From moransar@cisco.com Wed Feb 8 19:33:11 2012 Return-Path: X-Original-To: scim@ietfa.amsl.com Delivered-To: scim@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7C34E11E80A1 for ; Wed, 8 Feb 2012 19:33:11 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -10.598 X-Spam-Level: X-Spam-Status: No, score=-10.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9EvZj8uwtmHq for ; Wed, 8 Feb 2012 19:33:10 -0800 (PST) Received: from rcdn-iport-4.cisco.com (rcdn-iport-4.cisco.com [173.37.86.75]) by ietfa.amsl.com (Postfix) with ESMTP id 2D45A11E8098 for ; Wed, 8 Feb 2012 19:33:05 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=moransar@cisco.com; l=24047; q=dns/txt; s=iport; t=1328758385; x=1329967985; h=mime-version:subject:date:message-id:from:to; bh=M4GRmNdJKYes7BvEabV1uLr1HGN35cmYGny2hpR6LJ4=; b=kO6cBeDae4ZrOUvnCIjplDHQ28t9qwMAyIKzWiSJCguyWt0TF2OTEqE1 oir40WmLQR3lyg5CP6gv0TXtbCby8vR+qGeMXiylZljTLN1MDbAA6G05O IKSac0SmE0QaVGELXBXVlZCZos57cf4H4gZR+t1L3oxofhqqaEzquPuV9 M=; X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: Av8EAJo9M0+tJV2Y/2dsb2JhbAA6CYJNrFOBB4F0AQQBAQEPAQkRAz4dASoCBBAIByYxAQQTCAEZh2OZHIEnAZ5TiGuCUgQZDgQCAwUKATyEYAEFCoJWYwSIRp9j X-IronPort-AV: E=Sophos;i="4.73,387,1325462400"; d="scan'208,217";a="57487011" Received: from rcdn-core-1.cisco.com ([173.37.93.152]) by rcdn-iport-4.cisco.com with ESMTP; 09 Feb 2012 03:32:59 +0000 Received: from xbh-rcd-302.cisco.com (xbh-rcd-302.cisco.com [72.163.63.9]) by rcdn-core-1.cisco.com (8.14.3/8.14.3) with ESMTP id q193WxUv021908 for ; Thu, 9 Feb 2012 03:32:59 GMT Received: from xmb-rcd-313.cisco.com ([72.163.63.28]) by xbh-rcd-302.cisco.com with Microsoft SMTPSVC(6.0.3790.4675); Wed, 8 Feb 2012 21:32:59 -0600 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01CCE6DB.854DDC6A" Date: Wed, 8 Feb 2012 21:32:58 -0600 Message-ID: <93C6FB63F046384C86EC8F7F3FFEC7BEA723CB@XMB-RCD-313.cisco.com> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Porposed charter Thread-Index: AczmzBHGeogmTjP9SHiNgabjIRt73Q== From: "Morteza Ansari (moransar)" To: X-OriginalArrivalTime: 09 Feb 2012 03:32:59.0410 (UTC) FILETIME=[8536F720:01CCE6DB] Subject: [scim] Porposed charter X-BeenThere: scim@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Simple Cloud Identity Management BOF List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Feb 2012 03:33:11 -0000 This is a multi-part message in MIME format. ------_=_NextPart_001_01CCE6DB.854DDC6A Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi folks, =20 Here is the proposed charter as we discussed over the cloud-directory mailing list. Please review and send your comments. =20 =20 Cheers, Morteza =20 =20 Simplified Cloud Identity Management (SCIM) -------------------------------------------------------- =20 Charter =20 Current Status: BOF Request =20 Chair(s): TBD1 TBD2 =20 Applications Area Director(s): Pete Resnick =20 Peter Saint-Andre =20 Mailing Lists: General Discussion: scim@ietf.org To Subscribe: https://www.ietf.org/mailman/listinfo/scim Archive: http://www.ietf.org/mail-archive/web/scim/current/maillist.html =20 Description of Working Group: =20 The Simple Cloud Identity Management (SCIM) specification is designed to make managing user identity lifecycle in cloud based applications and services easier. =20 The specification suite seeks to build upon experience with existing schemas and deployments, placing specific emphasis on simplicity of development and integration, while applying existing authentication, authorization, and privacy models. Its intent is to reduce the cost and complexity of user management operations by providing a common user schema and extension model, as well as binding documents to provide patterns for exchanging this schema using standard protocols. =20 The group will work to adapt the SCIM 1.0 specification produced under the Open Web Foundation framework (http://www.simplecloud.info) as an IETF technology for management of user identities in cloud-based applications. =20 SCIM 1.0 consists of: * Schema definition for identity related objects * Protocol definition for accessing and managing the identity objects * Binding of SCIM schema to Security Assertion Markup Language (SAML) messages and assertions * Binding of SCIM schema to Lightweight Directory Access Protocol (LDAP) schema (RFC4519) =20 The Working Group will produce one or more documents suitable for consideration as a Proposed Standard that will: * Improve the terminology used * Embody good security practices, document gaps in its capabilities, and propose a path forward for addressing the gaps * Promote interoperability * Provide guidelines for extensibility =20 SCIM 1.0 will be used as the starting point. The working group will strive to retain backward compatibility with the 1.0 specification. Changes that are not backwards compatible may be accepted if the group determines changes are required to meet the group's technical objectives and the group clearly documents the reasons for making them. =20 The Working Group should consider: * Implementer experience * The end-user experience, including internationalization * Existing uses of SCIM * Ability to achieve broad implementation * Ability to address broader use cases than those considered by the original authors * Additional functions or extensions that are needed to address key security concerns, cross-area review, and implementer feedback =20 The working group will focus on adapting the core technology first but work on extensions will be considered after the core work is well in hand. ------_=_NextPart_001_01CCE6DB.854DDC6A Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Hi = folks,

 

Here is the proposed charter as we discussed over the = cloud-directory mailing list. Please review and send your = comments.

 

 

Cheers,

Morteza

 

 

Simplified Cloud Identity Management = (SCIM)

---------------------------------------------------= -----

 

Charter

 

Current Status: BOF = Request

 

Chair(s):

     = TBD1

     = TBD2

 

Applications Area = Director(s):

     Pete Resnick = <presnick@qualcomm.com>

     Peter Saint-Andre = <stpeter@stpeter.im>

 

Mailing = Lists:

     General Discussion: = scim@ietf.org

     To = Subscribe:     = https://www.ietf.org/mailman/listinfo/scim

     = Archive:           = ;    = http://www.ietf.org/mail-archive/web/scim/current/maillist.html

 

Description of Working = Group:

 

The Simple Cloud = Identity Management (SCIM) specification is designed to make managing = user identity lifecycle in cloud based applications and services = easier.

 

The specification suite = seeks to build upon experience with existing schemas and deployments, = placing specific emphasis on simplicity of development and integration, = while applying existing authentication, authorization, and privacy = models. Its intent is to reduce the cost and complexity of user = management operations by providing a common user schema and extension = model, as well as binding documents to provide patterns for exchanging = this schema using standard protocols.

 

The group will work to = adapt the SCIM 1.0 specification produced under the Open Web Foundation = framework (http://www.simplecloud.info) as an IETF technology for = management of user identities in cloud-based = applications.

 

SCIM 1.0 consists = of:

·         = Schema = definition for identity related objects

·         = Protocol = definition for accessing and managing the identity = objects

·         = Binding of = SCIM schema to Security Assertion Markup Language (SAML) messages and = assertions

·         = Binding of = SCIM schema to Lightweight Directory Access Protocol (LDAP) schema = (RFC4519)

 

The Working Group will = produce one or more documents suitable for consideration as a Proposed = Standard that will:

·         = Improve the = terminology used

·         = Embody good = security practices, document gaps in its capabilities, and propose a = path forward for addressing the gaps

·         = Promote = interoperability

·         = Provide = guidelines for extensibility

 

SCIM 1.0 will be used = as the starting point. The working group will strive to retain backward = compatibility with the 1.0 specification. Changes that are not backwards = compatible may be accepted if the group determines changes are required = to meet the group's technical objectives and the group clearly documents = the reasons for making them.

