IETF Logo Mail Archive

Re: [scim] Clarification on SCIM schema extension URN naming rules

Brian Demers <brian.demers@gmail.com> Tue, 04 October 2022 21:09 UTC

Return-Path: <brian.demers@gmail.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8AE3BC14CE3C for <scim@ietfa.amsl.com>; Tue, 4 Oct 2022 14:09:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vBCGpFi8BITW for <scim@ietfa.amsl.com>; Tue, 4 Oct 2022 14:09:29 -0700 (PDT)
Received: from mail-ej1-x632.google.com (mail-ej1-x632.google.com [IPv6:2a00:1450:4864:20::632]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5DA93C1524A5 for <scim@ietf.org>; Tue, 4 Oct 2022 14:09:29 -0700 (PDT)
Received: by mail-ej1-x632.google.com with SMTP id v22so3636062ejw.8 for <scim@ietf.org>; Tue, 04 Oct 2022 14:09:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=pKYaNHgBiIONdfeoQzhD5Swd6eeJiEVFEkyXQgCgEJE=; b=qm5SCCovRHYru81Bkonfm6fNtPDk1NB4MLPJM8b0H5fv3+GpKA8VqesbDsD109ikK7 yFow1BC1g4Jdj9bU64RgVdTYSY8DZ9NKk06Bx0WClsdLghp08ntFs/Z7NyRTLt3aMQdQ 1cSq6uEsi6w8t+46tAERLGzm+B5kJcHyNWyKi0UXdQlhMOQJYkiHZxiINY3q53n0jX5X LD436alMadqZW8qyYcFm+1oB9f+wtQBrIdSBePmaVgls9BCWm8rnrEbQieROpUd3CFFs zzSJItUa20nJWIOIXleOX5sVl7Z6ElgZPVQ3svB3HZa4qJiYR48Z+WALy+HVY2BEIetA 8neg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=pKYaNHgBiIONdfeoQzhD5Swd6eeJiEVFEkyXQgCgEJE=; b=gKgdR3cMRCGUagxQCmS8qzZnjiXh325M+cmnL9eQ4fXiXnOKunDmFWJK+/onYOFI45 byDsTGaZ7xNTi6B7gsq/OeqjoIlnMa126BUTHop9y9T+2xaeUYCwC7donGcKNBNpKcFp 1e3R3Ib901b0tkRbXb94UIQKt9bXHMC0pDNAX51jt0Iug/cQIlzO+guJG1Jx/HHYTN8Q 1v8JuLO/bFlbI3Eg239TA6pSaV5rBspUZTvEcRgx1EAycVEr+8yjnf072jEnXO/0d54Q lWSDDBWWF74CSQylePp3O/61GQr5LS/IoePIu7GehnlYJX1Zq6IhkAESwXthuKuETkze KYCA==
X-Gm-Message-State: ACrzQf09UVzI1S8X/L2oDPQD/qjEYiTyXw4Qw07PCDj2D99XOlethEsW vtpKHvmQ7F+TxtT5/HwFAAl3qFzySqsnmEYY7Ah+wOhzanWanQ==
X-Google-Smtp-Source: AMsMyM6BFsjlKpFI5M8SxeEahkbUThwaet7VjPvLKzOVOjZJQQ1ecjjOoZ3YtsIx4QKa9qTDOKdqI6LGpazOaq/0Dhs=
X-Received: by 2002:a17:907:7f05:b0:781:e579:46b5 with SMTP id qf5-20020a1709077f0500b00781e57946b5mr20575015ejc.102.1664917767299; Tue, 04 Oct 2022 14:09:27 -0700 (PDT)
MIME-Version: 1.0
References: <3250F090-BCCB-4999-9D90-4D428D3100B6@gmail.com> <3E25E547-C68D-45A1-8C51-B4676B7164B8@independentid.com>
In-Reply-To: <3E25E547-C68D-45A1-8C51-B4676B7164B8@independentid.com>
From: Brian Demers <brian.demers@gmail.com>
Date: Tue, 04 Oct 2022 16:09:16 -0500
Message-ID: <CAH9eYVpfLofyHUu1iT=sxg2vXpKnzfLj-1W5RxKHxFUPJ3pdgg@mail.gmail.com>
To: Phillip Hunt <phil.hunt@independentid.com>
Cc: scim@ietf.org, Danny Zollner <Danny.Zollner=40microsoft.com@dmarc.ietf.org>, Stanimir Bozhilov <stanimir@audriga.com>
Content-Type: multipart/alternative; boundary="00000000000019a7f905ea3be028"
Archived-At: <https://mailarchive.ietf.org/arch/msg/scim/Ss1HfHLO2kPS22-vYdidaNqLv88>
Subject: Re: [scim] Clarification on SCIM schema extension URN naming rules
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/scim/>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 04 Oct 2022 21:09:33 -0000

Sorry, my last message wasn't clear.

This line:
> The spec states the URN prefix for the IANA registered schema.
probably should have read:
> RFC7643 states the URN prefix for the IANA registered schema.

Because of this, I'm assuming URN's starting with the prefix `
urn:ietf:params:scim:` _should_ be avoided unless the schema is being
developed through or reviewed by the working group (per 10.3.1)?


