>>>>> "David" == David Chadwick <[log in to unmask]> writes:
David> number of reasons: i) A CoI comprises IDPs and SPs. This
David> granularity is too large. A VO comprises a subset of users
David> from an IDP, not all of the IDP's users. A VO may comprise a
David> subset of the resources held by an SP, not all its resources.
It's true at the trust router layer that a COI is defined in terms of
realms. I'd expect people would tend to build layers on top of that
with better granularity.
David> So, questions to this group are:
David> 1. Do we agree that CoIs and VOs are different concepts?
No.
David> 2. Do we wish to limit SPs to only be members of a single
David> CoI, and if so, why?
It would be nice if a SP could be part of multiple communities.
In general, I don't think this will be possible, nor does our technology
particularly support it.
I do think this will influence how people draw community boundaries.
I do think that mapping existing VOs into Moonshot will work poorly in
part because of this.
If it turns out that political issues force community boundaries that
work very poorly for this choice then we'll end up regretting the
choices that make it difficult for an SP to belong to multiple
communities more than if that ends up working out differently.
I don't think we have enough information to know how people will draw
community boundaries yet.
