Re: [scim] Call for support on proposed SCIM/SINS (re)charter
Paul Lanzi <paul@remediant.com> Mon, 13 September 2021 21:55 UTC
Return-Path: <paul@remediant.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ADA2B3A121B for <scim@ietfa.amsl.com>; Mon, 13 Sep 2021 14:55:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=remediant.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a0hGTsqIAoa6 for <scim@ietfa.amsl.com>; Mon, 13 Sep 2021 14:55:35 -0700 (PDT)
Received: from mail-ed1-x533.google.com (mail-ed1-x533.google.com [IPv6:2a00:1450:4864:20::533]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 427FC3A121A for <scim@ietf.org>; Mon, 13 Sep 2021 14:55:35 -0700 (PDT)
Received: by mail-ed1-x533.google.com with SMTP id j13so16525809edv.13 for <scim@ietf.org>; Mon, 13 Sep 2021 14:55:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=remediant.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=JxYnzX8u/m32poriyXznzwnslMe7AD+6GiWV5w/M7p4=; b=SL72LoR4AFCPwPoobxACk/yQiaKM6wAegbZ6LvwW6AhsVZjrLnWmjnDy6fAvepLwvD jNvHthJdImLa1tP07mqpQHkBsBK+DO8qg7AhyYVwGPy0FHt1g8Om2l/8ueTtUEgN/dbH PqzJztXOHJewIsFvSzI/57aEKeHDAfAZh8tfM=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=JxYnzX8u/m32poriyXznzwnslMe7AD+6GiWV5w/M7p4=; b=JED5rAuyKjMf6H1qoyuoGCgM7lclF+kiOFtrExI1ljY2OpPV5cNN02zC0PEE4LVwcb QOT/sWBP3ClElbDLa/DrQ/jlkngsIqsXG7oHwS0ZQ0xx4d+3pHflUnKQz5xG8iOybflK P1qSiKptUI+fwPovsHcAbJmRAPorStM/Crc2vunwFw99QPobhi7x+TdRVD/3+dfm8pJe fnObF5HWXMCHdH7JWO5nFUfCPGz4EdUdKp2UIKzJrLDw3tTqglbqTqENEAKD0PRMcoxU t06fon5quQu2oBm8ZTggAArGY6p1drz5ZD6YTD0Jxn+HskocsG5gJmI1ADs1kjQi4wDR Atlw==
X-Gm-Message-State: AOAM532B6ScR7KSGvQBB/i4DKDHpQj2g7M+ZnkVAXUlF0qcdR4uO9h0S yhEGJ+VQ0vT9RPB6NqOGzcAPzUHiQr21F1Zi8Lahv1ki4YabmA==
X-Google-Smtp-Source: ABdhPJwrds6xW5GOVW7pAi9+m/MoBD7z/Np5OleVtHxHnTroIgh5zlGEqjr7fRk4QeyQIVZdtYlYVdLEC4N/C/hGwXE=
X-Received: by 2002:a05:6402:205:: with SMTP id t5mr15529536edv.81.1631570132033; Mon, 13 Sep 2021 14:55:32 -0700 (PDT)
MIME-Version: 1.0
References: <9BCA478F-548E-4F6A-9F1B-6D8E15AE9373@cisco.com> <b73cd34b-17cb-9130-05b1-086c4dd2e87a@pdmconsulting.net>
In-Reply-To: <b73cd34b-17cb-9130-05b1-086c4dd2e87a@pdmconsulting.net>
From: Paul Lanzi <paul@remediant.com>
Date: Mon, 13 Sep 2021 14:55:21 -0700
Message-ID: <CA+7VvRaPmpm-JOo1pV4Drz=Ta-wFOiqG8xDPQpJsTsX8=8ALKw@mail.gmail.com>
To: "scim@ietf.org" <scim@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000025741d05cbe786be"
Archived-At: <https://mailarchive.ietf.org/arch/msg/scim/SuVhdoOBaTqnsjX9Sv7gEiHoeoc>
Subject: Re: [scim] Call for support on proposed SCIM/SINS (re)charter
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/scim/>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Sep 2021 21:55:41 -0000
I want to add my voice of support to the proposed charter. As with Matt and Mike, I'm happy to engage specifically on the PAM (aka Grizzle) extension modification, incorporation, documentation and implementation. Happy to contribute on other charter elements as well but PAM will be the area when I can add the most expertise. Thanks, --Paul Lanzi ᐧ On Thu, Sep 9, 2021 at 7:19 AM Danny Mayer <mayer@pdmconsulting.net> wrote: > I support this charter. I will be happy to help produce and review > documents and provide use cases. I can't do any implementations right now > though I may be able to borrow Phil's sample implementation! > > Danny > On 9/8/21 8:21 PM, Nancy Cam-Winget (ncamwing) wrote: > > Hello SCIM participants, > > > > After some virtual meetings (thank you Pam for hosting these!) and > discussion, there is a new proposed charter that addresses the points > raised at the IETF 111 SINS session. > > This is a call for support of the charter defined below, please provide > your response by Sept. 24, 2021. > > > > As you respond in support for the charter, please also specify if you are > willing to produce, review and/or implement the resulting documents. > > Otherwise, do provide feedback in the time window if there are concerns or > issues you see with the charter below: > > > Charter > > The System for Cross-domain Identity Management (SCIM) specification is an > HTTP-based protocol that makes managing identities in multi-domain > scenarios easier. SCIM was last published in 