Re: [scim] Clarification on SCIM schema extension URN naming rules
Brian Demers <brian.demers@gmail.com> Tue, 04 October 2022 21:09 UTC
Return-Path: <brian.demers@gmail.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8AE3BC14CE3C for <scim@ietfa.amsl.com>; Tue, 4 Oct 2022 14:09:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vBCGpFi8BITW for <scim@ietfa.amsl.com>; Tue, 4 Oct 2022 14:09:29 -0700 (PDT)
Received: from mail-ej1-x632.google.com (mail-ej1-x632.google.com [IPv6:2a00:1450:4864:20::632]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5DA93C1524A5 for <scim@ietf.org>; Tue, 4 Oct 2022 14:09:29 -0700 (PDT)
Received: by mail-ej1-x632.google.com with SMTP id v22so3636062ejw.8 for <scim@ietf.org>; Tue, 04 Oct 2022 14:09:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=pKYaNHgBiIONdfeoQzhD5Swd6eeJiEVFEkyXQgCgEJE=; b=qm5SCCovRHYru81Bkonfm6fNtPDk1NB4MLPJM8b0H5fv3+GpKA8VqesbDsD109ikK7 yFow1BC1g4Jdj9bU64RgVdTYSY8DZ9NKk06Bx0WClsdLghp08ntFs/Z7NyRTLt3aMQdQ 1cSq6uEsi6w8t+46tAERLGzm+B5kJcHyNWyKi0UXdQlhMOQJYkiHZxiINY3q53n0jX5X LD436alMadqZW8qyYcFm+1oB9f+wtQBrIdSBePmaVgls9BCWm8rnrEbQieROpUd3CFFs zzSJItUa20nJWIOIXleOX5sVl7Z6ElgZPVQ3svB3HZa4qJiYR48Z+WALy+HVY2BEIetA 8neg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=pKYaNHgBiIONdfeoQzhD5Swd6eeJiEVFEkyXQgCgEJE=; b=gKgdR3cMRCGUagxQCmS8qzZnjiXh325M+cmnL9eQ4fXiXnOKunDmFWJK+/onYOFI45 byDsTGaZ7xNTi6B7gsq/OeqjoIlnMa126BUTHop9y9T+2xaeUYCwC7donGcKNBNpKcFp 1e3R3Ib901b0tkRbXb94UIQKt9bXHMC0pDNAX51jt0Iug/cQIlzO+guJG1Jx/HHYTN8Q 1v8JuLO/bFlbI3Eg239TA6pSaV5rBspUZTvEcRgx1EAycVEr+8yjnf072jEnXO/0d54Q lWSDDBWWF74CSQylePp3O/61GQr5LS/IoePIu7GehnlYJX1Zq6IhkAESwXthuKuETkze KYCA==
X-Gm-Message-State: ACrzQf09UVzI1S8X/L2oDPQD/qjEYiTyXw4Qw07PCDj2D99XOlethEsW vtpKHvmQ7F+TxtT5/HwFAAl3qFzySqsnmEYY7Ah+wOhzanWanQ==
X-Google-Smtp-Source: AMsMyM6BFsjlKpFI5M8SxeEahkbUThwaet7VjPvLKzOVOjZJQQ1ecjjOoZ3YtsIx4QKa9qTDOKdqI6LGpazOaq/0Dhs=
X-Received: by 2002:a17:907:7f05:b0:781:e579:46b5 with SMTP id qf5-20020a1709077f0500b00781e57946b5mr20575015ejc.102.1664917767299; Tue, 04 Oct 2022 14:09:27 -0700 (PDT)
MIME-Version: 1.0
References: <3250F090-BCCB-4999-9D90-4D428D3100B6@gmail.com> <3E25E547-C68D-45A1-8C51-B4676B7164B8@independentid.com>
In-Reply-To: <3E25E547-C68D-45A1-8C51-B4676B7164B8@independentid.com>
From: Brian Demers <brian.demers@gmail.com>
Date: Tue, 04 Oct 2022 16:09:16 -0500
Message-ID: <CAH9eYVpfLofyHUu1iT=sxg2vXpKnzfLj-1W5RxKHxFUPJ3pdgg@mail.gmail.com>
To: Phillip Hunt <phil.hunt@independentid.com>
Cc: scim@ietf.org, Danny Zollner <Danny.Zollner=40microsoft.com@dmarc.ietf.org>, Stanimir Bozhilov <stanimir@audriga.com>
Content-Type: multipart/alternative; boundary="00000000000019a7f905ea3be028"
Archived-At: <https://mailarchive.ietf.org/arch/msg/scim/Ss1HfHLO2kPS22-vYdidaNqLv88>
Subject: Re: [scim] Clarification on SCIM schema extension URN naming rules
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/scim/>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 04 Oct 2022 21:09:33 -0000
Sorry, my last message wasn't clear. This line: > The spec states the URN prefix for the IANA registered schema. probably should have read: > RFC7643 states the URN prefix for the IANA registered schema. Because of this, I'm assuming URN's starting with the prefix ` urn:ietf:params:scim:` _should_ be avoided unless the schema is being developed through or reviewed by the working group (per 10.3.1)? On Tue, Oct 4, 2022 at 10:24 AM Phillip Hunt <phil.hunt@independentid.com> wrote: > I would take a look at the IANA section of RFC7643. It details the > namespace and registration process for SCIM urns. > > Phil > > > On Oct 4, 2022, at 7:33 AM, Brian Demers <brian.demers@gmail.com> wrote: > > > > Same question here! > > > > I gave a SCIM talk yesterday, and Iglossed over this topic, because it > was not clear to me. > > The spec states the URN prefix for the IANA registered schema. > > But that may suggest that non-registered schema should avoid that > prefix? 