Gary,
I’m
very much in favor of the revisions you suggested below to the charter.
To add to what you suggested, what about the following tweaks for the statement
of purpose:
Inter-
and intra-enterprise application architectures require interoperable
provisioning services that transcend the boundaries of single security domains.
The interoperable exchange of identity information between domains, including
the ability to manage identities across such domains, is crucial to developing
solutions for provisioning across arbitrary system types and topologies.
The
purpose of the TC is to define, enhance, and maintain a standard XML-based
framework for creating and managing information representing user identities
and related entities.
Dan Perry
239 Kings Highway East | Haddonfield | New Jersey 08033 | USA
Mobile: +1 609 721 2219 | Office: +1 856 795 1722 | Fax: +1 856 795 1733
From: Gary Cole
[mailto:gary.cole@oracle.com]
Sent: Monday, September 13, 2010 10:56 AM
To: OASIS PSTC
Subject: [provision] PSTC Charter
The current charter of the PSTC can be found at: http://www.oasis-open.org/committees/provision/charter.php
For convenience in discussion, I include it below, after my signature.
Offhand, the first things that bug me about the current charter are:
1) Mentions of resource and service provisioning. SPML can be used for
almost anything, but to me it's aimed solidly at user provisioning.
2) Future tense; this says the committee will develop (rather than has developed
and will maintain).
3) Mentions of Provisioning specifications including ADPr, XRPM, ITML.
Those specs were not particularly influential in the development of SPML,
and they are not relevant now.
4) List of Deliverables mentions "Bindings". The PSTC
developed a file-based binding for SPMLv1, but that was more of a sample / POC.
Bindings were not a deliverable in SPMLv2.
5) Past dates. Says the goal is to submit for approval by 2002.
I've also included for comparison, the charter of the SAML TC. The
live version can be found at: http://www.oasis-open.org/committees/security/charter.php.
IMO, we could get a pretty good start by copying and modifying that Charter.
For example, see the following rough draft:
OASIS Provisioning Services TC
|
The original Call For Participation for this TC may be found at
<link>. The charter was revised at the a meeting of the TC on <date> as
minuted at <link>.
Name The official name is the Provisioning Services Technical Committee (PSTC).
It is sometimes unofficially called the "SPML TC" or the
"PSTC/SPML committee". Statement of Purpose Inter- and intra-enterprise application architectures require
interoperable provisioning services that transcend the boundaries of single
security domains. The interoperable exchange of identity information between
domains, including the ability to manage identities across such domains, is crucial
to developing solutions for business problems such as <problem1>,
<problem2>, and <problem3>. The purpose of the TC is to define, enhance, and maintain a standard
XML-based framework for [creating and managing information objects that
represent user identities and related entities]. Scope of Work The TC is engaged in evolving the suite of SPML specifications and in
applying those specifications to use-cases that are of interest to its
members. The Statement of Purpose above will guide the scope of this effort,
which continues after the release of SPML 2.0.
List of Deliverables The TC released the V2.0 specifications on <date>. Work products may
include updates to the following specifications published by the TC for V2.0:
Additional documents, such as new SPML profile specifications may also be
produced at the Committee's discretion. Audience The primary audience for the final output of this TC are the architects
and implementers of provisioning services. Language of the TC All business of the TC will be conducted in English. |
Gary
Name
OASIS Provisioning Services Technical Committee (PSTC)
Statement of Purpose
The purpose of the OASIS Provisioning Services Technical Committee (PSTC) is
to define an XML-based framework for exchanging user, resource, and service
provisioning information. The Technical Committee will develop an end-to-end,
open, provisioning specification developed from Provisioning specifications
including the following: (The following specifications are of public knowledge,
accessible, and freely distributed).
- Active Digital Profile (ADPr)
- eXtensible Resource Provisioning Management
(XRPM)
- Information Technology Markup Language (ITML)
And any other relevant and timely submissions will be taken into
consideration.
List of Deliverables
The PSTC will produce a set of one or more Committee Specifications that
will cover the following:
- Use cases and requirements
- Information model
- Protocol(s)
- Bindings
- Conformance
All of the aforementioned are to be examined with respect to security
considerations.
The goal (subject to revision) is to submit a Committee Specification to the
OASIS membership for its approval by September 2002.
OASIS Security Services TC
|
The original Call For Participation for this TC may be found at http://lists.oasis-open.org/archives/tc-announce/200011/msg00005.html The charter was revised at the first meeting of the TC on 9 January 2000,
as minuted at http://lists.oasis-open.org/archives/security-services/200101/msg00014.html The charter was further revised at a meeting of the TC on 18 February
2003, as minuted at http://lists.oasis-open.org/archives/security-services/200302/msg00049.html The charter was further revised as discussed at a TC meeting on 11
November 2003 (see http://lists.oasis-open.org/archives/security-services/200311/msg00042.html)
with balloting from 12 to 19 November (see http://www.oasis-open.org/apps/org/workgroup/security/ballot.php?id=268&) The charter for this TC is as follows. Name The official name is the Security Services Technical Committee (SSTC). It
is sometimes unofficially called the "SAML TC" or the
"SSTC/SAML committee". Statement of Purpose Inter- and intra-enterprise application architectures require
interoperable security solutions that transcend the boundaries of single
security domains. The interoperable exchange of security information between
domains, including the ability to federate identities across such domains, is
crucial to developing solutions for business problems such as performing Web
Single Sign-On, utilizing distributed authorization services, and securing
e-business transactions. The purpose of the TC is to define, enhance, and maintain a standard
XML-based framework for creating and exchanging authentication and
authorization information. Scope of Work The TC is engaged in evolving the suite of SAML specifications. The scope
of the SAML 2.0 effort will be guided by the above Statement of Purpose. This
effort will deliver on the following goals:
List of Deliverables The TC is targeting the V2.0 release for the middle of 2004. The release
will include updates to the following specifications published by the TC for
V1.1:
Additional documents, such as new SAML profile specifications may also be
produced at the Committee's discretion. The TC's intent is to pursue OASIS
Standard status for all SSTC Draft Specifications. Audience The primary audience for the final output of this TC is security system
architects and implementers. Language of the TC All business of the TC will be conducted in English. |