[scim] Clarification on SCIM schema extension URN naming rules
Danny Zollner <Danny.Zollner@microsoft.com> Fri, 30 September 2022 05:37 UTC
Return-Path: <Danny.Zollner@microsoft.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5907CC152565 for <scim@ietfa.amsl.com>; Thu, 29 Sep 2022 22:37:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.682
X-Spam-Level:
X-Spam-Status: No, score=-2.682 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.571, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BBJRsklLQoz7 for <scim@ietfa.amsl.com>; Thu, 29 Sep 2022 22:37:49 -0700 (PDT)
Received: from NAM06-BL2-obe.outbound.protection.outlook.com (mail-bl2nam06on2097.outbound.protection.outlook.com [40.107.65.97]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5B048C1524CE for <scim@ietf.org>; Thu, 29 Sep 2022 22:37:49 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Qefnn1kpS2Ksy+nhlADSjxgUX61ZYxTsC3QrNNbb2LedZuXdhJeqjnHrOPLhPx/i5jn2eB1qqIijc5idCws0+is+TNJOSg2/0qoDVeZ5zkO9OKHbkzlwjir96gxfODm/UTvxGaNu4AK3eyNE2lwPnm9ig/1JMeGOF4EB+MidxmlrsUCApXC11dEfPull4C9bhxOVnqpDvLgNGv81WK6cSq7yxx3qqOcITnMN2BUET0XqcckivrX5KFXUeCIUHsRrTzq/aVjOd+vuOg1y8+Dh71Q+VoYM35NNdMaPnh/6aF1VqyqT65i/2DArBVHR/du7ZhdwZBoQKUbVSNCVqdZNkQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=4FP9JfyEJBijJcgviIsGAmYd/YDHi1ZWt490AsbGMOQ=; b=WOQgVEq0cFfWXdAdR/luMvHbeCnSBJ6c+DYi6Lb+ATz4MpEuLDVYtOP0Xn25OBHchugH/Vbt3a/OyhQQRWBs4sK4pBVH3iJrRZXh3/QW9FobC4sNF0/X7RdLleWjV2MVe3JAmbBW3Q/alOBchd2hR1ditzfxgSplRoB1Ove/slmoE+g7K2+HoWyzV8j3ATOB0++VR6S3De17uXWYmBEYH7631CDfa7C1m1HrzTnPfdIVwAGxHJbRkt8Z3LI28l7ZA+thtKM6WMWxggj4lPIOGHNOxP4WR9pASYQdEGS1T3jvkk03Q7BnW3mIpk+Sx8vREtUvw4y1LoEjzkL0K74yzQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=4FP9JfyEJBijJcgviIsGAmYd/YDHi1ZWt490AsbGMOQ=; b=gSz3WvzL6Ij410G5cDr5LR6BBTuI9QARLu4cZ4I+45jpMTN4dXENwxpFxlwy5T92WLUpCNbKKmG9AyAexQTSZzU9N/apY0xzFm3umnt/4V4YVjymOmDL3g3Xic6LCDHIzc5zzsP8JELyAaut0RPbJvrHB9whLXGNZlnUQ9jvn48=
Received: from MN2PR00MB0718.namprd00.prod.outlook.com (2603:10b6:208:1de::9) by CY5PR00MB1569.namprd00.prod.outlook.com (2603:10b6:930:41::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5718.0; Fri, 30 Sep 2022 05:37:45 +0000
Received: from MN2PR00MB0718.namprd00.prod.outlook.com ([fe80::a65e:b3f7:f43:ec86]) by MN2PR00MB0718.namprd00.prod.outlook.com ([fe80::a65e:b3f7:f43:ec86%3]) with mapi id 15.20.5720.000; Fri, 30 Sep 2022 05:37:38 +0000
From: Danny Zollner <Danny.Zollner@microsoft.com>
To: "scim@ietf.org" <scim@ietf.org>
Thread-Topic: Clarification on SCIM schema extension URN naming rules
Thread-Index: AdjUjh7dbTbAAZo8QKm7LUoX0iFYuQ==
Date: Fri, 30 Sep 2022 05:37:38 +0000
Message-ID: <MN2PR00MB0718330845E660E9F8EC2EEDFF569@MN2PR00MB0718.namprd00.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: MN2PR00MB0718:EE_|CY5PR00MB1569:EE_
x-ms-office365-filtering-correlation-id: f3d04807-0bfa-465f-41d9-08daa2a5e2fb
