Re: [scim] Clarification on SCIM schema extension URN naming rules
Brian Demers <brian.demers@gmail.com> Tue, 04 October 2022 14:33 UTC
Return-Path: <brian.demers@gmail.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8C9BDC1522CC for <scim@ietfa.amsl.com>; Tue, 4 Oct 2022 07:33:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.106
X-Spam-Level:
X-Spam-Status: No, score=-7.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6NJ-7_789Chj for <scim@ietfa.amsl.com>; Tue, 4 Oct 2022 07:33:50 -0700 (PDT)
Received: from mail-qt1-x829.google.com (mail-qt1-x829.google.com [IPv6:2607:f8b0:4864:20::829]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8EDA7C14CE2F for <scim@ietf.org>; Tue, 4 Oct 2022 07:33:50 -0700 (PDT)
Received: by mail-qt1-x829.google.com with SMTP id gb14so8220792qtb.3 for <scim@ietf.org>; Tue, 04 Oct 2022 07:33:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=to:in-reply-to:cc:references:message-id:date:subject:mime-version :content-transfer-encoding:from:from:to:cc:subject:date:message-id :reply-to; bh=GwY+YTqYTEDrJE3hSI0VLEWdaqdOiBrNLz9A+eqbH8s=; b=ISxspg37/Ge04wMLqM9r8tNQmhpH+gztip8JuMz4cJqJEcHMn+wz1iSHhAqgaG1CzD sr1o2V4WwlN8pxAm88USuPi/QfI6Xa4VRUexcp1Vj+NZbZk33GGVQMsXtYwsQYnoRF4o yVpiWd4NOcckd1q5xHxBUfzrOlGhTK2LmReZVaD7JNeN3MejS28N1nQNKbJtmG9aWUvx GRc3sX96GCx7X5uqsez1Nf7oGM0kz7cVZYXmBii9SXnarFupmsubjx+Q8e7KcpoczOZB 6IvYcdS9A28VLs27VWIioWOivRo0si5QfNvqbRE1J5BVSS3yBaF3k5rbAOPwFqzlIFbY 7qxA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=to:in-reply-to:cc:references:message-id:date:subject:mime-version :content-transfer-encoding:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=GwY+YTqYTEDrJE3hSI0VLEWdaqdOiBrNLz9A+eqbH8s=; b=o6Kx5vwRLiRmeZHJRlZvsRDXm8t6nRR9OBEnN+qHFPON4S9hIqW4tKnx3S4o+Vv7CM DP2YPdb36U66Uj0jppgC6qp9wzIyqM9RhHjdHDMUvVJlchtdmgoaR8d2Hks8eobOWMWp ak8b3w2LQINEwXcY4/yKcNK/s7lkTFS/EnrBqByH/7AQBKcZ11V5dE8ZBkmrPU8WSAEe HQNEyk+0Acl1uAKwqn40RbRAzQ4CSTrEvpR/Xka93VhTq738i6JV0ERfjZOJfglGgdTA bZnpqGK8fpFNMTsKDx9CbJrQCsjg/I5co6jhUSif3ZkE7RMgkmwU0dpduSqi7jDZwMv5 NSdQ==
X-Gm-Message-State: ACrzQf0JIp30vFsavnBo+nJQ4/eJ4Pji8tbX53zsNtXr60nLtSBAADot sXfe3e0auPVXC/vbPooPAbg=
X-Google-Smtp-Source: AMsMyM5lPmS8CBZWPF6EtYKVk8Cf2gt0wHdwpaS6QYGn58lRZHUCetx27QXkinEoUZUvp/HqJCt6MA==
X-Received: by 2002:a05:622a:345:b0:35d:5374:ef95 with SMTP id r5-20020a05622a034500b0035d5374ef95mr19696964qtw.492.1664894029248; Tue, 04 Oct 2022 07:33:49 -0700 (PDT)
Received: from smtpclient.apple ([12.208.132.160]) by smtp.gmail.com with ESMTPSA id e10-20020a05622a110a00b0035a6d0f7298sm13149069qty.35.2022.10.04.07.33.47 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 04 Oct 2022 07:33:47 -0700 (PDT)
From: Brian Demers <brian.demers@gmail.com>
X-Google-Original-From: Brian Demers <Brian.Demers@gmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (1.0)
Date: Tue, 04 Oct 2022 09:33:46 -0500
Message-Id: <3250F090-BCCB-4999-9D90-4D428D3100B6@gmail.com>
References: <45e96760033c3246615c41e279c91683@audriga.com>
Cc: Danny Zollner <Danny.Zollner=40microsoft.com@dmarc.ietf.org>, Stanimir Bozhilov <stanimir@audriga.com>
In-Reply-To: <45e96760033c3246615c41e279c91683@audriga.com>
To: scim@ietf.org
X-Mailer: iPhone Mail (19G82)
Archived-At: <https://mailarchive.ietf.org/arch/msg/scim/dlgCHjMC2DgohXFQS3abBS4Wrjg>
Subject: Re: [scim] Clarification on SCIM schema extension URN naming rules
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/scim/>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 04 Oct 2022 14:33:54 -0000