On Tue, Oct 4, 2022 at 10:24 AM Phillip Hunt <phil.hunt@independentid.com>
wrote:

> I would take a look at the IANA section of RFC7643. It details the
> namespace and registration process for SCIM urns.
>
> Phil
>
> > On Oct 4, 2022, at 7:33 AM, Brian Demers <brian.demers@gmail.com> wrote:
> >
> > Same question here!
> >
> > I gave a SCIM talk yesterday, and Iglossed over this topic, because it
> was not clear to me.
> > The spec states the URN prefix for the IANA registered schema.
> > But that may suggest that non-registered schema should avoid that
> prefix? 🤷
> >
> > -Brian
> >
> >>> On Oct 4, 2022, at 9:13 AM, Stanimir Bozhilov <stanimir@audriga.com>
> wrote:
> >>>
> >>> On 2022-09-30 07:37, Danny Zollner wrote:
> >>> Hi SCIM-ers,
> >>> In RFC 7643, as best I can tell, all of the examples of schemas for
> >>> SCIM resources begin with the prefix of
> >>> urn:ietf:params:scim:schemas:…, with the sole exception of the text
> >>> on page 29 that refers to the schema for the ResourceType resource.
> >>> This text describing the schema for the ResourceType resource contains
> >>> the following:
> >>> schemaExtensions
> >>>     A list of URIs of the resource type's schema extensions.
> >>>     OPTIONAL.
> >>>     schema  The URI of an extended schema, e.g.,
> >>> "urn:edu:2.0:Staff".
> >>>        This MUST be equal to the "id" attribute of a "Schema"
> >>>        resource.  REQUIRED.
> >>> This example uses urn:edu:2.0:Staff as the example for an extension
> >>> schema, but all other examples of schemas in RFC 7643 that I could
> >>> find use the ietf namespace. In a discussion I was having with a
> >>> colleague of mine a few months ago, it was stated that the only schema
> >>> URNs that should be using the urn:ietf:.. namespace are ones contained
> >>> in IETF-managed drafts or RFCs. I've worked with dozens of SCIM
> >>> service provider implementers in the past few years, and possibly
> >>> without exception all implementers that have custom schema extensions
> >>> do something equivalent to
> >>> urn:ietf:params:scim:schemas:extension:CompanyName:2.0:User.
> >>> I'd like to get input from others in the working group - is it correct
> >>> that for non-IETF managed schemas - such as those that are custom to a
> >>> single SCIM implementation - that a schema extension URN should not
> >>> begin with urn:ietf:… but instead virtually anything else - i.e.:
> >>> urn:foo:bar, or the example above of urn:edu:2.0:Staff?
> >>> If it is the case, then I've got the following questions:
> >>>   * Does improper schema URN naming(improper usage of urn:ietf:.. )
> >>> have any negative impact?
> >>>   * For future guidance on this topic as part of the SCIM 2.0 standard,
> >>> should any consideration be given to the fact that the overwhelming
> >>> majority of SCIM 2.0 implementers have implemented their extensions
> >>> starting with urn:ietf:..?
> >>>   * If a future version increase of SCIM happens - 2.1, 3.0, etc -
> >>> should clearer guidance on proper versus improper schema URN naming be
> >>> given, including explicit guidance that urn:ietf:… is reserved?
> >>> Thanks,
> >>> Danny Zollner
> >>> _______________________________________________
> >>> scim mailing list
> >>> scim@ietf.org
> >>> https://www.ietf.org/mailman/listinfo/scim
> >>
> >>
> >> Hi Danny,
> >>
> >> We're currently facing the same issue where it's not completely clear
> how one is supposed to define the URN of new resources or extensions in
> SCIM.
> >>
> >> For the time being, we took the approach where we have the
> "urn:ietf:..." prefix and at the end of the URN we have
> "CompanyName:2.0:SomeResourceType". However, we weren't really sure whether
> this was actually proper naming and so we could easily change the URN
> naming in case it turns out that this is not the right way to go about
> naming new resources and/or schema extensions.
> >> Regarding this matter, we'd also be particularly interested in feedback
> and official guidance on how such naming should be done in general.
> >>
> >> Best regards,
> >> Stanimir Bozhilov
> >>
> >> --
> >> Stanimir Bozhilov
> >> Tel: +49 721 170293 16
> >> Fax: +49 721 170293 179
> >>
> >> http://www.audriga.com | http://www.twitter.com/audriga
> >>
> >>
> --------------------------------------------------------------------------
> >> audriga GmbH |  Alter Schlachthof 57  | 76137 Karlsruhe
> >> Sitz der Gesellschaft: Karlsruhe - Amtsgericht Mannheim - HRB 713034
> >> Geschäftsführer: Dr. Frank Dengler, Dr.-Ing. Hans-Jörg Happel
> >>
> --------------------------------------------------------------------------
> >>
> >> _______________________________________________
> >> scim mailing list
> >> scim@ietf.org
> >> https://www.ietf.org/mailman/listinfo/scim
> >
> > _______________________________________________
> > scim mailing list
> > scim@ietf.org
> > https://www.ietf.org/mailman/listinfo/scim
>

v2.23.0 | Report a Bug | By Email