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: LjcYmqQIo1eXAoi/JxyLutodVhD2HOjUoMKWKEx0SPGvJfamZWvYxMjLYvIs1DR4YO7jasn38uMTTLeYwX3xb3y+77QsyH9V+ZVrCp9UxzBMJIfMQH9eh8mx4wjWv6Ra4Lo9kc6olF6vdBBGFLnACrkqx06KI6SBvBybo4imE0e6HmHHpdBY4l0aTIV0MzWSf7BxiEtGACz4M8zNTK67f6jduUxItqyvrpsn+foccRIP5U5/zLhMNhkEw4d0wcGvQi74LqPqSWgcHtuEFIlMjS/VbHbKX5obPBRkbu5u1zxRdxkr4EnTnfaeTMabCkcCTKXeCGtHtAT24+A0tND1ahDonlV2JQHxr4U6nBHyzWGszGYJOSkuD2cZFHS0UX4XtZppeiVARYcBJsVIW9KAF3ya2lt13yC4Rdg3r2xzp1Mw0H8TTnwprv6aK+92RrOrZKz/QAWvixKvflRUs8kJoxD4XcMhbO0UI7t/82/bC+T8Pbkt+6rq9TYq4b8XHex3ZL0MMX35Umu3uXc7zq/bDoEIBGWU7w2TPGtZRZN7O+Pm7+SkqVn/XnmuZBcHFP0V9SvAHIyaHZgJY/bWXGFme072JcICbc18rzWw+VjxUi3EKKBSgVQR6OGbxxf5FA+2I1OI3eJwvzyvkcq6n4F7v0bkyxX9Q0LBuOgspodXSB+fHdibfryV9USMUOYnOL0E8kf2wlAVfGaJE3MdwqujD1glk5mlcTAvC9nzaLPOXZwFLEfLYEYfvfv7UPTAb2gAIkIub0rIX8UXiB2CaADGxTUeG9TlK4t8WFD9Vnhtwi/7Mh2PzPqcmgqlxq2SkjZE
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR00MB0718.namprd00.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230022)(4636009)(376002)(396003)(366004)(136003)(346002)(39860400002)(451199015)(122000001)(38100700002)(5660300002)(86362001)(52536014)(8990500004)(26005)(55016003)(8936002)(6506007)(7696005)(66446008)(64756008)(9686003)(8676002)(66476007)(66556008)(66946007)(76116006)(41300700001)(186003)(38070700005)(71200400001)(33656002)(10290500003)(2906002)(82960400001)(316002)(6916009)(478600001)(82950400001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 1QD0tNegyHMBEabpOX8RI1C5hPFsIrHZ0gGj9VSQ0mgLOcqgk6Eu+TGoaE83Rza1HJO2yUwh8/HuWgEaEJ7uehm2GQUKIjwTfD93HJCR2wBuARXLjMbkOVtGF+rwhk8Sr9OdhcYVM85lqzqn4XKQlyP6Tb5MsH8oIY83BVEd7wXq+1b2RsRm2VDXZc5Mlpm6Mh5soBoqQNsOp+xZCD5hpCQcPBIy7lc8o3DIaP5jt5TgtuDPXtmMxL9GUA+rGF0JUBSZyEbgipGko6v7fCR4ckc38FDPwZF7BVbvnx3oawTCZOV0K86XW7sAnQnzcmqx8U8V+rK4Ifdj/BzUm+unXPlkwCNivSOm0T+nU1y6MmorZVTn9luq0ku/zE2/TNDD+ft4PI6ApkLHZCijy3uTXRGjtK0yP/6sMI5sEeX9gi6DeTrwrHnj4Df8MM2wSgaGw2/5t7eH3yIe52zwoIzpQjlE4l0uwnjOllUruwbbIJvNF/E1jVTMtICHnyhiIrWvjESBac5y7ZQKLtzSfgC9Dtfi885tbqqGxvlbWDm9bDbPQowAJHvoGm4ISv9dugSNM3Bsj2/DHbFRC1XmDEJTGC2BjKd8xNNdticO0iiFkUfpzprv3cHeXmK2bvnsBFHXcnSYu/gZWJeJDx7xWGzdXAc2SnvHu5BFWMZ3gHjEDwSNhwWZZ33GOphMuBfSCgnP7jN7ghuhmuWuuvl8QXdXyOfLgeQ6ga39s11EDH7whQeVQaHLkOM4OyM2i+ZtlB2wBMrXKCXIg97umSTaKdApcJj+5qosyRnEeDyUI0Uec9eo76Dym0+qXxD/D10QmRNA8teUo1hukf+wLFh5itW1bx7cUvOAFwMJfLARNqAudOLhTIbnXh9bSp6VEED4hym/0PAHUC5zZkUeOb7mv8RnpPfAWOTA5RldhpqhEGMZOm5805q52U5hZE0mttA63I/QuVDOiz3MjyXSXx0omEWhAXh0QbjLTF16UXNh5kBOUB0VoKVHysnnL4LHcZyyoU2KHt/GDZnHJP+IA3gYeOP+DYZDHa6mfoYFJUbxlzaqaWkXAtJS11PvA9mfZ2GlJMqAlA9Jm1v/Q4RLzNhZMaOm1Br7/0IUFbFdEiesHAmYHn27E4FE515bWVbAu+bRdUmD1ZTdA3YpcUx7ap5IiYjrKjWWqVlXVMU1rWCw6Eut3OCVQ4IZ7pcS5+jAiLn7FCetnZlQiBjZLMbf93PP0BK8htYyUoc64k/Hl423+1XqVsVM+lWbO6eh/rxwMijYTbOnxUToOTi92bzHAFSjLB7W0O/uAxcoKnJKB8fodm+S9pGPGYTksM0IL3ptp83nhoarNpL6F9S2F/wvlL5c54eLmpMrs6feMHL1qfE5nSbQV/SqpxHNOhnBMCkP79BLt4+QgfiJrT2jvGZHaTv3DffEAhvnOAesM0EWnlnp/oNpLwRg6i2DOrKwNGNMSU7HClqN4WW9BEanpoDEvvlUDQlzQS9Y6zUsyAy6krZ0pyV9bHCzH4slowwVGx/0vppnnlEro1qowob6eqG+0iL5cRETbtGs0R0MVcroZQwKH+xt49wcngb2qV9JWBhO6BUJf2va
Content-Type: multipart/alternative; boundary="_000_MN2PR00MB0718330845E660E9F8EC2EEDFF569MN2PR00MB0718namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MN2PR00MB0718.namprd00.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: f3d04807-0bfa-465f-41d9-08daa2a5e2fb