Same question here! I gave a SCIM talk yesterday, and Iglossed over this topic, because it was not clear to me. The spec states the URN prefix for the IANA registered schema. But that may suggest that non-registered schema should avoid that prefix? 🤷 -Brian > On Oct 4, 2022, at 9:13 AM, Stanimir Bozhilov <stanimir@audriga.com> wrote: > > On 2022-09-30 07:37, Danny Zollner wrote: >> Hi SCIM-ers, >> In RFC 7643, as best I can tell, all of the examples of schemas for >> SCIM resources begin with the prefix of >> urn:ietf:params:scim:schemas:…, with the sole exception of the text >> on page 29 that refers to the schema for the ResourceType resource. >> This text describing the schema for the ResourceType resource contains >> the following: >> schemaExtensions >> A list of URIs of the resource type's schema extensions. >> OPTIONAL. >> schema The URI of an extended schema, e.g., >> "urn:edu:2.0:Staff". >> This MUST be equal to the "id" attribute of a "Schema" >> resource. REQUIRED. >> This example uses urn:edu:2.0:Staff as the example for an extension >> schema, but all other examples of schemas in RFC 7643 that I could >> find use the ietf namespace. In a discussion I was having with a >> colleague of mine a few months ago, it was stated that the only schema >> URNs that should be using the urn:ietf:.. namespace are ones contained >> in IETF-managed drafts or RFCs. I've worked with dozens of SCIM >> service provider implementers in the past few years, and possibly >> without exception all implementers that have custom schema extensions >> do something equivalent to >> urn:ietf:params:scim:schemas:extension:CompanyName:2.0:User. >> I'd like to get input from others in the working group - is it correct >> that for non-IETF managed schemas - such as those that are custom to a >> single SCIM implementation - that a schema extension URN should not >> begin with urn:ietf:… but instead virtually anything else - i.e.: >> urn:foo:bar, or the example above of urn:edu:2.0:Staff? >> If it is the case, then I've got the following questions: >> * Does improper schema URN naming(improper usage of urn:ietf:.. ) >> have any negative impact? >> * For future guidance on this topic as part of the SCIM 2.0 standard, >> should any consideration be given to the fact that the overwhelming >> majority of SCIM 2.0 implementers have implemented their extensions >> starting with urn:ietf:..? >> * If a future version increase of SCIM happens - 2.1, 3.0, etc - >> should clearer guidance on proper versus improper schema URN naming be >> given, including explicit guidance that urn:ietf:… is reserved? >> Thanks, >> Danny Zollner >> _______________________________________________ >> scim mailing list >> scim@ietf.org >> https://www.ietf.org/mailman/listinfo/scim > > > Hi Danny, > > We're currently facing the same issue where it's not completely clear how one is supposed to define the URN of new resources or extensions in SCIM. > > For the time being, we took the approach where we have the "urn:ietf:..." prefix and at the end of the URN we have "CompanyName:2.0:SomeResourceType". However, we weren't really sure whether this was actually proper naming and so we could easily change the URN naming in case it turns out that this is not the right way to go about naming new resources and/or schema extensions. > Regarding this matter, we'd also be particularly interested in feedback and official guidance on how such naming should be done in general. > > Best regards, > Stanimir Bozhilov > > -- > Stanimir Bozhilov > Tel: +49 721 170293 16 > Fax: +49 721 170293 179 > > http://www.audriga.com | http://www.twitter.com/audriga > > -------------------------------------------------------------------------- > audriga GmbH | Alter Schlachthof 57 | 76137 Karlsruhe > Sitz der Gesellschaft: Karlsruhe - Amtsgericht Mannheim - HRB 713034 > Geschäftsführer: Dr. Frank Dengler, Dr.-Ing. Hans-Jörg Happel > -------------------------------------------------------------------------- > > _______________________________________________ > scim mailing list > scim@ietf.org > https://www.ietf.org/mailman/listinfo/scim
- [scim] Clarification on SCIM schema extension URN… Danny Zollner
- Re: [scim] Clarification on SCIM schema extension… Stanimir Bozhilov
- Re: [scim] Clarification on SCIM schema extension… Brian Demers
- Re: [scim] Clarification on SCIM schema extension… Phillip Hunt
- Re: [scim] Clarification on SCIM schema extension… Brian Demers
- Re: [scim] Clarification on SCIM schema extension… Phillip Hunt
- Re: [scim] [EXTERNAL] Re: Clarification on SCIM s… Danny Zollner
- Re: [scim] [EXTERNAL] Clarification on SCIM schem… Phillip Hunt