Re: [scim] Thoughts on the SCIM Cursor Based Pagination draft
David Brossard <dbrossard@salesforce.com> Wed, 07 December 2022 18:16 UTC
Return-Path: <dbrossard@salesforce.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E4B8AC14CF09 for <scim@ietfa.amsl.com>; Wed, 7 Dec 2022 10:16:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.003
X-Spam-Level:
X-Spam-Status: No, score=-2.003 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, HTML_OBFUSCATE_10_20=0.093, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=salesforce.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RrC0eDUMZqDC for <scim@ietfa.amsl.com>; Wed, 7 Dec 2022 10:16:48 -0800 (PST)
Received: from mail-wr1-x42b.google.com (mail-wr1-x42b.google.com [IPv6:2a00:1450:4864:20::42b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 870F0C1522B3 for <scim@ietf.org>; Wed, 7 Dec 2022 10:16:48 -0800 (PST)
Received: by mail-wr1-x42b.google.com with SMTP id bx10so29321775wrb.0 for <scim@ietf.org>; Wed, 07 Dec 2022 10:16:48 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=salesforce.com; s=google; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=hnn2k1IpwQmlbyQ0ZQwp0ZqfpwVGRCJDhISmPan6/oY=; b=ffLTfO9ZSs6xda9P0DzvfsXC3ZQVYQhEvuyZIFq8jA30hiIWfH0xxaNN9gsJN8LKs2 8yTkV8Hif1FtQN/+MBJZjFaGjqQdjJqE+C/yfz6qoFwtCzdKPPB5vCxiLZPzoPK2uFa2 XmbEHLaJjkj/BMAPjdqjEdDimAZcy39Wm/JMU=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=hnn2k1IpwQmlbyQ0ZQwp0ZqfpwVGRCJDhISmPan6/oY=; b=Z8+faGt69fXTLh+hQvCEce1DsL3GxWWl/1n0PKIJqd0M9X4xe4SF16otkAO+DESN/c zYRILmByWmMmKzyis0H9qdmbtfaP80PMmFz5XXGap5h7kuXbl0TJeCGae6Nyumzrr5La 1tzUmK0ymETb9RrNIsS4BjB0r+8JCVCYCgwHaEl+Q3et9O3ZVUyw0T6HS5PR4KEtYhGs gStdgjD2fvoaQCvCA9pkYygHQk6up6J5X6eQekm6B4Bwab2ttmWVV/W39TtEtFkrInGE 5haV7bT+pqj0730mJ5ZV5l0HaR2LwTBYtLs2fid74tGliAAUNgnKU1omZbPjqcdzNidm WfKA==
X-Gm-Message-State: ANoB5pnLHMtsYcBsMW8q3U1uJLTH88QwHJ1MHK8oT6v74diHA8M+kbD5 M4AOx7ZbDY1vnMY+9b2/whZN1Hbp1Kg1p9ksTp0422icd9MkSdbE1sQ=
X-Google-Smtp-Source: AA0mqf6BsJEUYfsIq8+6h3gRw23p/D1fhF+8scAqnwD5qthL8ZhckAvDxH6QX9mrMlk8lEnwHWHBrOoYtF8Ccg3UqOA=
X-Received: by 2002:adf:fcc8:0:b0:242:453f:fd14 with SMTP id f8-20020adffcc8000000b00242453ffd14mr14262622wrs.468.1670437006569; Wed, 07 Dec 2022 10:16:46 -0800 (PST)
MIME-Version: 1.0
From: David Brossard <dbrossard@salesforce.com>
Date: Wed, 07 Dec 2022 10:16:36 -0800
Message-ID: <CAKSYhST7CP5+dDhzModUAxvqvNp0neLDjF4yQZt0ovB6KS9A-Q@mail.gmail.com>
To: scim@ietf.org
Content-Type: multipart/alternative; boundary="0000000000006583e005ef40ecc9"
Archived-At: <https://mailarchive.ietf.org/arch/msg/scim/JMx2f2svHjZBqa7zt9Cjy0oMBMk>
Subject: Re: [scim] Thoughts on the SCIM Cursor Based Pagination draft
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/scim/>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Dec 2022 18:16:53 -0000
Dear all, We're also in support of WG adoption of the cursor-based pagination draft. Cursor-based pagination is definitely a problem that needs tackling. Cheers, David. -- *David Brossard* Sr. Director of Product Management Identity | Salesforce ---------- Forwarded message ---------- From: Pamela Dingle <Pamela.Dingle@microsoft.com> To: "Saxe, Dean" <deansaxe=40amazon.com@dmarc.ietf.org>, "scim@ietf.org" < scim@ietf.org> Cc: Bcc: Date: Tue, 6 Dec 2022 05:27:27 +0000 Subject: Re: [scim] [EXTERNAL] Thoughts on the SCIM Cursor Based Pagination draft I too am in support of WG adoption of the cursor-based pagination draft. This group has done a great job of examining alternatives, we have dedicated a lot of time to the topic and at this point, I believe Nancy and Aaron will be able to identify sufficient interest in both editorship and in review/implementation participants to let us get this draft formally into the process. We may not have all the details right yet, but that's ok, we aren't voting to finalize the draft, only to begin work. And as Dean noted, there is no reason why *both* the cursor-based and the event-based drafts can't be worked on at the same time. Looking forward to chatting tomorrow in the interim meeting! Cheers, Pam ------------------------------ *From:* scim <scim-bounces@ietf.org> on behalf of Saxe, Dean <deansaxe= 40amazon.com@dmarc.ietf.org> *Sent:* Tuesday, December 6, 2022 7:25 AM *To:* scim@ietf.org <scim@ietf.org> *Subject:* [EXTERNAL] [scim] Thoughts on the SCIM Cursor Based Pagination draft Some people who received this message don't often get email from deansaxe= 40amazon.com@dmarc.ietf.org. Learn why this is important <https://aka.ms/LearnAboutSenderIdentification> Since IETF115 last month, I have had multiple conversations regarding the need for a cursor-based pagination mechanism in SCIM. The discussions were driven by the challenges of using index-based pagination mechanisms with large data sets. Through this work it has become clear to me that cursor- based pagination is a significant improvement over the existing index-based mechanism. This is specifically called out in draft-peterson-scim-cursor-pagination-01 <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-peterson-scim-cursor-pagination%2F&data=05%7C01%7Cpamela.dingle%40microsoft.com%7C13033f2d54a447283a1808dad7074dc7%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638058723706186540%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=ClzbHcPxmClZs407p%2B1MBM7BqFbcnQWfUiE6dawoHp8%3D&reserved=0>: “Translating from an underlying cursor-based pagination pattern to the index-based pagination defined in Section 3.4.2.4 of [RFC7644] ultimately requires the SCIM service provider to fully iterate the underlying cursor, store the results, and then serve indexed pages from the stored results. This task of "pagination translation" dramatically increases complexity and memory requirements for implementing a SCIM Service Provider, and may be an impediment to SCIM adoption for some applications and identity systems." Beyond the implementation challenges posed by index-based pagination, cursor -based pagination addresses the need for strong read consistency in SCIM. Further, this gap is addressed in the draft by building upon the existing primitives in the SCIM RFCs using RESTful APIs. The draft does not require existing servers or clients to change their implementation if the current patterns are sufficient. Servers that choose to enable cursor-based pagination may continue to support an index-based method. Importantly, the changes required in SCIM clients to enable support for the proposed cursor- based pagination are narrowly scoped. Recognizing that there is also support for an event-based model as proposed in draft-ietf-scim-events-00 <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-ietf-scim-events%2F00%2F&data=05%7C01%7Cpamela.dingle%40microsoft.com%7C13033f2d54a447283a1808dad7074dc7%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638058723706342797%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=eotK90BZXXIzaRnaHnVPEaKvjbJgUEAr4rjTWINYovg%3D&reserved=0>, I want to be careful not to frame the discussion as an either-or proposition. None of the proposed changes for cursor-based pagination detract from the proposed event driven model. Instead, both models may be used by implementers, if necessary to meet the implementers’ use cases. Based on this, I propose that the working group focuses on adopting the Internet-Draft for cursor-based pagination to meet the industry’s immediate needs with minimal protocol changes, while continuing to develop the event- based draft. I invite other working group members to add their thoughts, as well. Respectfully, -dhs *--* *Dean H. Saxe, CIDPRO <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fidpro.org%2Fcidpro%2F&data=05%7C01%7Cpamela.dingle%40microsoft.com%7C13033f2d54a447283a1808dad7074dc7%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638058723706342797%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=hXvkl8CdbDXDb0%2F9tvDsRcbZbMvb8%2FgTF5Y%2Fsv0z3rc%3D&reserved=0> (he/him)* Senior Security Engineer, AWS Identity Trust Team | Amazon Web Services (AWS) E: deansaxe@amazon.com | M: 206-659-7293
- [scim] Thoughts on the SCIM Cursor Based Paginati… Saxe, Dean
- Re: [scim] [EXTERNAL] Thoughts on the SCIM Cursor… Pamela Dingle
- Re: [scim] Thoughts on the SCIM Cursor Based Pagi… David Brossard
- Re: [scim] Thoughts on the SCIM Cursor Based Pagi… Sehgal, Anjali
- Re: [scim] Thoughts on the SCIM Cursor Based Pagi… Matt Peterson (mpeterso)
- Re: [scim] Thoughts on the SCIM Cursor Based Pagi… Sehgal, Anjali
- Re: [scim] Thoughts on the SCIM Cursor Based Pagi… Matt Peterson (mpeterso)