Pushing forward on Standards-based Provisioning

Lest all the recent posts about “pull”-based identity make you think that I have completely forgotten about good old “push”-based identity provisioning, here is some news on that. As I have discussed here in the past, SPML has been under a cloud in recent years, with low adoption and a litany of issues being documented. At the same time, the need for a standards-based approach has never been clearer. So something needs to be done.

This was the topic of discussion at a SIG on Standards-based Provisioning organized by Gartner’s Mark Diodati at the recent Catalyst conference. The meeting was attended by some really smart folks in the community, and engendered a lively discussion on the future of SPML and the direction it should take. Mark has published a statement on the Gartner blog network that reflects the outcome of the discussion. Given the recent reboot of the Provisioning Services Technical Committee at OASIS, this is an important document for everyone concerned to read.

One of the most important points raised during the meeting was this:

In trying to address every possible use case, interoperable provisioning services leveraging the SPML v2 standard became impractical. Since the approval, few (if any) conformant implementations exist due to the complexity of the v2 standard.

The path to success in the standards world is based on a focused approach to solving specific use cases. No standard can be all things to all people, and with provisioning in particular, we need to recognize that there are different approaches that solve the challenge in optimal ways for their use cases (my recent assertion regarding IGF as underlying pull-based provisioning is an example). So there need to be an effort to continue refinement of SPML 2.0, making it simpler to implement and based on specific use-cases that are of interest to the community. If you have such use-cases, please consider joining the discussion within the PSTC and submitting them there. There is much that needs to be done.

And a big thank you to Mark for pulling together the SIG. It was an excellent and timely effort, one that I hope proves instrumental in accomplishing it’s goal.