Now when you signup for Google Apps you are asked to provide a domain onto which these apps will run and Google then allows you to provide branding of that domain. Google has the option to provide lots of applications (Word Processing, Spreadsheets, Calendaring, etc) and here I am talking about providing about everything except GMail which is a much more complicated issue.
My personal thinking is that OUCS should provide this service to its users and view it in a similar way to how it will provide a Shibboleth service. We provide the authentication, but the actual application is run and managed by someone else and the users should be aware of that. The possible problem with running Google Apps on an Oxford domain (docs.ox.ac.uk) is that it looks like an Oxford endorsed service and that if you have issues with it you should visit the Oxford helpdesk. However if Oxford could use the domain oxford.google.co.uk (or similar) then I believe it is much clearer that the service is provided by Google and Oxford is just providing the integration with SSO.
For a little effort we have the ability to make users lives easier in that they only need to sign on to WebAuth and they automatically get access to Google Apps. As Google already provides this service free to individuals there is nothing to stop any member of Oxford University just visiting Google and signing up for an account.
This also shows members of the University how SSO makes lives easier and how OUCS is looking to embrace new tools. But I think that we need to be clear that OUCS isn't endorsing the use of Google Apps and isn't supporting it (Google is). And why stop at Google Apps, if other companies provide similar authentication integration service why not integrate with them?