Re: [scim] BoF Review and workshopping the Charter based on SCIM IG call, Aug 4

"Matt Peterson (mpeterso)" <Matt.Peterson@oneidentity.com> Mon, 16 August 2021 18:07 UTC

Return-Path: <Matt.Peterson@oneidentity.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7C81A3A0AE7 for <scim@ietfa.amsl.com>; Mon, 16 Aug 2021 11:07:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=oneidentity.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yv_8j3H7vgrR for <scim@ietfa.amsl.com>; Mon, 16 Aug 2021 11:07:36 -0700 (PDT)
Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on2100.outbound.protection.outlook.com [40.107.236.100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B091B3A0ADB for <scim@ietf.org>; Mon, 16 Aug 2021 11:07:35 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=eKV6rv7iR7pcLghauq+TINyJ4dpMD0nrGbbW6G310gMjV8ccUiKJ90cIJiSM42hgkhnuO0R0ap8/am/ggYOTwLPsSN8b3cuUdDqW8aKxp231FePdCriUsNvMlbfbZDma+y8WKMNxEr4RU2gtGAZEUeOIinWGK8fO+BXvsDm5ePTIEMDoKfcGDqgmhEcawrTqr4h7We0sPp+V3/ldeIDUTEAChry4WJ6JaxtArSL84PXd8daXT9gh9KD5piNW02VqtPUwvRNhoZ2Ei17T6JeT5w866K1f+0FZTgS8X5I1KQBSFRWDessLHDN6i0GyfUsmSJVvkZQVoPbZWG0taq3eUg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=w9kxxmHb4HgHykCK8fMNDs5uYkJT8HdGvIyhld314gk=; b=hovi/3tAse6L0XdLJsJqq+tmjSxRQH1E2qJxSXOiQP3CvDcs0efP7k0wIxqxU7yn6RdC0vtTNbs+FAVVJ+ibDJBLVIlZpBYJQm/ZrO0OProugu4wC39zfZC+BYoBunqtO2w/DRj2PDBZJ6dliBbiCqETzGVd41yi9jia5WWGGNFUmVnTPGtai+3MhaIjIUhTvGL4S62BFMdEvHAKzjVeVQ0fY+VT+TrTOgyATaIyVAq9Od2v+WBOJq74FdPnkIb0FSon1o+VlP9E/aPa96QElpN7hVfq2yAG6vRfWMcwza15auS6qVPkMY3qlDErQSRacv6s72XrZrnyEkoM+tBHOA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=oneidentity.com; dmarc=pass action=none header.from=oneidentity.com; dkim=pass header.d=oneidentity.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oneidentity.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=w9kxxmHb4HgHykCK8fMNDs5uYkJT8HdGvIyhld314gk=; b=Mov4973vsuF2dUCh9DUAOaRL2qo4XtW2d3W5GfRKQq20cBJv+BVmH8zOqbNtc4deccY64vVvk0ZwqoR4JiN3wSZdZyox/LIw8qKGQMhGpXYtlX6qiTn5CKBi5wyZcItatMP2MDwHayrhX0N0j7F0cvohGdHc87KBwjLk01qO04ASqEel8w+T5ieMLC/ERimsezVOt+gQ3UpGWa5sTe4XNBLfh0eKYWkBYCnkqXs8dHL5N2n5h/L5yTCR88Ruhdg1z7MRkkT4k6KGlhKk9ayRMk6gqPLk/VN2PurrvOekjFla230Qc1x4+yp9tZ1Add7ISuVsIpT8d4wXfkiakhu5kQ==
Received: from MWHPR19MB0957.namprd19.prod.outlook.com (2603:10b6:300:a4::16) by MW3PR19MB4300.namprd19.prod.outlook.com (2603:10b6:303:49::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4415.16; Mon, 16 Aug 2021 18:07:26 +0000
Received: from MWHPR19MB0957.namprd19.prod.outlook.com ([fe80::4880:4967:c535:5783]) by MWHPR19MB0957.namprd19.prod.outlook.com ([fe80::4880:4967:c535:5783%4]) with mapi id 15.20.4415.023; Mon, 16 Aug 2021 18:07:26 +0000
From: "Matt Peterson (mpeterso)" <Matt.Peterson@oneidentity.com>
To: Phil Hunt <phil.hunt@independentid.com>
CC: "scim@ietf.org" <scim@ietf.org>
Thread-Topic: [scim] BoF Review and workshopping the Charter based on SCIM IG call, Aug 4
Thread-Index: AQHXkD59zrEiCh3RDEuUBvNOedb2qqtx2PWAgARyZeA=
Date: Mon, 16 Aug 2021 18:07:26 +0000
Message-ID: <MWHPR19MB0957691C6351B9DAE73D5EC2E1FD9@MWHPR19MB0957.namprd19.prod.outlook.com>
References: <BY5PR00MB07605CD725FD313DCE5BD78AF6FA9@BY5PR00MB0760.namprd00.prod.outlook.com> <D961D39B-72E0-463A-B7C0-9E366D0EDDD7@independentid.com>
In-Reply-To: <D961D39B-72E0-463A-B7C0-9E366D0EDDD7@independentid.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: independentid.com; dkim=none (message not signed) header.d=none;independentid.com; dmarc=none action=none header.from=oneidentity.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 69323e5b-9218-4f6e-6192-08d960e0b44d
x-ms-traffictypediagnostic: MW3PR19MB4300:
x-microsoft-antispam-prvs: <MW3PR19MB43008CEA96DF0CC34D797CEBE1FD9@MW3PR19MB4300.namprd19.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: uC+fE5J8xP3R2ZBsZBiP8M2xB4Vqco55pfyOJSxL7j0/SspgGdxRx3JYt5LxTMPSHgWEBlCmzKSiEY8WfQzCbRFO8f7OCOooZLVkld1YvyZ0biGP2ba4qy4dxiJFTFw/pDsuStxtU93p/KJ4Es3zytrSnqSXxXa2JR9pEC6xCPZCj2EtUgYNY9ngPA7/yn/J4N59GnnUyFIPZWtrV82UEoJdV5sesc/p2PHnopHDO0OF2BmGlHGp1GyCQ6LA8NEFguErqxPw6y8lrvT4QoJLxmRC3nWgyRyVBmAvUzSOwNp0f/wHYk6B6FVsvyI4+JLhPuyhg6+0H0QjEsDcLztnngwk1+bSaKQq0sg8vjbzGRdwhSUj1OQlQNZtEIskWoom02oA0GYMCAfSLy087BLSHNmZ8T5SIDhQwtc8yiVUmgglhUR+R9t9HCeRGJKK/kWAS/E/ExrWotmMmOCjT4pNs/qxEXlwJ+gSHeB79iKZjwfGCdQ8kiTwDTIp+7aC+cqz09R5q7+pK0Vxce5+aphZc3Sm680KWEgtW7FPyalk93RPgEnkdhshK4iggacG1nBK1GEsMCHuzoZpTUSc1AjKrfF0M2XwWH/eC/9BDMEeBCCCM/iU3/gvxwNb0KjqxVe52G35r7ddBIvokJgI2auy6zq9O2jbJP2iNo7dyqFOQe07IimOGl4eOaKCy8dOXvHA2Cn1map6bgsN9JAC+4/JigUczTRmWmalUI3xpnkUmmumtrYXYZG0QVOoWj/ui/DRu7RNvRT5O1xIyFFZCsri0Av+nm+OGqQUVw/+eB5VqvA=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MWHPR19MB0957.namprd19.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(39860400002)(136003)(396003)(346002)(376002)(9686003)(52536014)(5660300002)(83380400001)(966005)(316002)(478600001)(166002)(86362001)(33656002)(122000001)(71200400001)(6916009)(66446008)(76116006)(66476007)(66556008)(66946007)(38100700002)(6506007)(7696005)(8936002)(64756008)(38070700005)(55016002)(2906002)(53546011)(4326008)(8676002)(186003); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?hjTmK6wIUzv4bVcH4WT3lsger2i3VftOcPIb4TfeJ9AQBs1Y1Kg4cnf4QKx+?= =?us-ascii?Q?ET+3LWVC0mriACMyWlmtGRwWAK7N5cz7vV8SaGqHTN//J6gNkiEqGk7DJ3NN?