 

The Working Group = should consider:

·         = Implementer = experience

·         = The end-user = experience, including internationalization

·         = Existing uses = of SCIM

·         = Ability to = achieve broad implementation

·         = Ability to = address broader use cases than those considered by the original = authors

·         = Additional = functions or extensions that are needed to address key security = concerns, cross-area review, and implementer = feedback

 

The working group will = focus on adapting the core technology first but work on extensions will = be considered after the core work is well in = hand.

------_=_NextPart_001_01CCE6DB.854DDC6A-- From Paul.Lipton@ca.com Wed Feb 8 19:41:16 2012 Return-Path: X-Original-To: scim@ietfa.amsl.com Delivered-To: scim@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2C22E11E80BF for ; Wed, 8 Feb 2012 19:41:16 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.599 X-Spam-Level: X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yv9s3Z6T0X1K for ; Wed, 8 Feb 2012 19:41:15 -0800 (PST) Received: from na3sys009aog119.obsmtp.com (na3sys009aog119.obsmtp.com [74.125.149.246]) by ietfa.amsl.com (Postfix) with ESMTP id D40CE21F84A0 for ; Wed, 8 Feb 2012 19:41:12 -0800 (PST) Received: from USILMS190.ca.com ([141.202.246.44]) (using TLSv1) by na3sys009aob119.postini.com ([74.125.148.12]) with SMTP ID DSNKTzNAVoUsKJ22nnUw1VaZ21wt4SABSHg6@postini.com; Wed, 08 Feb 2012 19:41:12 PST Received: from USILMS175.ca.com (141.202.6.25) by USILMS190.ca.com (141.202.246.44) with Microsoft SMTP Server (TLS) id 14.1.355.2; Wed, 8 Feb 2012 22:41:08 -0500 Received: from USILMS111A.ca.com ([169.254.3.121]) by usilms175.ca.com ([141.202.6.25]) with mapi id 14.01.0355.002; Wed, 8 Feb 2012 22:41:01 -0500 From: "Lipton, Paul C" To: "Morteza Ansari (moransar)" , "scim@ietf.org" Thread-Topic: Porposed charter Thread-Index: AczmzBHGeogmTjP9SHiNgabjIRt73QAD64Qw Date: Thu, 9 Feb 2012 03:41:00 +0000 Message-ID: References: <93C6FB63F046384C86EC8F7F3FFEC7BEA723CB@XMB-RCD-313.cisco.com> In-Reply-To: <93C6FB63F046384C86EC8F7F3FFEC7BEA723CB@XMB-RCD-313.cisco.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.129.27.206] Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: Re: [scim] Porposed charter X-BeenThere: scim@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Simple Cloud Identity Management BOF List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Feb 2012 03:41:16 -0000 Hi all, I realize that I am not a SCIM-er, but I've done some charters before. In t= he spirit of being helpful, may I point out that one most important part of= a charter is the "Out of Scope" section. This not only helps focus the gro= up and fights "scope creep," but helps protect participants from unanticipa= ted IP obligations.=20 Just a thought.=20 Regards, Paul=20 =A0 Paul Lipton CA Technologies VP, Industry Standards and Open Source=20 Member, CA Council for Technical Excellence=20 Office Phone: +1 609 583-9718 Mobile: +1 267 987-6887 Email: paul.lipton@ca.com =3D=3D=3D From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of Mor= teza Ansari (moransar) Sent: Wednesday, February 08, 2012 10:33 PM To: scim@ietf.org Subject: [scim] Porposed charter Hi folks, Here is the proposed charter as we discussed over the cloud-directory maili= ng list. Please review and send your comments. Cheers, Morteza Simplified Cloud Identity Management (SCIM) -------------------------------------------------------- Charter Current Status: BOF Request Chair(s): =A0=A0=A0=A0 TBD1 =A0=A0=A0=A0 TBD2 Applications Area Director(s): =A0=A0=A0 =A0Pete Resnick =20 =A0=A0=A0=A0=A0Peter Saint-Andre Mailing Lists: =A0=A0=A0=A0 General Discussion: scim@ietf.org =A0=A0=A0=A0 To Subscribe:=A0=A0=A0=A0 https://www.ietf.org/mailman/listinf= o/scim =A0=A0=A0=A0 Archive:=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 http://www.= ietf.org/mail-archive/web/scim/current/maillist.html Description of Working Group: The Simple Cloud Identity Management (SCIM) specification is designed to ma= ke managing user identity lifecycle in cloud based applications and service= s easier. The specification suite seeks to build upon experience with existing schema= s and deployments, placing specific emphasis on simplicity of development a= nd integration, while applying existing authentication, authorization, and = privacy models. Its intent is to reduce the cost and complexity of user man= agement operations by providing a common user schema and extension model, a= s well as binding documents to provide patterns for exchanging this schema = using standard protocols. The group will work to adapt the SCIM 1.0 specification produced under the = Open Web Foundation framework (http://www.simplecloud.info) as an IETF tech= nology for management of user identities in cloud-based applications. SCIM 1.0 consists of: . Schema definition for identity related objects . Protocol definition for accessing and managing the identity objects . Binding of SCIM schema to Security Assertion Markup Language (SAML) messa= ges and assertions . Binding of SCIM schema to Lightweight Directory Access Protocol (LDAP) sc= hema (RFC4519) The Working Group will produce one or more documents suitable for considera= tion as a Proposed Standard that will: . Improve the terminology used . Embody good security practices, document gaps in its capabilities, and pr= opose a path forward for addressing the gaps . Promote interoperability . Provide guidelines for extensibility SCIM 1.0 will be used as the starting point. The working group will strive = to retain backward compatibility with the 1.0 specification. Changes that a= re not backwards compatible may be accepted if the group determines changes= are required to meet the group's technical objectives and the group clearl= y documents the reasons for making them. The Working Group should consider: . Implementer experience . The end-user experience, including internationalization . Existing uses of SCIM . Ability to achieve broad implementation . Ability to address broader use cases than those considered by the origina= l authors . Additional functions or extensions that are needed to address key securit= y concerns, cross-area review, and implementer feedback The working group will focus on adapting the core technology first but work= on extensions will be considered after the core work is well in hand. From moransar@cisco.com Wed Feb 8 19:58:14 2012 Return-Path: X-Original-To: scim@ietfa.amsl.com Delivered-To: scim@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 14BAA21F852B for ; Wed, 8 Feb 2012 19:58:14 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -8.599 X-Spam-Level: X-Spam-Status: No, score=-8.599 tagged_above=-999 required=5 tests=[AWL=-2.000, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3tkIOv+qItLr for ; Wed, 8 Feb 2012 19:58:13 -0800 (PST) Received: from rcdn-iport-3.cisco.com (rcdn-iport-3.cisco.com [173.37.86.74]) by ietfa.amsl.com (Postfix) with ESMTP id 22B2621F852A for ; Wed, 8 Feb 2012 19:58:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=moransar@cisco.com; l=4584; q=dns/txt; s=iport; t=1328759893; x=1329969493; h=mime-version:content-transfer-encoding:subject:date: message-id:in-reply-to:references:from:to; bh=bJnbBq/vGZ5f8CgMiCRlJpVzPiya/GlX9NEVNBpvVtk=; b=TT0a1VlTae1C0hIgRm9Rc/vU74DIATC8FuUlSogU97KPOk16nfGLgYPK dGw4PE5sTsRBkXdbr/SdgDwmwaSe1XbISYmKD3+4z53Z4wTrQQsTIKmDt jcdemnXT9poIEEstMvY8UD8nodD9PihYv4sUosOpGX/t25pLq0PfOFOfV A=; X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AgAFAOBDM0+tJV2Y/2dsb2JhbAA6BgOvH4EHgXIBAQEEAQEBDwEdPhcCAgIBCBEEAQELAgQXAQYBGgwfCQgBAQQBEggBGYdjm3oBlmgEiGeCUgQKAgkEAgYGBAIDBQUFAQIDN4RmCheCP2MEiBMzn2M X-IronPort-AV: E=Sophos;i="4.73,387,1325462400"; d="scan'208";a="57483369" Received: from