X-MS-Exchange-CrossTenant-originalarrivaltime: 30 Sep 2022 05:37:38.7142 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: IOv11GELG7M0XizB0VJUluLCS5ud9dMlvEBcMjBsHHhSznHogtaV4rFJMvwIvDvgirggpzqtrCQwB2BW1wMIJg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY5PR00MB1569
Archived-At: <https://mailarchive.ietf.org/arch/msg/scim/pwT-JykYj-2l_VgSbVmX_tsdqQU>
Subject: [scim] Clarification on SCIM schema extension URN naming rules
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/scim/>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Sep 2022 05:37:50 -0000
Hi SCIM-ers,
In RFC 7643, as best I can tell, all of the examples of schemas for SCIM resources begin with the prefix of urn:ietf:params:scim:schemas:..., with the sole exception of the text on page 29 that refers to the schema for the ResourceType resource. This text describing the schema for the ResourceType resource contains the following:
schemaExtensions
A list of URIs of the resource type's schema extensions.
OPTIONAL.
schema The URI of an extended schema, e.g., "urn:edu:2.0:Staff".
This MUST be equal to the "id" attribute of a "Schema"
resource. REQUIRED.
This example uses urn:edu:2.0:Staff as the example for an extension schema, but all other examples of schemas in RFC 7643 that I could find use the ietf namespace. In a discussion I was having with a colleague of mine a few months ago, it was stated that the only schema URNs that should be using the urn:ietf:.. namespace are ones contained in IETF-managed drafts or RFCs. I've worked with dozens of SCIM service provider implementers in the past few years, and possibly without exception all implementers that have custom schema extensions do something equivalent to urn:ietf:params:scim:schemas:extension:CompanyName:2.0:User.
I'd like to get input from others in the working group - is it correct that for non-IETF managed schemas - such as those that are custom to a single SCIM implementation - that a schema extension URN should not begin with urn:ietf:... but instead virtually anything else - i.e.: urn:foo:bar, or the example above of urn:edu:2.0:Staff?
If it is the case, then I've got the following questions:
1. Does improper schema URN naming(improper usage of urn:ietf:.. ) have any negative impact?
2. For future guidance on this topic as part of the SCIM 2.0 standard, should any consideration be given to the fact that the overwhelming majority of SCIM 2.0 implementers have implemented their extensions starting with urn:ietf:..?
* If a future version increase of SCIM happens - 2.1, 3.0, etc - should clearer guidance on proper versus improper schema URN naming be given, including explicit guidance that urn:ietf:... is reserved?
Thanks,
Danny Zollner
- [scim] Clarification on SCIM schema extension URN… Danny Zollner
- Re: [scim] Clarification on SCIM schema extension… Stanimir Bozhilov
- Re: [scim] Clarification on SCIM schema extension… Brian Demers
- Re: [scim] Clarification on SCIM schema extension… Phillip Hunt
- Re: [scim] Clarification on SCIM schema extension… Brian Demers
- Re: [scim] Clarification on SCIM schema extension… Phillip Hunt
- Re: [scim] [EXTERNAL] Re: Clarification on SCIM s… Danny Zollner
- Re: [scim] [EXTERNAL] Clarification on SCIM schem… Phillip Hunt