= =?us-ascii?Q?wn5vNKJ+vRPLGqDgz9/WgkPNxcFm+bR0H693lGDYvOwWFYcFTy9oxdqfaZn/?= =?us-ascii?Q?uszz+fOWziGsfxOLbAYTYHEZmEMO4XrY4x+2qD6XS9+hoQmSUnqcX6wgVn94?= =?us-ascii?Q?NdxWvqu7M8cFK9bENuU+msVV3Knv1nOIQZcBhpcTszrQ2ze2IKmO98XYrUHS?= =?us-ascii?Q?WhYn8uGr1DH/WCvveqyNjvQKc8ko9oi4BoOeLfyYkN4sc65bi8aq1wZevlaG?= =?us-ascii?Q?qKY69HMzv7xvcvkEw4NMAxtkjf91Lw3FuIDtrKczVwmIJC4EWFXDjpNq4OjX?= =?us-ascii?Q?MQxqA20ktM8eZI9xf3+9qLYE2qVjeO+ST/791L0TopR7HW6SUf+yFfxjem5K?= =?us-ascii?Q?AjYMfrmu3AKFCl3jdY6GDotrUajD5+Yxbuwb3Nmq0ts8r3zfVkuRPqhDxeXa?= =?us-ascii?Q?25FQ07CUVcBnTn9bzuHn/TqHLExf2cr3FuNmBIi641TsISXs0hKKlpCtwncn?= =?us-ascii?Q?ukXUwNLIrb9p/CJo9ziNWzUiHD8wX1kHWv/A8uhhD2JW8bThlub4SmLyeF1j?= =?us-ascii?Q?hfjE9B9b2hDnR3vcNRhjFTJHxrWCZw+EBAO2zyXa370ADwOLuMoDr2KYXdlC?= =?us-ascii?Q?AOCO0SMTV1/AnqwwujEEFq+/o6Jir8p/2VSMrz1W+YQ+woUmBIwa9DtcmUdy?= =?us-ascii?Q?zt/oSWMfZrdA+UJW1A8qW0rKfWvPp92ZqWwhdySq1Q95Zyu5VKBOMzKr15pg?= =?us-ascii?Q?CQxspWeJtV+AtSQPkfOr3JEV4XjgxUMBqEUCNeCL27ZALJKctJQwApN9HBY3?= =?us-ascii?Q?YRoxivXgapMHryYIJs3vejfwBx+SmaybtmHzA9xxT8YzxtQqUWsFv/3Jwwah?= =?us-ascii?Q?jzixaSjiHiMdYzt0mAVImPggLfeekTBXBAA1NQ4WDGA494itxiPI5WphsSB8?= =?us-ascii?Q?C+cx9LgHBcq/qml8bEYPj9yGII0loTWZqALcdvZMBnL8Gx2K8Ufe7uuqukOM?= =?us-ascii?Q?G2cI2BGNwIfkk42T+CipB/fTctByVPr8TNhfsBqIS6GN/LZtv2iYkkv13Dej?= =?us-ascii?Q?hNanz7ppRH3pngl6OFK7DRLIk8L1UKEL+e2IWFUlXgB10ImRRdI0uVTHhfuq?= =?us-ascii?Q?5KCB3TryVNdD7+qHUFxl9rOdfxBZYBYrDD0c6M2BT/EZcVBnESAsUr4egtPS?= =?us-ascii?Q?UHPkQb039jeM9kya29A81UfJMpJyXmh1h1Zy7vOBG/o1ZsXlw3kpgdEbBSYJ?= =?us-ascii?Q?iZJHQeicIcgyGxRrjqXRj+UbBwK5RTZHePha42ty5au+pFulSwz/PmbEDouc?= =?us-ascii?Q?Jq9AxSBm1fw4l1zlaucS5whLraop?=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_MWHPR19MB0957691C6351B9DAE73D5EC2E1FD9MWHPR19MB0957namp_"
MIME-Version: 1.0
X-OriginatorOrg: oneidentity.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MWHPR19MB0957.namprd19.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 69323e5b-9218-4f6e-6192-08d960e0b44d
X-MS-Exchange-CrossTenant-originalarrivaltime: 16 Aug 2021 18:07:26.2717 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 91c369b5-1c9e-439c-989c-1867ec606603
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Knx7FH9QpPFxRNleS9JzEfAYLnnIcGhk2SHk3pQLRTTZcPTl8W1Dp4De6aBsfW5vKUpWjFvjXLH/RCfS1rYiKg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW3PR19MB4300
Archived-At: <https://mailarchive.ietf.org/arch/msg/scim/WcKJGM-DmmaasmVdFu3nJ7fmc7A>
Subject: Re: [scim] BoF Review and workshopping the Charter based on SCIM IG call, Aug 4
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/scim/>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Aug 2021 18:07:43 -0000

Phil,

I agree.  I think that "client-side caching" (sync) of users and groups is a common use case for pagination because large results are generated not only the initial load of objects but also when trying to detect deletions (especially deletion of group memberships).  There must be a better (more efficient way) of handling this use case than polling with expensive queries.

Like you, I'd really like to get people to post their pagination use cases so that we can categorize them.  I thought about posting to this mailing list with a follow up call for pagination use cases.

But I also, I agree with what Parul said on the the Aug 4 call (from the meeting notes):

Parul: we do need cursor-based pagination, and that is unlikely to go away but it doesn't harm to first define the synchronization world and then look at whether pagination needs to be enhanced...

Parul's suggestion on ordering the tasks is a good one.  It might be useful to get a consensus on "synchronization use case" first.  Then dig into pagination so that we're not trying to talk to both at the same time.

On the topic of synchronization, I think there are two common use cases:


  1.  Constructing and enforcing Application authorization models -  An application (acting as a SCIM client) caches users/groups data from the IdP in order to present "user/group pickers" when presenting screens used to configure the application  authorization rules (RBAC, Policy, or ACL).  Also, when the application enforces authorization, user and group data needs to be immediately available so that authorization decisions can be made quickly.
  2.  Identity Management and Governance systems - implement a canonical identity model" where all accounts and groups are represented.  This model is used to build provisioning rules and calculate separation of duty violations, attestations, and approvals etc.   Management-time evaluation of the model needs to be done efficiently without external calls to the SCIM service provider.

Both of the above use cases, are client-cache use cases -- a "one-way" sync:  a) download the initial results and, b) keep the results up to date with changes that are being made on the SCIM Service provider.

It think it could help us narrow down the list of suitable approaches if we could agree that "one-way" sync (keeping a client-side cache up to date) is our target.

--
Matt

From: scim <scim-bounces@ietf.org> On Behalf Of Phil Hunt
Sent: Friday, August 13, 2021 1:52 PM
To: Pamela Dingle <Pamela.Dingle=40microsoft.com@dmarc.ietf.org>
Cc: scim@ietf.org
Subject: Re: [scim] BoF Review and workshopping the Charter based on SCIM IG call, Aug 4

CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe.

Pam,

Thanks for the notes.  Apologies for not making the last meeting.


Paging and Sync Comments:
In my conversations with Matt Peterson we both have the feeling that the request for "stateful" paging of results has to do with clients wanting to do synchronization. The technical need is driven by memory limitations in clients.  Matt, let me know if I am speaking out of turn, but this form of "paging" for synchronization and reconciliation is a "poor-mans" approach.

I would like to ask if there are other use-cases or need people have for stateful paging other than co-ordination and synchronization. If so, stateful paging may be worth pursuing given appropriate caveats.

Given this, Synchronization/Co-ordination needs to be explored at least in case of requirements as a charter item.  In SCIM environments there are many cross-domain scenarios where items are not being replicated. However entity life-cycles need to be co-ordinated.  I would like to see an approach that works on "changes" only rather than pulling full data sets.  This is an information minimization approach and minimizes data transfer.   There are many possible technolgoies we could explore:
* Security Event streams (publish/subscribe or event bus).  A stream can be explicit or contain simple "this resource has changed".
* Usage of pre-conditions to detect resource changes (date and etag)
* Change date query to detect changed resources (kind of an evolution of ldap changelog)
* Reversal of roles.  Service provider acts as client to send changes back
* Others TBD

Schemas:
Regarding Leif's comments, I took him to mean he would ike to see servers not built on hard coded or otherwise fixed schema (e.g. POJOs).  I didn't take him to mean that there was protocol work to be done here.   My recently published i2scim.io<https://nam12.safelinks.protection.outlook.com/?url=http%3A%2F%2Fi2scim.io%2F&data=04%7C01%7Cmatt.peterson%40quest.com%7C6d5d35b1ff4a47121a2a08d95e93e7e7%7C91c369b51c9e439c989c1867ec606603%7C0%7C1%7C637644811626277847%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=qxy0%2BxCMe4vJ7A3HZ5hmAlEkzczsvq52fOBsRfZ7h%2BY%3D&reserved=0> open source implementation is an example of this.

>From the call I am not sure what was meant by "Discoverable schema is only useful for optional attributes".  In the sense that a server should support Users and Groups, there's nothing saying other schemas and resource types can't be defined and optionally registered via IANA.  In that sense, the /ResourceTypes and /Schemas endpoints become very meaningful.

