identity mgmt functionality especially will stir up controversy in the community and may inhibit the adoption of this standard, but that's just a gut feeling. Tony -----Original Message----- From: Darran Rolls [mailto:Darran.Rolls@waveset.com] Sent: Wednesday, August 21, 2002 4:15 PM To: provision@lists.oasis-open.org Subject: [provision] SPML Requirements List Folks Through the process of defining the SPML charter, use cases and ongoing work we have implicitly gathered a set of requirements. We have not as yet clearly articulated these in a single document. On this weeks con-call, we concluded that we probably need to do this now. I would like to start this effort by offering the following (incomplete) list of requirements. Please add to this list and/or comment on the limited set suggested here. 1 - To define an XML Schema based protocol for exchanging provisioning requests between a Requesting Authority (RA) and a Provisioning Service Point (PSP). 2 - To define an XML Schema based protocol for exchanging requests provisioning requests between a PSP and a Provisioning Service Target (PST). 3 - To provide a query model that allows a RA to discover those provisioning elements it is authorized to act upon. 4 - To provide a model that allows a RA and a PSP to dynamically discover the required data values for a given provisioning action. 5 - To provide consideration for the security and general operational concerns of such an exchange system. 6 - To provide guidelines on binding SPML to the SOAP and HTTP protocols. 7 - To provide an open extensible solution that is independent of any one vendors implementation or solutions model. 8 - To provide a transactional element to the request/response model that allows for the exchange of ordered batches of requests. 9 - To deliver a solution in a timely manor. 10 - To where possible and reasonable to re-use and extend existing standards efforts for the benefit of the SPML solution. -------------------------------------------------------- Darran Rolls http://www.waveset.com Waveset Technologies Inc drolls@waveset.com (512) 657 8360 -------------------------------------------------------- ---------------------------------------------------------------- To subscribe or unsubscribe from this elist use the subscription manager: <http://lists.oasis-open.org/ob/adm.pl>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC