OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

public-sector-cloud-discuss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [public-sector-cloud-discuss] PROPOSED TC CHARTER



A fundamental point here, what should be regarded as technical and what non-technical?  The list and Charter was drafted by Jamie not Belgian SPFF colleagues and my interpretation is that his list is non-technical  things but I can appreciate that may be open to debate.  So we need to clarify and agree this.  Without question this TC is focusing on non-technical requirements as there is already a plethora of other groups working on technical aspects, so the list has to be unambiguous about that. 


Just a reminder of the process, the purpose of the Discussion List is to agree whether we should proceed with the TC or not, and not to necessarily to agree a final Charter, although a near final version would be good.  So for now let’s not get too hung up on word-smithing the list other than to be very clear about what the list should or should not contain.    I know it’s perhaps a bit of chicken and egg in that people want to see the proposed outputs before agreeing to get involved or not, but I think perhaps we should at this stage just put in some overview of the outputs rather than a definitive list.  


Does that make sense, if so any suggestions for some overview wording of the outputs from all on the List would be appreciated.




From: public-sector-cloud-discuss@lists.oasis-open.org [mailto:public-sector-cloud-discuss@lists.oasis-open.org] On Behalf Of Colin Wallis
Sent: 26 June 2012 01:02
To: public-sector-cloud-discuss@lists.oasis-open.org
Subject: RE: [public-sector-cloud-discuss] PROPOSED TC CHARTER


+1 to Peter’s view on the title.


<<The TC will develop and deliver a non-technical implementation/conformance profile for government i.e. the features that governments want to see in cloud offerings to government.  The profile will include as a minimum the following:>>


Hmm..I see what you are trying to get to here, but for me it’s not quite there yet.

The thing is that much of that list *is* technical and I suspect Belgium wanted that.

What it didn’t have is the (non technical) process (and to a lesser extent but my implication workflow) piece to balance it such that you can achieve and measure both technical interop and non technical process standardization. This latter piece is what in Kantara parlance is called the Service Assessment Criteria (SACs)


So I think the better way to tackle it is to remove the ‘non technical’ reference to the sentence above, but add an additional bullet to the list that addresses the non technical process requirements for standardization







From: public-sector-cloud-discuss@lists.oasis-open.org [mailto:public-sector-cloud-discuss@lists.oasis-open.org] On Behalf Of Peter F Brown
Sent: Tuesday, 26 June 2012 2:09 a.m.
To: John Borras; public-sector-cloud-discuss@lists.oasis-open.org
Subject: RE: [public-sector-cloud-discuss] PROPOSED TC CHARTER


I would keep the current title.
"Requirements" shouldn't automatically invoke the idea that they must be technical (even if, sadly, they all too often do).

Peter F Brown
Independent Consultant
+1 310 694 2278 (USA)
Twitter @PensivePeter

Sent from my phone - Apologies for brevity and typos: it's hard writing on a moving planet

From: John Borras
Sent: 25-Jun-12 2:01
To: public-sector-cloud-discuss@lists.oasis-open.org
Subject: RE: [public-sector-cloud-discuss] PROPOSED TC CHARTER


I really like your "tag-line" of producing an implementation/assurance
profile.  This really nails it for me and provides total clarity of what it
is this TC is about.  I've amended the draft Charter to reflect this. 

Only question in my mind is do we need to change the title of the TC to
include the words "non-technical requirements" as we're not going to produce
the technical spec bits of an assurance profile.  It would make the TC title
rather a mouthful -  OASIS Public Administration Cloud Non-Technical
Requirements Technical Committee (abbreviated as OASIS Public Cloud TC or


-----Original Message-----
From: public-sector-cloud-discuss@lists.oasis-open.org
[mailto:public-sector-cloud-discuss@lists.oasis-open.org] On Behalf Of Colin
Sent: 22 June 2012 01:59
To: public-sector-cloud-discuss@lists.oasis-open.org
Subject: RE: [public-sector-cloud-discuss] PROPOSED TC CHARTER

@Tony: Noting and agree with Tony's point about the additional (seemingly
limitless) works in play right now ..

@John: While I don't disagree with the fundamental thrust of the draft, I
think it could do a slightly better job of contextualising what it is trying
to achieve.
My thought was that if 'cloud' was a spec of IT bits 'n pieces collected
together to offer something (like SAML in spec of XML to offer
authentication), then what we are proposing here is an
implementation/conformance profile for government i.e. what features do
governments want to see in cloud offerings to government.  Once you have
these, you can set up conformance programs to check to see if the features
in cloud vendor x or y are indeed present.

Taking the SAML analogy one step further, armed with the conformance
profile, governments then might agree on how those features (or a sub set
that can be commonly agreed upon) are configured, in what is usually
understood as a deployment profile. This is where the 'levels' come in - the
configuration of the features will vary depending on the level. 

If the SAML conformance and deployment profile notions were well enough
understood, then applying that approach here might help further decompose
what seems to be an amorphous list of stuff..

Linking back to Neil's reference to goings-on in Kantara, it's worth noting
that Kantara does conformance testing and certification for SAML and will do
for OpenID Connect when the spec is stable. And in the non technical spec
area, it does assurance approval of identity IdPs and CSPs. So in essence,
Kantara's work groups outputs are inputs to the assurance and certification
programs. So to Neil's point, the outputs from the proposed Kantara
CloudIDsec wg would inform the work in this group, and visa versa.


-----Original Message-----
From: public-sector-cloud-discuss@lists.oasis-open.org
[mailto:public-sector-cloud-discuss@lists.oasis-open.org] On Behalf Of Neil
Sent: Friday, 22 June 2012 7:52 a.m.
To: public-sector-cloud-discuss@lists.oasis-open.org
Subject: Re: [public-sector-cloud-discuss] PROPOSED TC CHARTER

Thanks John.

Here is an article I have just posted that clarifies the main ideas behind
the Kantara CloudIDsec wg I have proposed for inclusion:


The main idea being the role of Kantara as approved Trust Framework provider
can enable Cloud hosters to be regulated in a form relevant to GovClouds,
meeting the requirements of various relevant Whitehouse & other programs.

Cheers Neil.

> Thanks to all for the messages of support so far and for the
> constructive suggestions.  We will of course need many more supporters
> if we are to get the TC up and running but let's try and consolidate
> what we have so far into
> a possible Charter for the new TC.   Attached is a draft and please feel
> free to edit it as you see fit.  It's important that we get this right
> as it will be used to drive the work of the TC, so for instance have
> we got the right set of Deliverables or are the other things we should
> try and produce?
> Assuming that we can make good progress on this over the next few
> weeks then the plan would be to launch the new TC adjacent to the next
> International Cloud Symposium (ICS 2012) which will be held in
> Washington DC on 10th - 12th October.  It was of course the ICS 2011
> event that was the origin of this new TC so having the first meeting
> at ICS 2012 would be a very good piece of publicity and hopefully
> would attract several new members.
> John
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> public-sector-cloud-discuss-unsubscribe@lists.oasis-open.org
> For additional commands, e-mail:
> public-sector-cloud-discuss-help@lists.oasis-open.org

Neil McEvoy
Founder and President
Level 5 Consulting Group

CAUTION:  This email message and any attachments contain information that may be confidential and may be LEGALLY PRIVILEGED. If you are not the intended recipient, any use, disclosure or copying of this message or attachments is strictly prohibited. If you have received this email message in error please notify us immediately and erase all copies of the message and attachments. Thank you.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]