[scim] Uniqueness Violation Response Code

Shelley <randomshelley@gmail.com> Thu, 12 March 2020 19:29 UTC

Return-Path: <randomshelley@gmail.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8DA793A07CB for <scim@ietfa.amsl.com>; Thu, 12 Mar 2020 12:29:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4_M-ieYQvR2E for <scim@ietfa.amsl.com>; Thu, 12 Mar 2020 12:29:22 -0700 (PDT)
Received: from mail-ua1-x932.google.com (mail-ua1-x932.google.com [IPv6:2607:f8b0:4864:20::932]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C3FB43A074B for <scim@ietf.org>; Thu, 12 Mar 2020 12:29:22 -0700 (PDT)
Received: by mail-ua1-x932.google.com with SMTP id l7so2583072uap.8 for <scim@ietf.org>; Thu, 12 Mar 2020 12:29:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=vjNx6Xbe0xkXDYLY5FzHOwdPlwwvn/a2UGavwPU3Mnk=; b=pvdPvKKOJE8jXzS6JPBHQCKhDj8rqMvN3yEZHnR6twZ9bArVYmWk0aldtoQ7HvpLzF KvxE7RnvCIzWUiaIVss1rLrRzjEYBQCaSgo49151/bHsc21UJD0BILwGTyJUSU280RpX vyOq2vjo5q6Sd/phu5ZQMmzCF+pO8zuUjqyKZJwD7n/HoG7kYU1J7KSmZwcWdYWamqqR CXL5jGnX1/uRcfAkC22FSPFudqkLremY9CuXI0WrD3CYRp3VN7l1qsaJxiRfQa+ph4DP 8ahqhZBc7RIyhoDkPobATkyzShzWVueXZFwyESxqbOAekhdmOBm2cPmHpXiQp26fVP1O Df4w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=vjNx6Xbe0xkXDYLY5FzHOwdPlwwvn/a2UGavwPU3Mnk=; b=ntMwLEbVNiErSNEWpg5FZnvkxVRpv0qlUXfndb7CEvZoeYLYIEJEv+nPmtu8wW47kf XTM0bLz2aS1GFbE1xE33ew+Ty66lRhyEfxwhTH4UaSxLhC17/jgmSE950QFyJ5+DvTTI TvXghpW67DK0vo285YUHwHk5GnBkr/SY+H2hiRHir2I8oBbgX48Gbn11Rx9NzwUxlsm9 1W2GdIectscJgR9dX1NtEIfhWDB7q6hxUfhyodyUsbfZUS/PNAFoCup5kDt8dnSB6RqH gzYAeXo9wQ4meysYVc6pUHoHOaCe1V0lqs+5cYdmW9N2jAkFaB6lvdIFgcO6bA5Kl6dP cWog==
X-Gm-Message-State: ANhLgQ36EfVeTJmaFnw6+n7I5g622eqJALVyINYhR/0kqHQvREkiaWzl bUqnPZT8rJxg6+y0rXMw21VrxoIdVl0j2n/Pd3h/fQO1cKw=
X-Google-Smtp-Source: =?utf-8?q?ADFU+vuEMBwztqEfJ4TjqupkC8hvjW0UttAeKT7K53ZV?= =?utf-8?q?SFXHJlunfDd4H5pMqfgx2gZsIIgR//VyxjjF/ztO7/Yz4o0=3D?=
X-Received: by 2002:ab0:7715:: with SMTP id z21mr5920370uaq.118.1584041361445; Thu, 12 Mar 2020 12:29:21 -0700 (PDT)
MIME-Version: 1.0
From: Shelley <randomshelley@gmail.com>
Date: Thu, 12 Mar 2020 14:29:10 -0500
Message-ID: <CAGUsYPxvBj6839SjPgDhsU1Z=2-5MHFJRvDNTU5WvacreLuZdA@mail.gmail.com>
To: scim@ietf.org
Content-Type: multipart/alternative; boundary="000000000000a895d605a0ad5e4c"
Archived-At: <https://mailarchive.ietf.org/arch/msg/scim/uxRqyVHzWs9QvV1S4k2a9zgaTYo>
Subject: [scim] Uniqueness Violation Response Code
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/scim/>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Mar 2020 19:29:32 -0000

RFC 7643 Section 7 [1] indicates the following:

uniqueness  A single keyword value that specifies how the service
>    provider enforces uniqueness of attribute values.
> *  A server MAY   reject an invalid value based on uniqueness by returning
> HTTP*
> *   response code 400 (Bad Request).*
>

This contradicts the requirements in RFC 7644 Section 3.3 [2] which
indicates that service providers "*MUST return HTTP status code 409
(Conflict)*" when the creation of a requested resource would conflict with
an existing resource, i.e. by violating an attribute's uniqueness.
Therefore, servers *MAY NOT* reject invalid values based on uniqueness with
a 400, as RFC 7643 Section 7 currently indicates.

I assume 409 is the preferred response here, and so I was initially going
to report an errata that proposed 409 instead of 400 in RFC 7643 Section 7;
however, to avoid dependencies on specific HTTP response codes from RFC
7644, I would propose the section could be updated as follows instead, such
that the HTTP response code is omitted entirely:

uniqueness  A single keyword value that specifies how the service
>    provider enforces uniqueness of attribute values.  A server MAY
>    reject an invalid value based on uniqueness.


Any feedback is welcome. I'm happy to report the proposed errata if there
is consensus; otherwise, I at least wanted to bring awareness to the
contradiction between specs here.

[1] https://tools.ietf.org/html/rfc7643#section-7
[2] https://tools.ietf.org/html/rfc7644#section-3.3