[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [provision] ask the cloud : why not SPML ?
The big change in federation is "presumption of state". Provisioning often assumes full control over the state of records between systems. IOW, once system assumes it logically controls records in another system. In federated relationships this isn't true. There are often multiple relationships and multiple partners. You often cannot assume for example, that just because you want to add a record at a federated partner, that the federated partner won't have a collision. Another further complication is that security and confidentiality measures may prevent the kind of error signalling we're used to getting for inside-the-firewall scenarios. From the SAML community it is interesting to note that almost no production system gives detailed or specific errors. If this wasn't an issue, then SPML alone would be fine. The ChangeNotify proposal was one possible way to introduce enough decoupling to allow SPML to potentially work. The big question there is should it be de-coupled from SAML and made more HTTP generic. Phil phil.hunt@oracle.com On 2011-04-01, at 12:11 PM, Tom Zeller wrote: >> Do you have enough information to describe the business problem(s) we are >> trying to solve? Then yes, please do. I'd really like to know what's >> different about provisioning to the cloud and how we could change SPML to >> better support that. > > The business problem is : the (complete) lack of SPML support. > > I agree that, in many ways, "federated" or "cloud" provisioning is > just like Larry Ellison said, "vapor". I think Phil Hunt did a great > job in explaining federated provisioning as provision at-a-distance, > but that doesn't seem to require any changes to SPML. > > However, it would be great to know why Google, Microsoft, Facebook, > etc. do not support SPML. Is it a technical issue ? If so, those folks > certainly have the resources to rectify a technical insufficiency. If > it is a "business" issue, then I am not sure that we can do anything > about it, other than get lots of folks in higher-ed to use SPML and > encourage change. We can try, we have some folks (like myself) writing > SPML tools and sharing them. > > TomZ > > --------------------------------------------------------------------- > To unsubscribe from this mail list, you must leave the OASIS TC that > generates this mail. Follow this link to all your TCs in OASIS at: > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]