🤷 > > > > -Brian > > > >>> On Oct 4, 2022, at 9:13 AM, Stanimir Bozhilov <stanimir@audriga.com> > wrote: > >>> > >>> On 2022-09-30 07:37, Danny Zollner wrote: > >>> Hi SCIM-ers, > >>> In RFC 7643, as best I can tell, all of the examples of schemas for > >>> SCIM resources begin with the prefix of > >>> urn:ietf:params:scim:schemas:…, with the sole exception of the text > >>> on page 29 that refers to the schema for the ResourceType resource. > >>> This text describing the schema for the ResourceType resource contains > >>> the following: > >>> schemaExtensions > >>> A list of URIs of the resource type's schema extensions. > >>> OPTIONAL. > >>> schema The URI of an extended schema, e.g., > >>> "urn:edu:2.0:Staff". > >>> This MUST be equal to the "id" attribute of a "Schema" > >>> resource. REQUIRED. > >>> This example uses urn:edu:2.0:Staff as the example for an extension > >>> schema, but all other examples of schemas in RFC 7643 that I could > >>> find use the ietf namespace. In a discussion I was having with a > >>> colleague of mine a few months ago, it was stated that the only schema > >>> URNs that should be using the urn:ietf:.. namespace are ones contained > >>> in IETF-managed drafts or RFCs. I've worked with dozens of SCIM > >>> service provider implementers in the past few years, and possibly > >>> without exception all implementers that have custom schema extensions > >>> do something equivalent to > >>> urn:ietf:params:scim:schemas:extension:CompanyName:2.0:User. > >>> I'd like to get input from others in the working group - is it correct > >>> that for non-IETF managed schemas - such as those that are custom to a > >>> single SCIM implementation - that a schema extension URN should not > >>> begin with urn:ietf:… but instead virtually anything else - i.e.: > >>> urn:foo:bar, or the example above of urn:edu:2.0:Staff? > >>> If it is the case, then I've got the following questions: > >>> * Does improper schema URN naming(improper usage of urn:ietf:.. ) > >>> have any negative impact? > >>> * For future guidance on this topic as part of the SCIM 2.0 standard, > >>> should any consideration be given to the fact that the overwhelming > >>> majority of SCIM 2.0 implementers have implemented their extensions > >>> starting with urn:ietf:..? > >>> * If a future version increase of SCIM happens - 2.1, 3.0, etc - > >>> should clearer guidance on proper versus improper schema URN naming be > >>> given, including explicit guidance that urn:ietf:… is reserved? > >>> Thanks, > >>> Danny Zollner > >>> _______________________________________________ > >>> scim mailing list > >>> scim@ietf.org > >>> https://www.ietf.org/mailman/listinfo/scim > >> > >> > >> Hi Danny, > >> > >> We're currently facing the same issue where it's not completely clear > how one is supposed to define the URN of new resources or extensions in > SCIM. > >> > >> For the time being, we took the approach where we have the > "urn:ietf:..." prefix and at the end of the URN we have > "CompanyName:2.0:SomeResourceType". However, we weren't really sure whether > this was actually proper naming and so we could easily change the URN > naming in case it turns out that this is not the right way to go about > naming new resources and/or schema extensions. > >> Regarding this matter, we'd also be particularly interested in feedback > and official guidance on how such naming should be done in general. > >> > >> Best regards, > >> Stanimir Bozhilov > >> > >> -- > >> Stanimir Bozhilov > >> Tel: +49 721 170293 16 > >> Fax: +49 721 170293 179 > >> > >> http://www.audriga.com | http://www.twitter.com/audriga > >> > >> > -------------------------------------------------------------------------- > >> audriga GmbH | Alter Schlachthof 57 | 76137 Karlsruhe > >> Sitz der Gesellschaft: Karlsruhe - Amtsgericht Mannheim - HRB 713034 > >> Geschäftsführer: Dr. Frank Dengler, Dr.-Ing. Hans-Jörg Happel > >> > -------------------------------------------------------------------------- > >> > >> _______________________________________________ > >> scim mailing list > >> scim@ietf.org > >> https://www.ietf.org/mailman/listinfo/scim > > > > _______________________________________________ > > scim mailing list > > scim@ietf.org > > https://www.ietf.org/mailman/listinfo/scim >
- [scim] Clarification on SCIM schema extension URN… Danny Zollner
- Re: [scim] Clarification on SCIM schema extension… Stanimir Bozhilov
- Re: [scim] Clarification on SCIM schema extension… Brian Demers
- Re: [scim] Clarification on SCIM schema extension… Phillip Hunt
- Re: [scim] Clarification on SCIM schema extension… Brian Demers
- Re: [scim] Clarification on SCIM schema extension… Phillip Hunt
- Re: [scim] [EXTERNAL] Re: Clarification on SCIM s… Danny Zollner
- Re: [scim] [EXTERNAL] Clarification on SCIM schem… Phillip Hunt