Re: [scim] Call for support on proposed SCIM/SINS (re)charter

Danny Mayer <> Fri, 10 September 2021 17:17 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 930D03A0EC7 for <>; Fri, 10 Sep 2021 10:17:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id DqwCyuHfYyiy for <>; Fri, 10 Sep 2021 10:17:15 -0700 (PDT)
Received: from ( [IPv6:2001:470:1:205::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 89D283A0EC6 for <>; Fri, 10 Sep 2021 10:17:09 -0700 (PDT)
Received: from newusers-MBP.fios-router.home ( []) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by (Postfix) with ESMTPSA id 4H5jGq5fK5zMNXD; Fri, 10 Sep 2021 17:17:07 +0000 (UTC)
To: "Nancy Cam-Winget (ncamwing)" <>, "" <>
References: <>
From: Danny Mayer <>
Message-ID: <>
Date: Fri, 10 Sep 2021 13:17:04 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.13.0
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: multipart/alternative; boundary="------------E38D7F826F11798934A9446A"
Content-Language: en-US
Archived-At: <>
Subject: Re: [scim] Call for support on proposed SCIM/SINS (re)charter
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Simple Cloud Identity Management BOF <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 10 Sep 2021 17:17:23 -0000

Just to make it clear to everyone on this list, if you wish to move this 
charter forward to start/restart an actual working group it needs to be 
done here on the mailing list. Pam's bi-weekly meeting is not the place 
for it. This is an IETF requirement especially as not everyone can 
attend meetings. So far only Phil and I have responded on the mailing 
list to the proposed charter, so it's now up to everyone else to 
indicate their interest.



On 9/8/21 8:21 PM, Nancy Cam-Winget (ncamwing) wrote:
> Hello SCIM participants,
> After some virtual meetings (thank you Pam for hosting these!) and 
> discussion, there is a new proposed charter that addresses the points 
> raised at the IETF 111 SINS session.
> This is a call for support of the charter defined below, please 
> provide your response by Sept. 24, 2021.
> As you respond in support for the charter, please also specify if you 
> are willing to produce, review and/or implement the resulting documents.
> Otherwise, do provide feedback in the time window if there are 
> concerns or issues you see with the charter below:
>   Charter
> The System for Cross-domain Identity Management (SCIM) 
> specification is an HTTP-based protocol that makes managing identities 
> in multi-domain scenarios easier. SCIM was last published in 2015 and 
> has seen growing adoption.
> One goal for this working group is to shepherd SCIM, currently RFC 
> series 7642 <>, 7643 
> <>, 7644 
> <>, through the Internet 
> Standard process. The group will deliver revised specifications for 
> the SCIM requirements as Informational, and for the SCIM protocol and 
> base schema suitable for consideration as a Standard. This work will 
> be based upon the existing RFCs, errata and interoperabilty feedback, 
> and incorporate current security and privacy best practices.
> In addition to revising the requirements, protocol and base schema 
> RFCs, the group will also consider additional specifications as 
> extensions to SCIM that have found broad adoption and are ready for 
> standards track. This includes profiles and schemas for 
> interoperability in additional scenarios. The working group will 
> develop additional Proposed Standard RFCs based on outcomes of the 
> following work:
>   * Revision of the informational RFC 7642 will:
>       o Focus on Use cases and implementation patterns
>           + Pull vs. Push based use cases
>           + Events and signals use cases
>           + Deletion use cases
>       o New use cases may be added to the revised RFC
>   * Revision of RFC 7643/44 will include:
>       o Profiling SCIM relationships with other identity-centric
>         protocols such as OAuth 2.0, OpenID Connect, Shared Signals,
>         and Fastfed
>       o Updates to the evolution of the externalid usage
>   * Document SCIM support for synchronization-related goals between
>     domains focused on:
>       o Handling returning large result sets through paging, based on
>         [draft-hunt-scim-mv-paging-00]
>       o Incremental approaches to synchronization
>   * Support for deletion-related goals including:
>       o Handling Deletes in SCIM Servers that don’t allow Deletes
>         (Soft Deletes) - based on [draft-ansari-scim-soft-delete-00]
>   * Support for advanced automation scenarios such as:
>       o Discovery and negotiation of client credentials
>       o Attribute mapping
>       o Per-attribute schema negotiation
>   * Enhance the existing schema to support exchanging of HR,
>     Enterprise group and privileged access management (using
>     draft-grizzle-scim-pam
>     <> as
>     a base)
> Best, Nancy (as one of the BoF chairs)
> _______________________________________________
> scim mailing list