OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

provision message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [provision] Minutes of the August 30 Meeting of the PSTC.


Does bi-di sync actually go with the FEMA example?  Or did I merge these inadvertently?

On Sep 2, 2010, at 8:49 AM, Richard Sand wrote:

Actually I think that was me talking about bidirectional sync. That’s my pet issue ;-)
 
Richard Sand | CEO
239 Kings Highway East | Haddonfield | New Jersey 08033 | USA
Mobile: +1 267 984 3651
| Office: +1 856 795 1722| Fax: +1 856 795 1733

<image001.jpg>
 
From: John, Anil [mailto:Anil.John@jhuapl.edu] 
Sent: Thursday, September 02, 2010 9:44 AM
To: 'gary.cole@oracle.com'; Richard Sand
Cc: 'provision@lists.oasis-open.org'
Subject: Re: [provision] Minutes of the August 30 Meeting of the PSTC.
 
Not a problem Gary. I was just hoping to meet the person who so sympathized with my problem set :-) 


Regards, 

- Anil 

:- 
:- Anil John (JHU/APL) 
:- Currently mobile. Expect brevity. 
:-
 

From: Gary Cole <gary.cole@oracle.com> 
To: John, Anil; Richard Sand <Richard.Sand@skyworthttg.com> 
Cc: OASIS PSTC <provision@lists.oasis-open.org> 
Sent: Thu Sep 02 09:31:38 2010
Subject: Re: [provision] Minutes of the August 30 Meeting of the PSTC.

I apologize.  I don't yet recognize the voice of each person, and I must have confused my notes.
 
Someone mentioned "ID Cloud" and then my next note is about bi-di sync.  Who talked about bidi sync?  Is this unrelated to ID Cloud?
 
On Sep 2, 2010, at 8:16 AM, Richard Sand wrote:


Was it a case of mistaken Anils? J
 
Richard Sand | CEO
239 Kings Highway East | Haddonfield | New Jersey 08033 | USA
Mobile: +1 267 984 3651
| Office: +1 856 795 1722| Fax: +1 856 795 1733

<image001.jpg>
 
From: John, Anil [mailto:Anil.John@jhuapl.edu] 
Sent: Thursday, September 02, 2010 7:37 AM
To: 'gary.cole@oracle.com'; 'provision@lists.oasis-open.org'
Subject: Re: [provision] Minutes of the August 30 Meeting of the PSTC.
 
Gary,

Who or what is ID Cloud? Asking because the comments attributed to them it/them came from me :-) 


Regards, 

- Anil 

:- 
:- Anil John (JHU/APL) 
:- Currently mobile. Expect brevity. 
:-
 

From: Gary Cole <gary.cole@oracle.com> 
To: OASIS PSTC <provision@lists.oasis-open.org> 
Sent: Wed Sep 01 20:13:59 2010
Subject: [provision] Minutes of the August 30 Meeting of the PSTC.

Minutes from the August 30 meeting of the OASIS PSTC.
Meeting Date: August 30, 2010
Meeting Time: 2PM Eastern
Location:         Tel=866.434.5269  Meeting Number=9406791
Duration:         1 hour
Chairs:             Richard Sand, Gary Cole
Recording Secretary:  none
 
Attendees:
 
James Clark (OASIS)
Gary Cole (Oracle)
Robin Cover (OASIS)
Karsten Huneycutt (UNC-Chapel Hill)
Anil John (JHU-APL)
Dan Perry (Skyworth TTG)
Mary McRae (OASIS)
Chris Obremski (JHU-APL)
Anil Saldhana (Redhat)
Richard Sand (Skyworth TTG)
Kent Spaulding (Oracle)
Chi Wu (JHU-APL)
Tom Zeller (Internet2)
 
Four voting members from the previous re-start meeting were unable to attend:
Marco Fanti (Oracle)
Hal Lockhart (Oracle)
Prateek Mishra (Oracle)
Dale Olds (Novell)
 
Agenda:
1) Roll Call and Agenda Review
2) Minute Taker Nomination
3) Approval of Aug 16th Meeting Minutes
4) Discuss the goals going forward for the PSTC
5) Discuss the PSTC charter and whether or not it should be updated
6) Discuss updating the PSTC web site
7) AOB
 
1) Roll Call and Agenda Review:
- Gary took roll.  
- Quorum was achieved:  
   -- Quorum requires more than 50% of voting members.  
   -- Richard called Dan Perry, who joined, so that 6 of 10 voting members were present.
- Voting status changes: none.
 
