I have learned a lot regarding CMIS
from Pie and had some additional thoughts on how this specification can be improved...
I’m torn here. I believe that CMIS should be 100% supported, but it does not cover everything. There will always be some vendor specific features that will need to be listed.
I have always found it fascinating as to how vendors almost always seem to gravitate towards the lowest common denominator when a superset conversation may be the better answer. Let's agree that vendors want to do the bare minimum and their customers always want additional functionality. In this scenario, why couldn't they have noodled every single Documentum function and figured out a way to indicate whether the functionality was implemented. A CMIS implementation could throw a Not Implemented Fault.
As for XACML, it is out and it doesn’t appear to have been close. I’m guessing it has to do with simplicity.
I suspect that it may be more due to the fact that knowledgable security professionals aren't participating in the creation of CMIS and therefore you are going to get status quo solutions. The agenda doesn't seem to show any security professional participating in a security discussion.
I feel that taking DFS out of the loop would make for a more efficient implementation.
Any predictions on whether this will actually happen? After all, they just invented it and it would take Craig Randall to acknowledge that the baby he created isn't that cute. Could you see him admitting this in public?
This needs to be easy. There are pros and cons to every choice here. Clear documentation is what will help, regardless of the choice. I prefer more self-describing, but I would rather other’s chimed-in on this one.
The WSDL used by Stellent tends to be more self-describing than the DFS stuff. It would be great if they used annotation/documentation tags along with choice to describe vs pointing users to another source for values.
How should compression be handled within an ECM SOA? Carefully? This is actually a concern of mine. Simple use-case, a scanned image sits in a repository. It has been decreed that at the stored resolution, it meets the requirements to be a record. Now you compress it for transmission to the consumer application. Is it still an official copy, or just a referential copy for research purposes? I don’t know the answer to that question.
My take on this is that this is determined by the consumer and therefore there should be a way to request compression within CMIS.