rcdn-core-1.cisco.com ([173.37.93.152]) by rcdn-iport-3.cisco.com with ESMTP; 09 Feb 2012 03:58:12 +0000 Received: from xbh-rcd-201.cisco.com (xbh-rcd-201.cisco.com [72.163.62.200]) by rcdn-core-1.cisco.com (8.14.3/8.14.3) with ESMTP id q193wCqT002175; Thu, 9 Feb 2012 03:58:12 GMT Received: from xmb-rcd-313.cisco.com ([72.163.63.28]) by xbh-rcd-201.cisco.com with Microsoft SMTPSVC(6.0.3790.4675); Wed, 8 Feb 2012 21:58:12 -0600 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Date: Wed, 8 Feb 2012 21:58:11 -0600 Message-ID: <93C6FB63F046384C86EC8F7F3FFEC7BEA723DB@XMB-RCD-313.cisco.com> In-Reply-To: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Porposed charter Thread-Index: AczmzBHGeogmTjP9SHiNgabjIRt73QAD64QwAADFEQA= References: <93C6FB63F046384C86EC8F7F3FFEC7BEA723CB@XMB-RCD-313.cisco.com> From: "Morteza Ansari (moransar)" To: "Lipton, Paul C" , X-OriginalArrivalTime: 09 Feb 2012 03:58:12.0665 (UTC) FILETIME=[0B2F5A90:01CCE6DF] Subject: Re: [scim] Porposed charter X-BeenThere: scim@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Simple Cloud Identity Management BOF List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Feb 2012 03:58:14 -0000 Thanks Paul, this is exactly why we wanted to discuss the draft charter = here. Excellent point, I can take a shot at adding that, but would be = great if others throw in suggestions on what should be excluded. Cheers, Morteza -----Original Message----- From: Lipton, Paul C [mailto:Paul.Lipton@ca.com]=20 Sent: Wednesday, February 08, 2012 7:41 PM To: Morteza Ansari (moransar); scim@ietf.org Subject: RE: Porposed charter Hi all, I realize that I am not a SCIM-er, but I've done some charters before. = In the spirit of being helpful, may I point out that one most important = part of a charter is the "Out of Scope" section. This not only helps = focus the group and fights "scope creep," but helps protect participants = from unanticipated IP obligations.=20 Just a thought.=20 Regards, Paul=20 =A0 Paul Lipton CA Technologies VP, Industry Standards and Open Source Member, CA Council for Technical Excellence Office Phone: +1 609 = 583-9718 Mobile: +1 267 987-6887 Email: paul.lipton@ca.com =3D=3D=3D From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of = Morteza Ansari (moransar) Sent: Wednesday, February 08, 2012 10:33 PM To: scim@ietf.org Subject: [scim] Porposed charter Hi folks, Here is the proposed charter as we discussed over the cloud-directory = mailing list. Please review and send your comments. Cheers, Morteza Simplified Cloud Identity Management (SCIM) -------------------------------------------------------- Charter Current Status: BOF Request Chair(s): =A0=A0=A0=A0 TBD1 =A0=A0=A0=A0 TBD2 Applications Area Director(s): =A0=A0=A0 =A0Pete Resnick =A0=A0=A0=A0=A0Peter Saint-Andre Mailing Lists: =A0=A0=A0=A0 General Discussion: scim@ietf.org =A0=A0=A0=A0 To Subscribe:=A0=A0=A0=A0 = https://www.ietf.org/mailman/listinfo/scim =A0=A0=A0=A0 Archive:=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 = http://www.ietf.org/mail-archive/web/scim/current/maillist.html Description of Working Group: The Simple Cloud Identity Management (SCIM) specification is designed to = make managing user identity lifecycle in cloud based applications and = services easier. The specification suite seeks to build upon experience with existing = schemas and deployments, placing specific emphasis on simplicity of = development and integration, while applying existing authentication, = authorization, and privacy models. Its intent is to reduce the cost and = complexity of user management operations by providing a common user = schema and extension model, as well as binding documents to provide = patterns for exchanging this schema using standard protocols. The group will work to adapt the SCIM 1.0 specification produced under = the Open Web Foundation framework (http://www.simplecloud.info) as an = IETF technology for management of user identities in cloud-based = applications. SCIM 1.0 consists of: . Schema definition for identity related objects . Protocol definition = for accessing and managing the identity objects . Binding of SCIM schema = to Security Assertion Markup Language (SAML) messages and assertions . = Binding of SCIM schema to Lightweight Directory Access Protocol (LDAP) = schema (RFC4519) The Working Group will produce one or more documents suitable for = consideration as a Proposed Standard that will: . Improve the terminology used . Embody good security practices, document gaps in its capabilities, and = propose a path forward for addressing the gaps . Promote = interoperability . Provide guidelines for extensibility SCIM 1.0 will be used as the starting point. The working group will = strive to retain backward compatibility with the 1.0 specification. = Changes that are not backwards compatible may be accepted if the group = determines changes are required to meet the group's technical objectives = and the group clearly documents the reasons for making them. The Working Group should consider: . Implementer experience . The end-user experience, including internationalization . Existing = uses of SCIM . Ability to achieve broad implementation . Ability to = address broader use cases than those considered by the original authors = . Additional functions or extensions that are needed to address key = security concerns, cross-area review, and implementer feedback The working group will focus on adapting the core technology first but = work on extensions will be considered after the core work is well in = hand. From kelly.grizzle@sailpoint.com Thu Feb 9 06:19:17 2012 Return-Path: X-Original-To: scim@ietfa.amsl.com Delivered-To: scim@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 48F6F21F864E for ; Thu, 9 Feb 2012 06:19:17 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.599 X-Spam-Level: X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id h1GsF3KxRVAc for ; Thu, 9 Feb 2012 06:19:16 -0800 (PST) Received: from VA3EHSOBE005.bigfish.com (va3ehsobe010.messaging.microsoft.com [216.32.180.30]) by ietfa.amsl.com (Postfix) with ESMTP id 0A25A21F865E for ; Thu, 9 Feb 2012 06:19:15 -0800 (PST) Received: from mail139-va3-R.bigfish.com (10.7.14.242) by VA3EHSOBE005.bigfish.com (10.7.40.25) with Microsoft SMTP Server id 14.1.225.23; Thu, 9 Feb 2012 14:19:14 +0000 Received: from mail139-va3 (localhost [127.0.0.1]) by mail139-va3-R.bigfish.com (Postfix) with ESMTP id DB9F32403CF; Thu, 9 Feb 2012 14:19:14 +0000 (UTC) X-SpamScore: -53 X-BigFish: PS-53(zz9371I9f17R119bJ542M62a3K14ffO1db9Mzz1202hzz1033IL8275bh8275dhz2fh2a8h668h839h) X-Forefront-Antispam-Report: CIP:157.56.240.85; KIP:(null); UIP:(null); IPV:NLI; H:BL2PRD0410HT004.namprd04.prod.outlook.com; RD:none; EFVD:NLI Received-SPF: pass (mail139-va3: domain of sailpoint.com designates 157.56.240.85 as permitted sender) client-ip=157.56.240.85; envelope-from=kelly.grizzle@sailpoint.com; helo=BL2PRD0410HT004.namprd04.prod.outlook.com ; .outlook.com ; Received: from mail139-va3 (localhost.localdomain [127.0.0.1]) by mail139-va3 (MessageSwitch) id 1328797152718836_16026; Thu, 9 Feb 2012 14:19:12 +0000 (UTC) Received: from VA3EHSMHS016.bigfish.com (unknown [10.7.14.235]) by mail139-va3.bigfish.com (Postfix) with ESMTP id A039F2C0048; Thu, 9 Feb 2012 14:19:12 +0000 (UTC) Received: from BL2PRD0410HT004.namprd04.prod.outlook.com (157.56.240.85) by VA3EHSMHS016.bigfish.com (10.7.99.26) with Microsoft SMTP Server (TLS) id 14.1.225.23; Thu, 9 Feb 2012 14:19:12 +0000 Received: from BL2PRD0410MB351.namprd04.prod.outlook.com ([169.254.3.124]) by BL2PRD0410HT004.namprd04.prod.outlook.com ([10.255.99.39]) with mapi id 14.16.0117.001; Thu, 9 Feb 2012 14:19:11 +0000 From: Kelly Grizzle To: "Morteza Ansari (moransar)" , "Lipton, Paul C" , "scim@ietf.org" Thread-Topic: Porposed charter Thread-Index: AczmzBHGeogmTjP9SHiNgabjIRt73QAD64QwAADFEQAAFU/24A== Date: Thu, 9 Feb 2012 14:19:11 +0000 Message-ID: <56C3C758F9D6534CA3778EAA1E0C34371C61F432@BL2PRD0410MB351.namprd04.prod.outlook.com> References: <93C6FB63F046384C86EC8F7F3FFEC7BEA723CB@XMB-RCD-313.cisco.com> <93C6FB63F046384C86EC8F7F3FFEC7BEA723DB@XMB-RCD-313.cisco.com> In-Reply-To: <93C6FB63F046384C86EC8F7F3FFEC7BEA723DB@XMB-RCD-313.cisco.