comanage-dev - Re: [comanage-dev] updated slides
Subject: COmanage Developers List
List archive
- From: Tom Barton <>
- To: Ken Klingenstein <>
- Cc: CoMaNaGe-DeV <>
- Subject: Re: [comanage-dev] updated slides
- Date: Mon, 05 Apr 2010 21:49:18 -0500
Ken Klingenstein wrote:
Folks,
Attached are a set of slides that try to work in some of my deliverables from last week's Comanage call. I'd appreciate comments on any of it, but in particular:
slides 7, 8, 9 - new - are they correct (apps are a different color to show that they can be somewhere else). is sts too visible? should ldappc be in there somewhere
Slide 7: Add usage reporting?
Slide 8:
Should the shib idp and the sts be shown as connected? Together they cover a range of token types that can be used to signal equivalent claims to apps, whether they are used in parallel or serially.
Should invitation/registration/account linking be given its own box? Or maybe that's one aspect of a box signifying collab administration. Or is that in the dashboard? How about usage reporting?
Maybe the "ldappc including provisioning" box should be "ldappc/SPML provisioning".
Looks like 3 long thin orange things at bottom must be the apps you mention? The bottom one has some subtle curves too. Is there some significance to that?
Slide 9:
Have there been conversations, among some CIOs perhaps, about the prospect for enterprises to send citizenship as an attribute?
slide 12 - do they answer the question of "what forms can COmanage take?"
Replace "directory product" with "data store". Same term as in slide 8.
slides 16-18 - are the flows illustrative? correct?
If the data store contains info sourced by comanage (groups, some attributes), I'd expect most flows to include an arrow from the data store infusing that info into the arrow going to an app - the basic aggregation that comanage does. I guess through the "project comanage" box. Sorta like that "pdp extra pass" one, though I think it happens whether there's a pdp in there or not.
One missing flow is like slide 16 or 17, but with another store associated with the relying party (and not with comanage). In that flow the relying party's SP receives the info arrow from comanage but also grabs info from the local access management store. That allows a relying party to maintain whitelist/blacklist power over users hitting their app.
I'm not sure if the idea is conveyed that some enterprise data might be stored in the data store (and refreshed each time a user uses comanage) that's there for reporting purposes as much as anything else.
Tom
- updated slides, Ken Klingenstein, 04/05/2010
- Re: [comanage-dev] updated slides, Tom Barton, 04/05/2010
- Re: [comanage-dev] updated slides, Niels van Dijk, 04/06/2010
- Re: [comanage-dev] updated slides, Tom Barton, 04/06/2010
- Using collab groups identifiers in an international context, Niels van Dijk, 04/08/2010
- Re: [comanage-dev] Using collab groups identifiers in an international context, RL 'Bob' Morgan, 04/08/2010
- Re: [comanage-dev] Using collab groups identifiers in an international context, Tom Barton, 04/08/2010
- Re: [comanage-dev] Using collab groups identifiers in an international context, Niels van Dijk, 04/09/2010
- Re: [comanage-dev] Using collab groups identifiers in an international context, Tom Barton, 04/09/2010
- Followup on Fridays call, Niels van Dijk, 04/12/2010
- Re: [comanage-dev] Followup on Fridays call, Tom Barton, 04/13/2010
- Re: [comanage-dev] Followup on Fridays call, Niels van Dijk, 04/13/2010
- Re: [comanage-dev] Using collab groups identifiers in an international context, Tom Barton, 04/09/2010
- Re: [comanage-dev] Using collab groups identifiers in an international context, Niels van Dijk, 04/09/2010
- Using collab groups identifiers in an international context, Niels van Dijk, 04/08/2010
- Re: [comanage-dev] updated slides, Tom Barton, 04/06/2010
Archive powered by MHonArc 2.6.16.