First of all, I have to say that CMIS is a very good start point for the standarization of CMS-based applications.
But in my opinion there are two important points that CMIS doesn't cover:
* Authentication: There aren't any primitives in order to acomplish the user authentication against the repository.
* Security: There aren't any primitives to manage the securiry and the permissions of the different parts of the repository.
For these reasons is not possible to create an CMS-based application which can use whatever CMS through CMIS. We need to develop authentication and security bussiness cases for each CMS that we want to be compatible.
It's a pitty that the standard don't cover these points.
What do you think?
Regards