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [72.182.2.102] Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: sailpoint.com Subject: Re: [scim] Porposed charter X-BeenThere: scim@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Simple Cloud Identity Management BOF List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Feb 2012 14:19:17 -0000 Generally, I think the charter looks good. As far as what is "out of scope= ", I would say that things that we explicitly left as opaque in the 1.0 spe= c should stay that way. For example, the exact format for entitlements is = unspecified - it may be a URN, an XACML string, or something else. I don't= think that SCIM should try to solve the problem of how to format entitleme= nts. We should leverage existing specs if we go there. Also, my preference is to keep the core constrained to primarily identity a= nd security-related objects - identities, groups, possibly roles, etc... T= hings outside of this (ie - machines, etc...) should probably be an extensi= on, although in some cases we might have an "official" extensions. --Kelly -----Original Message----- From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of Mor= teza Ansari (moransar) Sent: Wednesday, February 08, 2012 9:58 PM To: Lipton, Paul C; scim@ietf.org Subject: Re: [scim] Porposed charter Thanks Paul, this is exactly why we wanted to discuss the draft charter her= e. Excellent point, I can take a shot at adding that, but would be great if= others throw in suggestions on what should be excluded. Cheers, Morteza -----Original Message----- From: Lipton, Paul C [mailto:Paul.Lipton@ca.com]=20 Sent: Wednesday, February 08, 2012 7:41 PM To: Morteza Ansari (moransar); scim@ietf.org Subject: RE: Porposed charter Hi all, I realize that I am not a SCIM-er, but I've done some charters before. In t= he spirit of being helpful, may I point out that one most important part of= a charter is the "Out of Scope" section. This not only helps focus the gro= up and fights "scope creep," but helps protect participants from unanticipa= ted IP obligations.=20 Just a thought.=20 Regards, Paul=20 =A0 Paul Lipton CA Technologies VP, Industry Standards and Open Source Member, CA Council for Technical Excellence Office Phone: +1 609 583-9718 Mobile: +1 267 987-6887 Email: paul.lipton@ca.com =3D=3D=3D From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of Mor= teza Ansari (moransar) Sent: Wednesday, February 08, 2012 10:33 PM To: scim@ietf.org Subject: [scim] Porposed charter Hi folks, Here is the proposed charter as we discussed over the cloud-directory maili= ng list. Please review and send your comments. Cheers, Morteza Simplified Cloud Identity Management (SCIM) -------------------------------------------------------- Charter Current Status: BOF Request Chair(s): =A0=A0=A0=A0 TBD1 =A0=A0=A0=A0 TBD2 Applications Area Director(s): =A0=A0=A0 =A0Pete Resnick =A0=A0=A0=A0=A0Peter Saint-Andre Mailing Lists: =A0=A0=A0=A0 General Discussion: scim@ietf.org =A0=A0=A0=A0 To Subscribe:=A0=A0=A0=A0 https://www.ietf.org/mailman/listinf= o/scim =A0=A0=A0=A0 Archive:=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 http://www.= ietf.org/mail-archive/web/scim/current/maillist.html Description of Working Group: The Simple Cloud Identity Management (SCIM) specification is designed to ma= ke managing user identity lifecycle in cloud based applications and service= s easier. The specification suite seeks to build upon experience with existing schema= s and deployments, placing specific emphasis on simplicity of development a= nd integration, while applying existing authentication, authorization, and = privacy models. Its intent is to reduce the cost and complexity of user man= agement operations by providing a common user schema and extension model, a= s well as binding documents to provide patterns for exchanging this schema = using standard protocols. The group will work to adapt the SCIM 1.0 specification produced under the = Open Web Foundation framework (http://www.simplecloud.info) as an IETF tech= nology for management of user identities in cloud-based applications. SCIM 1.0 consists of: . Schema definition for identity related objects . Protocol definition for = accessing and managing the identity objects . Binding of SCIM schema to Sec= urity Assertion Markup Language (SAML) messages and assertions . Binding of= SCIM schema to Lightweight Directory Access Protocol (LDAP) schema (RFC451= 9) The Working Group will produce one or more documents suitable for considera= tion as a Proposed Standard that will: . Improve the terminology used . Embody good security practices, document gaps in its capabilities, and pr= opose a path forward for addressing the gaps . Promote interoperability . P= rovide guidelines for extensibility SCIM 1.0 will be used as the starting point. The working group will strive = to retain backward compatibility with the 1.0 specification. Changes that a= re not backwards compatible may be accepted if the group determines changes= are required to meet the group's technical objectives and the group clearl= y documents the reasons for making them. The Working Group should consider: . Implementer experience . The end-user experience, including internationalization . Existing uses o= f SCIM . Ability to achieve broad implementation . Ability to address broad= er use cases than those considered by the original authors . Additional fun= ctions or extensions that are needed to address key security concerns, cros= s-area review, and implementer feedback The working group will focus on adapting the core technology first but work= on extensions will be considered after the core work is well in hand. _______________________________________________ scim mailing list scim@ietf.org https://www.ietf.org/mailman/listinfo/scim From samuel@erdtman.se Thu Feb 9 12:19:48 2012 Return-Path: X-Original-To: scim@ietfa.amsl.com Delivered-To: scim@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D4BB321E8050 for ; Thu, 9 Feb 2012 12:19:47 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.977 X-Spam-Level: X-Spam-Status: No, score=-2.977 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id F+uegNAz6pvh for ; Thu, 9 Feb 2012 12:19:47 -0800 (PST) Received: from mail-lpp01m010-f44.google.com (mail-lpp01m010-f44.google.com [209.85.215.44]) by ietfa.amsl.com (Postfix) with ESMTP id 82E6621E8018 for ; Thu, 9 Feb 2012 12:19:45 -0800 (PST) Received: by lahl5 with SMTP id l5so2154361lah.31 for ; Thu, 09 Feb 2012 12:19:45 -0800 (PST) MIME-Version: 1.0 Received: by 10.112.98.37 with SMTP id ef5mr1144973lbb.73.1328818783684; Thu, 09 Feb 2012 12:19:43 -0800 (PST) Received: by 10.112.61.129 with HTTP; Thu, 9 Feb 2012 12:19:43 -0800 (PST) In-Reply-To: <93C6FB63F046384C86EC8F7F3FFEC7BEA723CB@XMB-RCD-313.cisco.com> References: <93C6FB63F046384C86EC8F7F3FFEC7BEA723CB@XMB-RCD-313.cisco.com> Date: Thu, 9 Feb 2012 21:19:43 +0100 Message-ID: From: Samuel Erdtman To: "Morteza Ansari (moransar)" Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Gm-Message-State: ALoCoQnm8Mde3TtcMED7EhN/3qrmgMGZmAsmJQ1tMWL443KcvkhIqGZUEKfiHaVpRkCCf7FPmi3P Cc: scim@ietf.org Subject: Re: [scim] Porposed charter X-BeenThere: scim@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Simple Cloud Identity Management BOF List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Feb 2012 20:19:48 -0000 Looks good