Re: [scim] SCIM v3?

Phillip Hunt <phil.hunt@independentid.com> Mon, 08 June 2020 15:59 UTC

Return-Path: <phil.hunt@independentid.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DD8023A0D60 for <scim@ietfa.amsl.com>; Mon, 8 Jun 2020 08:59:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.894
X-Spam-Level:
X-Spam-Status: No, score=-1.894 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=independentid-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2aPjvBYrJHH4 for <scim@ietfa.amsl.com>; Mon, 8 Jun 2020 08:59:14 -0700 (PDT)
Received: from mail-pl1-x62d.google.com (mail-pl1-x62d.google.com [IPv6:2607:f8b0:4864:20::62d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8C7553A0D7F for <scim@ietf.org>; Mon, 8 Jun 2020 08:59:10 -0700 (PDT)
Received: by mail-pl1-x62d.google.com with SMTP id d8so3643039plo.12 for <scim@ietf.org>; Mon, 08 Jun 2020 08:59:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=independentid-com.20150623.gappssmtp.com; s=20150623; h=content-transfer-encoding:from:mime-version:subject:date:message-id :references:cc:in-reply-to:to; bh=1agD5PsESAqIdDB9ZRCBpmAK7TCYZdcxcQiIYqHDEIE=; b=A78wosRwtTV1tczNSYMVERut6eelrgxQCWHpKGrgB1eoX//qWWmVF/nKsWRn63Eb5P 2vMg/OjOwJbsB18hU/4F9Xv3niwum3IIU3eQTDznEhXAOa8dqxClUgDCL65nQ/MaoqKk OndbHnqTe3TmrhLLgemD6yLjPNt9fPoBNBvNgxARmZCJ/3dgbhUa+U+1lRoWg+A+7I73 n66E5dAsLN9rUhe8+DfICABEf64XiTU921/m2GZeUfxoDu5wEWwGrNH7pbI+e0zUarUx TxFf0DvbmAk3qv6DFdL9DB33Tek4xCUQVd63CnHG/PVADaG/5KyOT/BKoJDA/VHuALeU Pwrg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:content-transfer-encoding:from:mime-version :subject:date:message-id:references:cc:in-reply-to:to; bh=1agD5PsESAqIdDB9ZRCBpmAK7TCYZdcxcQiIYqHDEIE=; b=mJ0A7hNBW4HSysyS/JIIX1RXxeRVVKN24jWw57rsiIxVZvvSWZCfJxtdGoHbazKnxd dSlOhJBisMvaW0NQl+6nb30G0XfA3m87iIOwpLvDjhGumdtriAJpU/S4naRelddYKfAj mg/EmjRsIs/enm/7A/h6aSK0PMc/bOAa6NJeKoO85KCXuWoG/P/cbPAYIJrAZszEpmk4 zm0DN7M6z7WbCdeQk15U8b+hX3rxCfF0qFvkANBQ1lOCAaDwRlkLDDLmNDdLovBtj7dB lsy0BjtytEOgbcAc3PpHPYj5+o0h/nHGqQeRk9mSu8ocRJIuBQ2kt4bJ7nd5XA+oVAur pnLA==
X-Gm-Message-State: AOAM532HcOJA1EBkyMEsIg/ZzMvup3+6DhZLiEPcS3hxF20IKG+1hQhP 9jsCQh7uFVqxj6KjbRUkWlRV/Q==
X-Google-Smtp-Source: ABdhPJxzJaVo1wjYpGslPxVSMAFYGfMuaZmusGIm4+YhOc/emvtTSNruwHcNNl4Ffl7l8d5vzh0hNg==
X-Received: by 2002:a17:90b:895:: with SMTP id bj21mr41625pjb.148.1591631949224; Mon, 08 Jun 2020 08:59:09 -0700 (PDT)
Received: from ?IPv6:2001:569:7a71:1d00:f486:808:2de6:2611? (node-1w7jr9qrfoxxb8r6uumgg6yvl.ipv6.telus.net. [2001:569:7a71:1d00:f486:808:2de6:2611]) by smtp.gmail.com with ESMTPSA id m15sm6388515pgv.45.2020.06.08.08.59.08 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 08 Jun 2020 08:59:08 -0700 (PDT)
Content-Type: multipart/alternative; boundary=Apple-Mail-CF77FE54-232B-4C69-B032-5D874C606318
Content-Transfer-Encoding: 7bit
From: Phillip Hunt <phil.hunt@independentid.com>
Mime-Version: 1.0 (1.0)
Date: Mon, 8 Jun 2020 08:59:07 -0700
Message-Id: <A9824A60-BFB0-4047-8C09-6328CE497E36@independentid.com>
References: <F4D06C51-8D39-4AA3-83B0-6D6982C451C7@cisco.com>
Cc: Paul Logston <paul.logston@gmail.com>, Darran Rolls <me@darranrolls.com>, "scim@ietf.org" <scim@ietf.org>
In-Reply-To: <F4D06C51-8D39-4AA3-83B0-6D6982C451C7@cisco.com>
To: Eliot Lear <lear@cisco.com>
X-Mailer: iPhone Mail (17E262)
Archived-At: <https://mailarchive.ietf.org/arch/msg/scim/w2ep7V2xFzy9ut68Z_80xkLuQGw>
Subject: Re: [scim] SCIM v3?
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/scim/>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Jun 2020 15:59:25 -0000

