IETF Logo Mail Archive

Re: [scim] Globally Unique Resource Identifiers

"Phil Hunt (IDM)" <phil.hunt@oracle.com> Wed, 09 August 2017 23:19 UTC

Return-Path: <phil.hunt@oracle.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 60B2A131EA7 for <scim@ietfa.amsl.com>; Wed, 9 Aug 2017 16:19:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.23
X-Spam-Level:
X-Spam-Status: No, score=-2.23 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=1.989, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id m9h78K2EH-Lq for <scim@ietfa.amsl.com>; Wed, 9 Aug 2017 16:19:48 -0700 (PDT)
Received: from userp1040.oracle.com (userp1040.oracle.com [156.151.31.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4CCE81204DA for <scim@ietf.org>; Wed, 9 Aug 2017 16:19:48 -0700 (PDT)
Received: from userv0021.oracle.com (userv0021.oracle.com [156.151.31.71]) by userp1040.oracle.com (Sentrion-MTA-4.3.2/Sentrion-MTA-4.3.2) with ESMTP id v79NJkJq031843 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 9 Aug 2017 23:19:47 GMT
Received: from aserv0122.oracle.com (aserv0122.oracle.com [141.146.126.236]) by userv0021.oracle.com (8.14.4/8.14.4) with ESMTP id v79NJkfv007545 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 9 Aug 2017 23:19:46 GMT
Received: from abhmp0015.oracle.com (abhmp0015.oracle.com [141.146.116.21]) by aserv0122.oracle.com (8.14.4/8.14.4) with ESMTP id v79NJkWb016599; Wed, 9 Aug 2017 23:19:46 GMT
Received: from [25.90.18.53] (/24.114.44.187) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Wed, 09 Aug 2017 16:19:46 -0700
Content-Type: multipart/alternative; boundary="Apple-Mail-FBAAC704-0D5D-441D-AE2C-528BBD140468"
Mime-Version: 1.0 (1.0)
From: "Phil Hunt (IDM)" <phil.hunt@oracle.com>
X-Mailer: iPhone Mail (14G60)
In-Reply-To: <CAGUsYPy2CQCxMRzfoFdHGv-_LPHJtJTG3D_FPJwmKf-2qtWL9Q@mail.gmail.com>
Date: Wed, 09 Aug 2017 16:19:28 -0700
Cc: "scim@ietf.org" <scim@ietf.org>
Content-Transfer-Encoding: 7bit
Message-Id: <DCB2528F-9781-43CA-82CE-2E6ED7CDDAAB@oracle.com>
References: <CAGUsYPy2CQCxMRzfoFdHGv-_LPHJtJTG3D_FPJwmKf-2qtWL9Q@mail.gmail.com>
To: Shelley <randomshelley@gmail.com>
X-Source-IP: userv0021.oracle.com [156.151.31.71]
Archived-At: <https://mailarchive.ietf.org/arch/msg/scim/34OCcUwGZagtTDfm6cOh8slfU6o>
Subject: Re: [scim] Globally Unique Resource Identifiers
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/scim/>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Aug 2017 23:19:50 -0000

Missed the second part. Most people use guids for this purpose to avoid having to check for conflict.  

If you use an id subject to change you are asking for problems. At least that was the lesson of ldap DNs.  Guids bring stability in many forms. 

Phil

> On Aug 9, 2017, at 3:07 PM, Shelley <randomshelley@gmail.com> wrote:
> 
> The SCIM specification indicates that the id [1]:
> 
>> MUST be unique across the SCIM service provider's entire set of resources.
> 
> Is this implying that the identifier must be globally unique across all types of resources, or simply that the identifier must be unique across all resources of the same type? Further, how does this statement account for tenancy?
> 
> Requiring uniqueness across resource types may incur undue burden on service providers to maintain. All resources are relative to a type, e.g. /Users/<id>. Even the global search functionality doesn't require global uniqueness because the combination of resourceType and id may be used to uniquely identify resources. Further, the SCIM 1.1 specification did not have this requirement, so this could make uplifting to SCIM 2.0 more difficult for some providers.
> 
> [1] https://tools.ietf.org/html/rfc7643#section-3.1
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_scim&d=DwICAg&c=RoP1YumCXCgaWHvlZYR8PQcxBKCX5YTpkKY057SbK10&r=JBm5biRrKugCH0FkITSeGJxPEivzjWwlNKe4C_lLIGk&m=GhthQiFLtNDfeeWDzdzah76F9C9b1Z6OivTWsj3UPas&s=S4YVRZEMfzCuzu7pj12Xn5Spd2lfIj03DsMls_2rOVY&e=

v2.23.0 | Report a Bug | By Email