2015 and has seen growing > adoption. > > One goal for this working group is to shepherd SCIM, currently RFC series > 7642 <https://datatracker.ietf.org/doc/html/rfc7642>, 7643 > <https://datatracker.ietf.org/doc/html/rfc7643>, 7644 > <https://datatracker.ietf.org/doc/html/rfc7644>, through the Internet > Standard process. The group will deliver revised specifications for the > SCIM requirements as Informational, and for the SCIM protocol and base > schema suitable for consideration as a Standard. This work will be based > upon the existing RFCs, errata and interoperabilty feedback, and > incorporate current security and privacy best practices. > > In addition to revising the requirements, protocol and base schema RFCs, > the group will also consider additional specifications as extensions to > SCIM that have found broad adoption and are ready for standards track. This > includes profiles and schemas for interoperability in additional scenarios. > The working group will develop additional Proposed Standard RFCs based on > outcomes of the following work: > > - Revision of the informational RFC 7642 will: > - Focus on Use cases and implementation patterns > - Pull vs. Push based use cases > - Events and signals use cases > - Deletion use cases > - New use cases may be added to the revised RFC > - Revision of RFC 7643/44 will include: > - Profiling SCIM relationships with other identity-centric > protocols such as OAuth 2.0, OpenID Connect, Shared Signals, and Fastfed > - Updates to the evolution of the externalid usage > - Document SCIM support for synchronization-related goals between > domains focused on: > - Handling returning large result sets through paging, based on > [draft-hunt-scim-mv-paging-00] > - Incremental approaches to synchronization > - Support for deletion-related goals including: > - Handling Deletes in SCIM Servers that don’t allow Deletes (Soft > Deletes) - based on [draft-ansari-scim-soft-delete-00] > - Support for advanced automation scenarios such as: > - Discovery and negotiation of client credentials > - Attribute mapping > - Per-attribute schema negotiation > - Enhance the existing schema to support exchanging of HR, Enterprise > group and privileged access management (using draft-grizzle-scim-pam > <https://tools.ietf.org/id/draft-grizzle-scim-pam-ext-00.html> as a > base) > > > > Best, Nancy (as one of the BoF chairs) > > > > _______________________________________________ > scim mailing listscim@ietf.orghttps://www.ietf.org/mailman/listinfo/scim > > _______________________________________________ > scim mailing list > scim@ietf.org > https://www.ietf.org/mailman/listinfo/scim >
- [scim] Call for support on proposed SCIM/SINS (re… Nancy Cam-Winget (ncamwing)
- Re: [scim] Call for support on proposed SCIM/SINS… Phil Hunt
- Re: [scim] Call for support on proposed SCIM/SINS… Danny Mayer
- Re: [scim] Call for support on proposed SCIM/SINS… Danny Mayer
- Re: [scim] Call for support on proposed SCIM/SINS… Mark Wahl
- Re: [scim] Call for support on proposed SCIM/SINS… Mike Kiser
- Re: [scim] Call for support on proposed SCIM/SINS… Erik Gustavson
- Re: [scim] [⚠️] Call for support on proposed SCIM… Alice Wang
- Re: [scim] Call for support on proposed SCIM/SINS… Matt Peterson (mpeterso)
- Re: [scim] Call for support on proposed SCIM/SINS… Nancy Cam-Winget (ncamwing)
- Re: [scim] Call for support on proposed SCIM/SINS… Danny Mayer
- Re: [scim] Call for support on proposed SCIM/SINS… Matt Peterson (mpeterso)
- Re: [scim] Call for support on proposed SCIM/SINS… Danny Mayer
- Re: [scim] Call for support on proposed SCIM/SINS… Craig McClanahan
- Re: [scim] Call for support on proposed SCIM/SINS… Matt Peterson (mpeterso)
- Re: [scim] Call for support on proposed SCIM/SINS… Paul Lanzi
- Re: [scim] Call for support on proposed SCIM/SINS… Danny Mayer
- Re: [scim] Call for support on proposed SCIM/SINS… Phillip Hunt
- Re: [scim] Call for support on proposed SCIM/SINS… Danny Mayer
- Re: [scim] Call for support on proposed SCIM/SINS… Phillip Hunt
- Re: [scim] Call for support on proposed SCIM/SINS… Danny Mayer
- Re: [scim] Call for support on proposed SCIM/SINS… Ryan Bradley
- Re: [scim] Call for support on proposed SCIM/SINS… Roman Danyliw