All good requirements.
1) High availability of IDP.
I think this will go along with the high availability of the containers. JBoss Clustering (ClusteredSingleSignOnValve needs to be turned on).
2) The IDM API is supposed to be the provisioning api. Certainly SPML can be used between the consoles and the API.
3) There will be WS-T support in addition to ID-WSF.
4) Auditing will be available as part of the JBoss Security integration (a loose end that I am still trying to get integrated).
5) This is the higher layer above JBossXACML that Sohil has been driving.
Currently, there are some hooks in the IDM layer for pseudonyms etc. We need to do https://jira.jboss.org/jira/browse/JBID-64 to get the Identity Federation layer aware of IDM.
As I view it, IDM is a identity layer that handles user/roles/attributes combination for a particular domain. Between domains, there can be federation.