See subject:
Self-service tooling requires fine-grained authz -- it's NOT about
the application protocol.
If someone says "let's put this config data in DNS" and someone responds
"DNS is too difficult to manage", the answer isn't necessarily "let's
invent a new protocol".
After all, similar things could be said of LDAP.
This is bound to happen over and over until this sinks it:
- it's not easy to manage if there's no self-service tooling
- self-service tooling requires fine-grained authorization
- self-service tooling requires delegation of authorization[*]
- no self-service tooling -> helpdesks
Nico
[*] Delegation of authorization == the ability to grant the ability to
grant to others.