buy some thoughts, don't know if they are relevant or just a result of my lack of knowledge. Feels like there is different abstraction levels in sections "SCIM 1.0 consists of" and "The Working Group will produce one or more documents suitable for consideration as a Proposed Standard that will". The section on how to proceed feels very abstract would it bee good to mention concrete things like a OpenId Connect binding etc. Further is it SCIM 2.0 that we aim to develop under IETF or is it a IETF approved version of 1.0? I like the section on working group should consider stuff. Regards //Samuel On Thu, Feb 9, 2012 at 4:32 AM, Morteza Ansari (moransar) wrote: > Hi folks, > > > > Here is the proposed charter as we discussed over the cloud-directory > mailing list. Please review and send your comments. > > > > > > Cheers, > > Morteza > > > > > > Simplified Cloud Identity Management (SCIM) > > -------------------------------------------------------- > > > > Charter > > > > Current Status: BOF Request > > > > Chair(s): > > =A0=A0=A0=A0 TBD1 > > =A0=A0=A0=A0 TBD2 > > > > Applications Area Director(s): > > =A0=A0=A0 =A0Pete Resnick > > =A0=A0=A0=A0=A0Peter Saint-Andre > > > > Mailing Lists: > > =A0=A0=A0=A0 General Discussion: scim@ietf.org > > =A0=A0=A0=A0 To Subscribe:=A0=A0=A0=A0 https://www.ietf.org/mailman/listi= nfo/scim > > =A0=A0=A0=A0 Archive: > http://www.ietf.org/mail-archive/web/scim/current/maillist.html > > > > Description of Working Group: > > > > The Simple Cloud Identity Management (SCIM) specification is designed to > make managing user identity lifecycle in cloud based applications and > services easier. > > > > The specification suite seeks to build upon experience with existing sche= mas > and deployments, placing specific emphasis on simplicity of development a= nd > integration, while applying existing authentication, authorization, and > privacy models. Its intent is to reduce the cost and complexity of user > management operations by providing a common user schema and extension mod= el, > as well as binding documents to provide patterns for exchanging this sche= ma > using standard protocols. > > > > The group will work to adapt the SCIM 1.0 specification produced under th= e > Open Web Foundation framework (http://www.simplecloud.info) as an IETF > technology for management of user identities in cloud-based applications. > > > > SCIM 1.0 consists of: > > =B7=A0=A0=A0=A0=A0=A0=A0=A0 Schema definition for identity related object= s > > =B7=A0=A0=A0=A0=A0=A0=A0=A0 Protocol definition for accessing and managin= g the identity > objects > > =B7=A0=A0=A0=A0=A0=A0=A0=A0 Binding of SCIM schema to Security Assertion = Markup Language > (SAML) messages and assertions > > =B7=A0=A0=A0=A0=A0=A0=A0=A0 Binding of SCIM schema to Lightweight Directo= ry Access Protocol > (LDAP) schema (RFC4519) > > > > The Working Group will produce one or more documents suitable for > consideration as a Proposed Standard that will: > > =B7=A0=A0=A0=A0=A0=A0=A0=A0 Improve the terminology used > > =B7=A0=A0=A0=A0=A0=A0=A0=A0 Embody good security practices, document gaps= in its capabilities, > and propose a path forward for addressing the gaps > > =B7=A0=A0=A0=A0=A0=A0=A0=A0 Promote interoperability > > =B7=A0=A0=A0=A0=A0=A0=A0=A0 Provide guidelines for extensibility > > > > SCIM 1.0 will be used as the starting point. The working group will striv= e > to retain backward compatibility with the 1.0 specification. Changes that > are not backwards compatible may be accepted if the group determines chan= ges > are required to meet the group's technical objectives and the group clear= ly > documents the reasons for making them. > > > > The Working Group should consider: > > =B7=A0=A0=A0=A0=A0=A0=A0=A0 Implementer experience > > =B7=A0=A0=A0=A0=A0=A0=A0=A0 The end-user experience, including internatio= nalization > > =B7=A0=A0=A0=A0=A0=A0=A0=A0 Existing uses of SCIM > > =B7=A0=A0=A0=A0=A0=A0=A0=A0 Ability to achieve broad implementation > > =B7=A0=A0=A0=A0=A0=A0=A0=A0 Ability to address broader use cases than tho= se considered by the > original authors > > =B7=A0=A0=A0=A0=A0=A0=A0=A0 Additional functions or extensions that are n= eeded to address key > security concerns, cross-area review, and implementer feedback > > > > The working group will focus on adapting the core technology first but wo= rk > on extensions will be considered after the core work is well in hand. > > > _______________________________________________ > scim mailing list > scim@ietf.org > https://www.ietf.org/mailman/listinfo/scim > From moransar@cisco.com Thu Feb 9 16:30:34 2012 Return-Path: X-Original-To: scim@ietfa.amsl.com Delivered-To: scim@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 51F9E11E808F for ; Thu, 9 Feb 2012 16:30:34 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -9.599 X-Spam-Level: X-Spam-Status: No, score=-9.599 tagged_above=-999 required=5 tests=[AWL=1.000, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3h+4DOK5cPa6 for ; Thu, 9 Feb 2012 16:30:33 -0800 (PST) Received: from rcdn-iport-2.cisco.com (rcdn-iport-2.cisco.com [173.37.86.73]) by ietfa.amsl.com (Postfix) with ESMTP id 34FFA11E8079 for ; Thu, 9 Feb 2012 16:30:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=moransar@cisco.com; l=6577; q=dns/txt; s=iport; t=1328833833; x=1330043433; h=mime-version:content-transfer-encoding:subject:date: message-id:in-reply-to:references:from:to; bh=6KpXeHASZA6Ez8WYTek6CgMkPVxJTezElQPCbnfEJjM=; b=kSdBgsYxSV+bLiub4D29IfIk7lh8E6KZfXcsUBLesftYDVoe1wsPWWYf EezTAIliKr+2ZKwP/Qn34T6tMKlRrun894Dh/JyuqqAymncOHcJtMHcoC DOhsmYeb6E2rVkhgynJ0/dLRjChPYHe+Ne50u48Eu+sqXdMHGRLgfZR/c Q=; X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AgAFANRjNE+tJV2c/2dsb2JhbAA6BgOvXYEHgXIBAQEEAQEBDwEdPhcCAgIBCBEEAQELAgQXAQYBGgwfCQgBAQQBEggBGYdjmX0BnwcEiQOCKgQKAgkEAgYGBAIDBQUFAQIDNwSEYgoXgj9jBIgVM59o X-IronPort-AV: E=Sophos;i="4.73,393,1325462400"; d="scan'208";a="57780154" Received: from rcdn-core-5.cisco.com ([173.37.93.156]) by rcdn-iport-2.cisco.com with ESMTP; 10 Feb 2012 00:30:32 +0000 Received: from xbh-rcd-101.cisco.com (xbh-rcd-101.cisco.com [72.163.62.138]) by rcdn-core-5.cisco.com (8.14.3/8.14.3) with ESMTP id q1A0UWLL016347; Fri, 10 Feb 2012 00:30:32 GMT Received: from xmb-rcd-313.cisco.com ([72.163.63.28]) by xbh-rcd-101.cisco.com with Microsoft SMTPSVC(6.0.3790.4675); Thu, 9 Feb 2012 18:30:32 -0600 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Date: Thu, 9 Feb 2012 18:30:31 -0600 Message-ID: <93C6FB63F046384C86EC8F7F3FFEC7BEA72D09@XMB-RCD-313.cisco.com> In-Reply-To: <56C3C758F9D6534CA3778EAA1E0C34371C61F432@BL2PRD0410MB351.namprd04.prod.outlook.com> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Porposed charter Thread-Index: AczmzBHGeogmTjP9SHiNgabjIRt73QAD64QwAADFEQAAFU/24AAVkywQ References: <93C6FB63F046384C86EC8F7F3FFEC7BEA723CB@XMB-RCD-313.cisco.com> <93C6FB63F046384C86EC8F7F3FFEC7BEA723DB@XMB-RCD-313.cisco.com> <56C3C758F9D6534CA3778EAA1E0C34371C61F432@BL2PRD0410MB351.namprd04.prod.outlook.com> From: "Morteza Ansari (moransar)" To: "Kelly Grizzle" , "Lipton, Paul C" , X-OriginalArrivalTime: 10 Feb 2012 00:30:32.0493 (UTC) FILETIME=[32C1BDD0:01CCE78B] Subject: Re: [scim] Porposed charter X-BeenThere: scim@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Simple Cloud Identity Management BOF List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Feb 2012 00:30:34 -0000 I like the idea of excluding entitlement semantics and in general policy = from the charter and I think at least the folks that were involved with = SCIM 1.0 also agreed on that. I can add that to the charter. On the "device" identity I am not so sure. I think there were a lot of = interest in "device" identity aspect of things but we decided to exclude = it in 1.0 project to get to a final spec sooner. I