>>>>> "David" == David Chadwick <[log in to unmask]> writes: David> number of reasons: i) A CoI comprises IDPs and SPs. This David> granularity is too large. A VO comprises a subset of users David> from an IDP, not all of the IDP's users. A VO may comprise a David> subset of the resources held by an SP, not all its resources. It's true at the trust router layer that a COI is defined in terms of realms. I'd expect people would tend to build layers on top of that with better granularity. David> So, questions to this group are: David> 1. Do we agree that CoIs and VOs are different concepts? No. David> 2. Do we wish to limit SPs to only be members of a single David> CoI, and if so, why? It would be nice if a SP could be part of multiple communities. In general, I don't think this will be possible, nor does our technology particularly support it. I do think this will influence how people draw community boundaries. I do think that mapping existing VOs into Moonshot will work poorly in part because of this. If it turns out that political issues force community boundaries that work very poorly for this choice then we'll end up regretting the choices that make it difficult for an SP to belong to multiple communities more than if that ends up working out differently. I don't think we have enough information to know how people will draw community boundaries yet.