I am somewhat surprised nobody has responded. I think it is much better - but it is a bit misleading to say that it has not changed significantly. The entire numbering scheme has changed - making all my QA spreadsheets invalid. There are also a couple of content changes in the area where I am working and it may affect other people.

Introduction. "a learning platform is not expected to be a single product but rather a collection of interoperable systems or modules, possibly from different suppliers." This is our situation - and requires cooperation of suppliers to obtain the right level of interoperability.

#1.3.2 - "The learning platform shall provide cross-domain single sign-on capability in order to enable easy access to a range of systems. Common single sign-on frameworks should be used, and providers should take steps to avoid unauthorised access." Our users are seeking this. Being mandatory, are users and suppliers fully aware of what this might cost? Why has Shibboleth been expurgated? We are struggling of deciding between Sun, Liberty Alliance, WS Federation, Microsoft, Government Gateway, Shibboleth, Smartcards, RSA tokens, biometrics, identity providers, certificates, relying parties, assertions, SAML2 tokens, LDAP directories, card space ... do you want me to go on?

Do Becta really expect the average school to comprehend all this and buy the right one from the local shop?

It's much better to have 2 levels of documentation.

1. A functional set of requirements that's user readable, excluding technobabble;

2. A technical specification that contains quality assurance criteria that can be tested, and allow a school to cancel a contract without penalty if there is poor performance.

On the technical side, the risk is that suppliers tick the box that they can do it - and sort out the implementation problems later. Look at Prince2 product descriptions to see a respectable way to structure it. For example, there probably aren't many people around that can confirm SCORM and SSO compliance just by looking at supplier documentation. When the time comes to use it, I expect there will be a few "Whoops, there must be a bug in the code" or "We are doing it right, it must be the other guy". It would be interesting to get some feedback on how well the Becta Framework suppliers are doing against the specifications.

I have already posted about SCORM. My research into authentication and single sign on is incomplete, and reveals new twists on a weekly basis. Ideally teachers should be able to have SSO to their learning platform, e-portfolio, school administration, local authority, RBC and possibly ContactPoint systems. It would remove the need for multiple passwords, tokens or smartcards. Technology is available, but the registration processses, codes of connection and information sharing protocols, I'll wager, are just not in place. The wider information assurance aspects should be considered now, not next year.

Unless there is communication of these issues and setting of realistic expectations there's going to be an awful lot of demoralising frustration in 2009 - and beyond.