2) Minute-taker Nomination:
- No one nominated a taker of minutes.  
- Gary accepted responsibility to take notes for this August 30 meeting.
 
3) Approval of Aug 16th Meeting Minutes:
- Attendees approved minutes from Aug 16 without objection or modification.
 
4) Discuss goals for PSTC:
 
- Gary suggested that the committee identify and examine use-cases before deciding whether a new version of SPML is required.
   -- If SPMLv2 adequately addresses those use-cases, then we may need only examples or perhaps a new profile.
   -- Any fundamental inadequacy of SPMLv2 in addressing those use-cases could justify a new major/minor version.
   -- Richard agreed, saying that he had separately reached a similar conclusion.
 
- Participants agreed to post to the list use-cases that SPML should address.
- Participants verbally outlined several types of use-cases that SPML should address.
 
o "The Connector Problem" was summarized as follows:
   -- Current provisioning systems require proprietary connectors.
   -- The vendor of an application (or the deployer of an application) may need to develop such a connector
       or may need to expose management interfaces to support multiple proprietary connectors.
   -- Customers of an application may be unable to provision to the application 
       unless  they buy and deploy (proprietary connectors as part of) a provisioning system.
 
o ID Cloud requires "Bidirectional Synchronization Between Enterprises":
   -- The goal is to use SPML as a "means to an end":
       --- the goal is exchange of attributes across organizational boundaries
       --- perhaps use SAML2 meta-data (or something analogous) to describe available operations
  -- For example, FEMA needs to exchange the attributes of federal responders
     --- each department (e.g., DoD, DHS) assigns people and maintains attributes of those responders
  -- Not a problem with the schema or the payload.  Instead, the Issue is "scale":
      --- Search Capability and Updates Capability impose a significant data-management burden on each PSP
      --- Need ability to limit (i.e., specify in schema) which attributes can be used in search queries.
 
o Requirements for "Provisioning to Cloud-Based applications" (ask Nishant Kaushik or Mark Diodati):
   -- Multi-tenancy
   -- Standard protocol for provisioning to cloud (and to applications in the cloud)
 
o Richard Sand proposes adding specific, "Higher-Level Management Operations" that reflect the lifecycle of identities:
    -- e.g., onboarding, off-boarding, delegating responsibilities, adding/removing membership in roles.
    -- Don't want to rely on shared / common schema.
    -- Define these as Operations (perhaps within new Capabilities that could be standardized).
 
o "Lower The Bar for a PSP" (seems to boil down to eliminating required operations):
    -- For example, SPMLv2 would consider the following providers non-conformant:
        --- A PSP that exposed only Password-Change operations.
        --- A PSP that exposed only 1) the ability to list unique IDs of users with attribute X (e.g., responders);
             and 2) the ability to request a batch dump of all the attributes for those users.
    -- Eliminate the requirement to support listTargets, and core operations.
    -- Define a mechanism (other than listTargets) to advertise which operations a provider supports.
 
o "Standard Schema" (as relayed by Anil John on behalf of SPML SIG at Burton Catalyst):
  -- Optional standard schema (a la inetorgperson) to which providers and requestors can agree.
  -- Gary pointed out that the schema URN mechanism already allows requestors and providers to do this.
      What seems to be missing is the "blessing" of the PSTC or a profile that specifies a schema.
 
o "Conformance" and Interops:
   -- Automated tests for conformance blessed by the PSTC would be nice.
   -- OASIS might have an issue, mainly because OASIS has no software license:
      --- Test Suites are okay.  Samples are okay.  
      --- Reference implementations generally are NOT okay (might have IP problems, subject to OASIS IPR).
  -- Gary suggested that if OASIS cannot do something, members could use another organization 
      (e.g., OpenSPML.org) to contribute certain artifacts.
 
5) Discuss the PSTC Charter and whether or not it should be updated:
- The current charter appears to be out-of-date and does not adequately describe the purpose of the PSTC.
- Gary suggested that we discuss on the list a new charter or changes to the existing charter.
- Richard pointed out that he had made some suggestions in a previous email to the list.
** Please send to the list (and discuss on the list) suggestions regarding the charter. **
 
6) Discuss updating the PSTC web site
- Discussed this only briefly (due to time constraints).
 
7) AOB
- No additional items.
 
** Next meeting: Monday, September 13, 2PM Eastern Time (UTC-05:00) Eastern Time (US & Canada). **
 
 



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]