I think there is a higher level problem of interring meaning beyond Attributes types and characteristics as well as resource type definitions that may seem arbitrary. I think this is where the standard process is useful.  Any publication process is going to help act as a reference for implementers to understand purpose and meaning beyond raw data.

Phil Hunt
@independentid
phil.hunt@independentid.com<mailto:phil.hunt@independentid.com>




On Aug 13, 2021, at 5:36 AM, Pamela Dingle <Pamela.Dingle=40microsoft.com@dmarc.ietf.org<mailto:Pamela.Dingle=40microsoft.com@dmarc.ietf.org>> wrote:

Hi all,
Apologies for the lateness of this summary!    This note talks through our discussion last week on our BoF and on next steps, but the real meat here is the decision making that necessarily needs to move to be email-focused.   Please give us your reactions to the topics below.    Additionally,  our summary of the meeeting, links to the meeting, and thoughts and goals moving forward are here:  meetings/2021-08-04.md at main * SCIM-Interest-Group/meetings (github.com)<https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FSCIM-Interest-Group%2Fmeetings%2Fblob%2Fmain%2F2021%2F2021-08-04.md&data=04%7C01%7Cmatt.peterson%40quest.com%7C6d5d35b1ff4a47121a2a08d95e93e7e7%7C91c369b51c9e439c989c1867ec606603%7C0%7C1%7C637644811626287844%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=NbBTKbHYd8E2X%2BnqvYAfPMUhZzP6pJIRNa4q%2Bbck8pA%3D&reserved=0>amp;reserved=0>. Video of the meeting is available on Youtube: https://youtu.be/msGCsG752PA<https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fyoutu.be%2FmsGCsG752PA&data=04%7C01%7Cmatt.peterson%40quest.com%7C6d5d35b1ff4a47121a2a08d95e93e7e7%7C91c369b51c9e439c989c1867ec606603%7C0%7C1%7C637644811626297841%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=q5pABg2LL5A5%2FtK%2B5b2RONXNYJvHbvul%2FmIi6NIzwd0%3D&reserved=0>

Three issues need surfacing to the wider community, based on commentary in the BoF:
Synchronization not a Charter Focus
While we have spoken a lot in our interest group meetings about pagination, comments from Morteza around synchronization sparked a conversation around the relationship between pagination and synchronization -- is it that pagination is so critical because large data set fetches are the only way to do synchronization?   The consensus from the group in the meeting was that yes, there is a relationship here, and while we definitely still think pagination is a critical topic, understanding the nature of our syncronization use cases could shed light on why large data set handling is so critical for many.
Fixed vs. Discoverable Schema
Discussion of Leif's comments in the BoF about lack of flexibility in current schema efforts resulted  the group suggested that we should look at what could be done to better support discoverable schema.  Can we make the discovery mechanism already in the spec more dynamic or more able to be part of a schema negotiation?
Discussion on External ID and Privileged Access
We didn't get a chance to discuss, but are looking for thoughts and discussion from the community.
Moving towards IETF Conformant Comms and Processes
Nancy Cam Winget (one of our BoF chairs) has been advising us on next steps and the discussion began on process.  The group took a shot at running some consensus calls today in the meeting based on the above topics, you can see them below and we want your feedback, but going  chairs. Additionally Nancy was very clear that the critical consensus mechanism needs to be the mailing list - so we will work to make sure those motions are properly followed.
Please give us your thoughts & reactions to these two statements and their impact on the proposed charter:

Consensus call (9/11 within the call):  We will explore synchronization patterns and deliver a document describing what implementers are doing, with one focus being how large data sets are involved as an early deliverable

Consensus call (7/11 within the call) for "investigating discoverable schema as part of our schema milestone" deliverable would be a document containing recommendations delivered to the WG
Cheers,

Pam

_______________________________________________
scim mailing list
scim@ietf.org<mailto:scim@ietf.org>
https://www.ietf.org/mailman/listinfo/scim<https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fscim&data=04%7C01%7Cmatt.peterson%40quest.com%7C6d5d35b1ff4a47121a2a08d95e93e7e7%7C91c369b51c9e439c989c1867ec606603%7C0%7C1%7C637644811626307835%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=Skaa6SfAZRcFCpVgRW8vQ8DZXTVgrHYXlbB7stowng8%3D&reserved=0>