OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

provision message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: [provision] Standard Schema draft 4.


Gary’s latest draft looks like good progress. Here are my suggestions:

 

  • Contributors should be TBD for now.
  • Remove the “Benefits of a Standard Schema” section.
  • The Account Template object seems to Provisioning System specific. That may well be how a specific system is modeled, but seems inappropriate for a general purpose interface to a service.
  • The Account should not have links to generic Account Attributes.
  • GUID should not be a required attribute.
  • There are several “Roll-up” Attributes defined (orgs-indirect and orgs-dynamic). These imply extra processing that may not be desirable or feasible. For instance calculating the value for an orgs-dynamic attribute when searching a 25M user service may not be advisable.
  • There are several attributes that duplicate SPML 2.0 capabilities. I dislike this approach.
  • There should not be a Roles-excluded attribute on the Role object itself. This is too simplistic for real SOD.
  • The Question and Answer objects don’t seem appropriate for this schema. I understand most IdM platforms support this, but again we are not creating an IdM platform schema.

 

Jeff B.

 


From: Gary.P.Cole@Sun.COM [mailto:Gary.P.Cole@Sun.COM]
Sent: Tuesday, March 27, 2007 1:23 PM
To: PSTC
Subject: [provision] Standard Schema draft 4.

 

Took a while, but I've attached a PDF. 

  • This Introduction discusses SIMPLEST only as a schema (and not as a profile of SPML). The Protocol section has been removed accordingly.
  • The domain model is the same (although I've tweaked the names of the two entities in the lower-right-hand corner of the diagram: AccountTemplate and AccountAttribute).
  • The Schema section now reflects the object-classes and attributes from the spreadsheet that I sent to  (the list at the time of) the last Face-to-Face.
  • The Conformance section has been expanded.   It now discusses extensions to the standard schema as well as arbitrary (i.e., undeclared extensions) object-classes and attributes.

Obviously, this is just a draft, but it fairly represents the current proposal.  This draft should serve as a basis for further discussion.

  • I have not incorporated anything from SAP's submission to the Standard Schema.  I intended to do that, but it took longer than I expected merely to bring the draft up to date.
  • It feels a little weird to propose a standard schema without specifying a schema language.  Perhaps we can show how (operations using) the standard schema would look in the DSML Profile or SAML Profile or XSD Profile.
  • The language in the Conformance section is still a bit tortuous.  I can make the language clearer, given time, so what I need first and most is comment on the *ideas* in this section.


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]