Subject RE: VO challenges - article
From Suresh Balakrishnan <suresh@xxxxxxxx>
Date Tue, 27 Oct 2015 13:14:37 -0400

   Please delete my email address (suresh@xxxxxxxx) from this listserv.  Thanks.
   -----Original Message-----
From: Cantor, Scott [mailto:cantor.2@xxxxxxx] 
Sent: Tuesday, October 27, 2015 1:08 PM
To: Jones, Mark B; Niels van Dijk; refeds@xxxxxxxxxx
Subject: Re: [refeds] VO challenges - article
   On 10/27/15, 12:52 PM, "Jones, Mark B" <Mark.B.Jones@xxxxxxxxxxx> wrote:
   >[Mark] I'm still not understanding what you think campuses should be doing in 
   >support of VOs.  I suspect that a concrete example would help.
   I think campuses should be managing data for applications about their users in their own IDM systems, with different degrees of control, access, ownership, etc. That's as concrete as I can be because where I work we don't (and won't) do that, so I don't have much exposure to the practicalities of it. I just think if we don't do that, we won't do much of anything else in the medium term either.
   >[Mark] Is it easy to replace authentication with a commodity?
   My own opinions are more measured, but most people seem to believe so.
   >Are you suggesting that it would be easy to replace campus authentication with Google
   >or some other external authentication provider?  If that is true then why 
   >would campus IT bother continuing to provide that service?
   Inertia. In a few cases perhaps a legitimate feeling that selling out to Google is bad, which of course presupposes that that is the only alternative. But mostly inertia and risk aversion to me.
   -- Scott