Thanks Elliot. 

A number of these features including MVA filtering and paging are based on a desire to build front end IDM management UIs to SCIM API providers. 

One could say this would begin to move SCIM from a provisioning protocol to a “directory” protocol. Is SCIM Directory a theme that would drive interest in a new charter?

Phil

> On Jun 8, 2020, at 2:38 AM, Eliot Lear <lear@cisco.com> wrote:
> 
> Hi Paul,
> 
> As a hanger-on, I like your list.  I don’t see the value in paging, but clearly a great many others do, so I have something to learn.
> 
> Eliot
> 
>> On 8 Jun 2020, at 10:34, Paul Logston <paul.logston@gmail.com> wrote:
>> 
>> Hi Darran and Phil, 
>> 
>> I am interested in being part of this discussion. I work for a company that regularly uses the SCIM protocol and we have a use for a number of the extensions Darran suggested above. 
>> 
>> Best,
>> Paul
>> 
>> Paul Logston
>> (510) 755 - 4474
>> paul.logston@gmail..com
>> linkedin.com/in/paullogston
>> 
>> 
>> 
>> On Sun, Jun 7, 2020 at 3:32 AM Phillip Hunt <phil.hunt@independentid.com> wrote:
>>> Darran
>>> 
>>> Good to hear!
>>> 
>>> I am not sure these items require a v3. I believe these all can be done via extensions thus maintaining backwards compatibility. 
>>> 
>>> For example I did submit a proposal for paged attributes based on the current drafts. 
>>> 
>>> https://tools..ietf.org/html/draft-hunt-scim-mv-paging-00
>>> 
>>> I think we have to see if there is sufficient interest to charter a WG and determine interest in specific items. 
>>> 
>>> Another long term issue compliance issues. For this we to find an independent organization to develop and host an interop test suite as compliance testing is not something the IETF does.  This will likely require direct donation of funds and time. This is how things happened for OIDC testing. 
>>> 
>>> Phil Hunt
>>> 
>>>> On Jun 6, 2020, at 10:15 AM, Darran Rolls <me@darranrolls..com> wrote:
>>>> 
>>>> 
>>>> Hello SCIM folks,
>>>> 
>>>>  
>>>> 
>>>> To introduce myself to the group, up until March of this year I was the CTO at SailPoint and worked with Kelly Grizzle and Matt Domsch on all things identity standards.  I'm now consulting and engaging on various projects around the IAM space.  
>>>> 
>>>>  
>>>> 
>>>> Having chatted with Leif and Morteza directly, I wanted to bring a discussion back here to the full WG alias.  As several of you will already know, I’d like to formally make a request to re-chartering this WG.  The goal of the WG would be to address the ratification of the following work items: 
>>>> 
>>>>  
>>>> 
>>>> Protocol /operational enhancements
>>>> Multi-value paging & cursor pagination
>>>> Relying party user provisioning
>>>> Soft Delete
>>>> Interop and testing capabilities
>>>> New schema to address
>>>> Extended HR /user data and related action events
>>>> Ratification of extension to address Privilege Account Management user cases
>>>>  
>>>> 
>>>> I therefore seek your comments and input on this  proposal.  Are you interested to participate?  What is missing from the above list of work items?  Is there support for an informal interest-group call sometime in the next two weeks?
>>>> 
>>>>  
>>>> 
>>>> Thanks
>>>> 
>>>> Darran
>>>> 
>>>>  
>>>> 
>>>> -- 
>>>> 
>>>> https://www.darranrolls.com
>>>> 
>>>> LinkedIn @djrolls
>>>> 
>>>>  
>>>> 
>>>> _______________________________________________
>>>> scim mailing list
>>>> scim@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/scim
>>> _______________________________________________
>>> scim mailing list
>>> scim@ietf.org
>>> https://www.ietf.org/mailman/listinfo/scim
>> _______________________________________________
>> scim mailing list
>> scim@ietf.org
>> https://www.ietf.org/mailman/listinfo/scim
>