would like to hear = what others think on this front before deciding one way or another. Personally speaking, I would like to keep that within the scope of the = WG charter. Cheers, Morteza -----Original Message----- From: Kelly Grizzle [mailto:kelly.grizzle@sailpoint.com]=20 Sent: Thursday, February 09, 2012 6:19 AM To: Morteza Ansari (moransar); Lipton, Paul C; scim@ietf.org Subject: RE: Porposed charter Generally, I think the charter looks good. As far as what is "out of = scope", I would say that things that we explicitly left as opaque in the = 1.0 spec should stay that way. For example, the exact format for = entitlements is unspecified - it may be a URN, an XACML string, or = something else. I don't think that SCIM should try to solve the problem = of how to format entitlements. We should leverage existing specs if we = go there. Also, my preference is to keep the core constrained to primarily = identity and security-related objects - identities, groups, possibly = roles, etc... Things outside of this (ie - machines, etc...) should = probably be an extension, although in some cases we might have an = "official" extensions. --Kelly -----Original Message----- From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of = Morteza Ansari (moransar) Sent: Wednesday, February 08, 2012 9:58 PM To: Lipton, Paul C; scim@ietf.org Subject: Re: [scim] Porposed charter Thanks Paul, this is exactly why we wanted to discuss the draft charter = here. Excellent point, I can take a shot at adding that, but would be = great if others throw in suggestions on what should be excluded. Cheers, Morteza -----Original Message----- From: Lipton, Paul C [mailto:Paul.Lipton@ca.com]=20 Sent: Wednesday, February 08, 2012 7:41 PM To: Morteza Ansari (moransar); scim@ietf.org Subject: RE: Porposed charter Hi all, I realize that I am not a SCIM-er, but I've done some charters before. = In the spirit of being helpful, may I point out that one most important = part of a charter is the "Out of Scope" section. This not only helps = focus the group and fights "scope creep," but helps protect participants = from unanticipated IP obligations.=20 Just a thought.=20 Regards, Paul=20 =A0 Paul Lipton CA Technologies VP, Industry Standards and Open Source Member, CA Council for Technical Excellence Office Phone: +1 609 = 583-9718 Mobile: +1 267 987-6887 Email: paul.lipton@ca.com =3D=3D=3D From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of = Morteza Ansari (moransar) Sent: Wednesday, February 08, 2012 10:33 PM To: scim@ietf.org Subject: [scim] Porposed charter Hi folks, Here is the proposed charter as we discussed over the cloud-directory = mailing list. Please review and send your comments. Cheers, Morteza Simplified Cloud Identity Management (SCIM) -------------------------------------------------------- Charter Current Status: BOF Request Chair(s): =A0=A0=A0=A0 TBD1 =A0=A0=A0=A0 TBD2 Applications Area Director(s): =A0=A0=A0 =A0Pete Resnick =A0=A0=A0=A0=A0Peter Saint-Andre Mailing Lists: =A0=A0=A0=A0 General Discussion: scim@ietf.org =A0=A0=A0=A0 To Subscribe:=A0=A0=A0=A0 = https://www.ietf.org/mailman/listinfo/scim =A0=A0=A0=A0 Archive:=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 = http://www.ietf.org/mail-archive/web/scim/current/maillist.html Description of Working Group: The Simple Cloud Identity Management (SCIM) specification is designed to = make managing user identity lifecycle in cloud based applications and = services easier. The specification suite seeks to build upon experience with existing = schemas and deployments, placing specific emphasis on simplicity of = development and integration, while applying existing authentication, = authorization, and privacy models. Its intent is to reduce the cost and = complexity of user management operations by providing a common user = schema and extension model, as well as binding documents to provide = patterns for exchanging this schema using standard protocols. The group will work to adapt the SCIM 1.0 specification produced under = the Open Web Foundation framework (http://www.simplecloud.info) as an = IETF technology for management of user identities in cloud-based = applications. SCIM 1.0 consists of: . Schema definition for identity related objects . Protocol definition = for accessing and managing the identity objects . Binding of SCIM schema = to Security Assertion Markup Language (SAML) messages and assertions . = Binding of SCIM schema to Lightweight Directory Access Protocol (LDAP) = schema (RFC4519) The Working Group will produce one or more documents suitable for = consideration as a Proposed Standard that will: . Improve the terminology used . Embody good security practices, document gaps in its capabilities, and = propose a path forward for addressing the gaps . Promote = interoperability . Provide guidelines for extensibility SCIM 1.0 will be used as the starting point. The working group will = strive to retain backward compatibility with the 1.0 specification. = Changes that are not backwards compatible may be accepted if the group = determines changes are required to meet the group's technical objectives = and the group clearly documents the reasons for making them. The Working Group should consider: . Implementer experience . The end-user experience, including internationalization . Existing = uses of SCIM . Ability to achieve broad implementation . Ability to = address broader use cases than those considered by the original authors = . Additional functions or extensions that are needed to address key = security concerns, cross-area review, and implementer feedback The working group will focus on adapting the core technology first but = work on extensions will be considered after the core work is well in = hand. _______________________________________________ scim mailing list scim@ietf.org https://www.ietf.org/mailman/listinfo/scim From moransar@cisco.com Thu Feb 9 17:35:59 2012 Return-Path: X-Original-To: scim@ietfa.amsl.com Delivered-To: scim@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 26BBC11E809F for ; Thu, 9 Feb 2012 17:35:59 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -9.932 X-Spam-Level: X-Spam-Status: No, score=-9.932 tagged_above=-999 required=5 tests=[AWL=0.667, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gmh-qEuykHGb for ; Thu, 9 Feb 2012 17:35:58 -0800 (PST) Received: from rcdn-iport-2.cisco.com (rcdn-iport-2.cisco.com [173.37.86.73]) by ietfa.amsl.com (Postfix) with ESMTP id 9FE5811E8081 for ; Thu, 9 Feb 2012 17:35:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=moransar@cisco.com; l=5687; q=dns/txt; s=iport; t=1328837757; x=1330047357; h=mime-version:content-transfer-encoding:subject:date: message-id:in-reply-to:references:from:to:cc; bh=qtZ7PgMIsyncpm/e6x3DLMQIYV67ofGNZd1DVerXiZY=; b=gZ8UXh3xbHkmxcOUz/K5SVBju7jPejj3Oc8Ifq4nKkzZyGB8USogA6sW 5W2a3q4qx99S6GCPj4GzroEKlMshjn6CfNxXiGZWLrFz+dQTrfTlAduk1 +JZOu2hq2sWnb6RGitHZtjx/JTJy5GkAfr34XIWSI9qdAKghn43bfa3Gq 8=; X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AgAFAEdzNE+tJV2Y/2dsb2JhbAA6Ca9dgQeBcgEBAQMBAQEBDwEdPgsFBwQCAQgRBAEBAQoCBBcBBgEmHwkIAQEEEwgBGYdaCZoJAZ8KiQeCLgQGHQQCAQIFCgEFN4RmCoJWYwSIFTOfaA X-IronPort-AV: E=Sophos;i="4.73,394,1325462400"; d="scan'208";a="57789185" Received: from rcdn-core-1.cisco.com ([173.37.93.152]) by rcdn-iport-2.cisco.com with ESMTP; 10 Feb 2012 01:35:57 +0000 Received: from xbh-rcd-202.cisco.com (xbh-rcd-202.cisco.com [72.163.62.201]) by rcdn-core-1.cisco.com (8.14.3/8.14.3) with ESMTP id q1A1ZuA5017873; Fri, 10 Feb 2012 01:35:56 GMT Received: from xmb-rcd-313.cisco.com ([72.163.63.28]) by xbh-rcd-202.cisco.com with Microsoft SMTPSVC(6.0.3790.4675); Thu, 9 Feb 2012 19:35:56 -0600 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Date: Thu, 9 Feb 2012 19:35:53 -0600 Message-ID: <93C6FB63F046384C86EC8F7F3FFEC7BEA72D47@XMB-RCD-313.cisco.com> In-Reply-To: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [scim] Porposed charter Thread-Index: AcznaCqWe6ITPYcMTx6EayIat2LYkQAK5aTg References: <93C6FB63F046384C86EC8F7F3FFEC7BEA723CB@XMB-RCD-313.cisco.com> From: "Morteza Ansari (moransar)" To: "Samuel Erdtman" X-OriginalArrivalTime: 10 Feb 2012 01:35:56.0704 (UTC) FILETIME=[55C4D200:01CCE794] Cc: scim@ietf.org Subject: Re: [scim] Porposed charter X-BeenThere: scim@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Simple Cloud Identity Management BOF List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Feb 2012 01:35:59 -0000 Samuel, I wasn't sure how detailed we want to get in the charter. For example, = do we want to put in a listing of all the bindings we want to include? = I don't know the answer and am happy to go either way. Also, I am not sure I fully understand your second question. The IETF = work will be based on the work we did on SCIM 1.0 and certainly evolve = from that, but it will be work that will be developed following IETF = processes and model. The WG will decide if the result is SCIM 2.0 or = some other designation. Cheers, Morteza=20 -----Original Message----- From: Samuel Erdtman [mailto:samuel@erdtman.se]=20 Sent: Thursday, February 09, 2012 12:20 PM To: Morteza Ansari (moransar) Cc: scim@ietf.org Subject: Re: [scim] Porposed charter Looks good buy some thoughts, don't know if they are relevant or just a = result of my lack of knowledge. Feels like there is different abstraction levels in sections "SCIM 1.0 = consists of" and "The Working Group will produce one or more documents = suitable for consideration as a Proposed Standard that will". The = section on how to proceed feels very abstract would it bee good to = mention concrete things like a OpenId Connect binding etc. Further is it SCIM 2.0 that we aim to develop under IETF or is it a IETF = approved version of 1.0? I like the section on working group should consider stuff. Regards //Samuel On Thu, Feb 9, 2012 at 4:32 AM, Morteza Ansari (moransar) = wrote: > Hi folks, > > > > Here is the proposed charter as we discussed over the cloud-directory=20 > mailing list. Please review and send your comments. > > > > > > Cheers, > > Morteza > > > > > > Simplified Cloud Identity Management (SCIM) > > -------------------------------------------------------- > > > > Charter > > > > Current Status: BOF Request > > > > Chair(s): > > =A0=A0=A0=A0 TBD1 > > =A0=A0=A0=A0 TBD2 > > > > Applications Area Director(s): > > =A0=A0=A0 =A0Pete Resnick > > =A0=A0=A0=A0=A0Peter Saint-Andre > > > > Mailing Lists: > > =A0=A0=A0=A0 General Discussion: scim@ietf.org > > =A0=A0=A0=A0 To Subscribe:=A0=A0=A0=A0 = https://www.ietf.org/mailman/listinfo/scim > > =A0=A0=A0=A0 Archive: > http://www.ietf.org/mail-archive/web/scim/current/maillist.html > > > > Description of Working Group: > > > > The Simple Cloud Identity Management (SCIM) specification is designed=20 > to make managing user identity lifecycle in cloud based applications=20 > and services easier. > > > > The specification suite seeks to build upon experience with existing=20 > schemas and deployments, placing specific emphasis on simplicity of=20 > development and integration, while applying existing authentication,=20 > authorization, and privacy models. Its intent is to reduce the cost=20 > and complexity of user management operations by providing a common=20 > user schema and extension model, as well as binding documents to=20 > provide patterns for exchanging this schema using standard protocols. > > > > The group will work to adapt the SCIM 1.0 specification produced under = > the Open Web Foundation framework (http://www.simplecloud.info) as an=20 > IETF technology for management of user identities in cloud-based = applications. > > > > SCIM 1.0 consists of: > > =B7=A0=A0=A0=A0=A0=A0=A0=A0 Schema definition for identity related = objects > > =B7=A0=A0=A0=A0=A0=A0=A0=A0 Protocol definition for accessing and = managing the identity=20 > objects > > =B7=A0=A0=A0=A0=A0=A0=A0=A0 Binding of SCIM schema to Security = Assertion Markup Language > (SAML) messages and assertions > > =B7=A0=A0=A0=A0=A0=A0=A0=A0 Binding of SCIM schema to Lightweight = Directory Access=20 > Protocol > (LDAP) schema (RFC4519) > > > > The Working Group will produce one or more documents suitable for=20 > consideration as a Proposed Standard that will: > > =B7=A0=A0=A0=A0=A0=A0=A0=A0 Improve the terminology used > > =B7=A0=A0=A0=A0=A0=A0=A0=A0 Embody good security practices, document = gaps in its=20 > capabilities, and propose a path forward for addressing the gaps > > =B7=A0=A0=A0=A0=A0=A0=A0=A0 Promote interoperability > > =B7=A0=A0=A0=A0=A0=A0=A0=A0 Provide guidelines for extensibility > > > > SCIM 1.0 will be used as the starting point. The working group will=20 > strive to retain backward compatibility with the 1.0 specification.=20 > Changes that are not backwards compatible may be accepted if the group = > determines changes are required to meet the group's technical=20 > objectives and the group clearly documents the reasons for making = them. > > > > The Working Group should consider: > > =B7=A0=A0=A0=A0=A0=A0=A0=A0 Implementer experience > > =B7=A0=A0=A0=A0=A0=A0=A0=A0 The end-user experience, including = internationalization > > =B7=A0=A0=A0=A0=A0=A0=A0=A0 Existing uses of SCIM > > =B7=A0=A0=A0=A0=A0=A0=A0=A0 Ability to achieve broad implementation > > =B7=A0=A0=A0=A0=A0=A0=A0=A0 Ability to address broader use cases than = those considered=20 > by the original authors > > =B7=A0=A0=A0=A0=A0=A0=A0=A0 Additional functions or extensions that = are needed to=20 > address key security concerns, cross-area review, and implementer=20 > feedback > > > > The working group will focus on adapting the core technology first but = > work on extensions will be considered after the core work is well in = hand. > > > _______________________________________________ > scim mailing list > scim@ietf.org > https://www.ietf.org/mailman/listinfo/scim > From Tina.Tsou.Zouting@huawei.com Thu Feb 9 17:42:16 2012 Return-Path: X-Original-To: scim@ietfa.amsl.com Delivered-To: scim@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0BA7B11E8081 for ; Thu, 9 Feb 2012 17:42:16 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.46 X-Spam-Level: X-Spam-Status: No, score=-6.46 tagged_above=-999 required=5 tests=[AWL=0.139, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q+hvNK0vfVdt for ; Thu, 9 Feb 2012 17:42:15 -0800 (PST) Received: from szxga01-in.huawei.com (szxga01-in.huawei.com [119.145.14.64]) by ietfa.amsl.com (Postfix) with ESMTP id EA91711E809F for ; Thu, 9 Feb 2012 17:42:13 -0800 (PST) Received: from huawei.com (szxga05-in [172.24.2.49]) by szxga05-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0LZ500C9OM26XJ@szxga05-in.huawei.com> for scim@ietf.org; Fri, 10 Feb 2012 09:42:06 +0800 (CST) Received: from szxrg02-dlp.huawei.com ([172.24.2.119]) by szxga05-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0LZ50072KM26ZM@szxga05-in.huawei.com> for scim@ietf.org; Fri, 10 Feb 2012 09:42:06 +0800 (CST) Received: from szxeml209-edg.china.huawei.com ([172.24.2.119]) by szxrg02-dlp.huawei.com (MOS 4.1.9-GA) with ESMTP id AGZ90281; Fri, 10 Feb 2012 09:41:07 +0800 Received: from SZXEML406-HUB.china.huawei.com (10.82.67.93) by szxeml209-edg.china.huawei.com (172.24.2.184) with Microsoft SMTP Server (TLS) id 14.1.323.3; Fri, 10 Feb 2012 09:41:03 +0800 Received: from SZXEML526-MBS.china.huawei.com ([169.254.7.225]) by szxeml406-hub.china.huawei.com ([10.82.67.93]) with mapi id 14.01.0323.003; Fri, 10 Feb 2012 09:40:50 +0800 Date: Fri, 10 Feb 2012 01:40:49 +0000 From: Tina TSOU In-reply-to: <93C6FB63F046384C86EC8F7F3FFEC7BEA72D47@XMB-RCD-313.cisco.com> To: "Morteza Ansari (moransar)" Message-id: <1D0B1981-8D84-4698-8A24-F047B6F0A67A@huawei.com> MIME-version: 1.0 Content-type: text/plain; charset=iso-8859-1 Content-language: en-US Content-transfer-encoding: quoted-printable Accept-Language: en-US, zh-CN Thread-topic: [scim] Porposed charter Thread-index: AczmzBHGeogmTjP9SHiNgabjIRt73QAWQimAAAsKwIAAEO/LQw== X-MS-Has-Attach: X-MS-TNEF-Correlator: X-CFilter-Loop: Reflected References: <93C6FB63F046384C86EC8F7F3FFEC7BEA723CB@XMB-RCD-313.cisco.com> <93C6FB63F046384C86EC8F7F3FFEC7BEA72D47@XMB-RCD-313.cisco.com> Cc: Samuel Erdtman , "scim@ietf.org" Subject: Re: [scim] Porposed charter X-BeenThere: scim@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Simple Cloud Identity Management BOF List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Feb 2012 01:42:16 -0000 Sent from my iPad On Feb 9, 2012, at 5:36 PM, "Morteza Ansari (moransar)" wrote: > Samuel, >=20 > I wasn't sure how detailed we want to get in the charter. For example, do= we want to put in a listing of all the bindings we want to include? I don= 't know the answer and am happy to go either way. >=20 > Also, I am not sure I fully understand your second question. The IETF wor= k will be based on the work we did on SCIM 1.0 and certainly evolve from th= at, but it will be work that will be developed following IETF processes and= model. The WG will decide if the result is SCIM 2.0 or some other designat= ion. Agree with Morteza. >=20 >=20 > Cheers, > Morteza=20 >=20 > -----Original Message----- > From: Samuel Erdtman [mailto:samuel@erdtman.se]=20 > Sent: Thursday, February 09, 2012 12:20 PM > To: Morteza Ansari (moransar) > Cc: scim@ietf.org > Subject: Re: [scim] Porposed charter >=20 > Looks good buy some thoughts, don't know if they are relevant or just a r= esult of my lack of knowledge. >=20 > Feels like there is different abstraction levels in sections "SCIM 1.0 co= nsists of" and "The Working Group will produce one or more documents suitab= le for consideration as a Proposed Standard that will". The section on how = to proceed feels very abstract would it bee good to mention concrete things= like a OpenId Connect binding etc. >=20 > Further is it SCIM 2.0 that we aim to develop under IETF or is it a IETF = approved version of 1.0? >=20 > I like the section on working group should consider stuff. >=20 > Regards > //Samuel >=20 > On Thu, Feb 9, 2012 at 4:32 AM, Morteza Ansari (moransar) wrote: >> Hi folks, >>=20 >>=20 >>=20 >> Here is the proposed charter as we discussed over the cloud-directory=20 >> mailing list. Please review and send your comments. >>=20 >>=20 >>=20 >>=20 >>=20 >> Cheers, >>=20 >> Morteza >>=20 >>=20 >>=20 >>=20 >>=20 >> Simplified Cloud Identity Management (SCIM) >>=20 >> -------------------------------------------------------- >>=20 >>=20 >>=20 >> Charter >>=20 >>=20 >>=20 >> Current Status: BOF Request >>=20 >>=20 >>=20 >> Chair(s): >>=20 >> TBD1 >>=20 >> TBD2 >>=20 >>=20 >>=20 >> Applications Area Director(s): >>=20 >> Pete Resnick >>=20 >> Peter Saint-Andre >>=20 >>=20 >>=20 >> Mailing Lists: >>=20 >> General Discussion: scim@ietf.org >>=20 >> To Subscribe: https://www.ietf.org/mailman/listinfo/scim >>=20 >> Archive: >> http://www.ietf.org/mail-archive/web/scim/current/maillist.html >>=20 >>=20 >>=20 >> Description of Working Group: >>=20 >>=20 >>=20 >> The Simple Cloud Identity Management (SCIM) specification is designed=20 >> to make managing user identity lifecycle in cloud based applications=20 >> and services easier. >>=20 >>=20 >>=20 >> The specification suite seeks to build upon experience with existing=20 >> schemas and deployments, placing specific emphasis on simplicity of=20 >> development and integration, while applying existing authentication,=20 >> authorization, and privacy models. Its intent is to reduce the cost=20 >> and complexity of user management operations by providing a common=20 >> user schema and extension model, as well as binding documents to=20 >> provide patterns for exchanging this schema using standard protocols. >>=20 >>=20 >>=20 >> The group will work to adapt the SCIM 1.0 specification produced under=20 >> the Open Web Foundation framework (http://www.simplecloud.info) as an=20 >> IETF technology for management of user identities in cloud-based applica= tions. >>=20 >>=20 >>=20 >> SCIM 1.0 consists of: >>=20 >> =B7 Schema definition for identity related objects >>=20 >> =B7 Protocol definition for accessing and managing the identity= =20 >> objects >>=20 >> =B7 Binding of SCIM schema to Security Assertion Markup Language >> (SAML) messages and assertions >>=20 >> =B7 Binding of SCIM schema to Lightweight Directory Access=20 >> Protocol >> (LDAP) schema (RFC4519) >>=20 >>=20 >>=20 >> The Working Group will produce one or more documents suitable for=20 >> consideration as a Proposed Standard that will: >>=20 >> =B7 Improve the terminology used >>=20 >> =B7 Embody good security practices, document gaps in its=20 >> capabilities, and propose a path forward for addressing the gaps >>=20 >> =B7 Promote interoperability >>=20 >> =B7 Provide guidelines for extensibility >>=20 >>=20 >>=20 >> SCIM 1.0 will be used as the starting point. The working group will=20 >> strive to retain backward compatibility with the 1.0 specification.=20 >> Changes that are not backwards compatible may be accepted if the group=20 >> determines changes are required to meet the group's technical=20 >> objectives and the group clearly documents the reasons for making them. >>=20 >>=20 >>=20 >> The Working Group should consider: >>=20 >> =B7 Implementer experience >>=20 >> =B7 The end-user experience, including internationalization >>=20 >> =B7 Existing uses of SCIM >>=20 >> =B7 Ability to achieve broad implementation >>=20 >> =B7 Ability to address broader use cases than those considered=20 >> by the original authors >>=20 >> =B7 Additional functions or extensions that are needed to=20 >> address key security concerns, cross-area review, and implementer=20 >> feedback >>=20 >>=20 >>=20 >> The working group will focus on adapting the core technology first but=20 >> work on extensions will be considered after the core work is well in han= d. >>=20 >>=20 >> _______________________________________________ >> scim mailing list >> scim@ietf.org >> https://www.ietf.org/mailman/listinfo/scim >>=20 > _______________________________________________ > scim mailing list > scim@ietf.org > https://www.ietf.org/mailman/listinfo/scim From samuel@erdtman.se Thu Feb 9 23:26:37 2012 Return-Path: X-Original-To: scim@ietfa.amsl.com Delivered-To: scim@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0E45A21F871A for ; Thu, 9 Feb 2012 23:26:37 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.977 X-Spam-Level: X-Spam-Status: No, score=-2.977 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cYBfHPW0aT8W for ; Thu, 9 Feb 2012 23:26:36 -0800 (PST) Received: from mail-lpp01m010-f44.google.com (mail-lpp01m010-f44.google.com [209.85.215.44]) by ietfa.amsl.com (Postfix) with ESMTP id 7A97621F8717 for ; Thu, 9 Feb 2012 23:26:35 -0800 (PST) Received: by lahl5 with SMTP id l5so2546300lah.31 for ; Thu, 09 Feb 2012 23:26:34 -0800 (PST) MIME-Version: 1.0 Received: by 10.152.147.1 with SMTP id tg1mr3394862lab.22.1328858793108; Thu, 09 Feb 2012 23:26:33 -0800 (PST) Received: by 10.112.61.129 with HTTP; Thu, 9 Feb 2012 23:26:33 -0800 (PST) In-Reply-To: <93C6FB63F046384C86EC8F7F3FFEC7BEA72D47@XMB-RCD-313.cisco.com> References: <93C6FB63F046384C86EC8F7F3FFEC7BEA723CB@XMB-RCD-313.cisco.com> <93C6FB63F046384C86EC8F7F3FFEC7BEA72D47@XMB-RCD-313.cisco.com> Date: Fri, 10 Feb 2012 08:26:33 +0100 Message-ID: From: Samuel Erdtman To: "Morteza Ansari (moransar)" Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Gm-Message-State: ALoCoQn35ev3cFEeqUC8jVQP2ju7xmlR45tFx9gqLT5j4Po3ELxVdqS1VkrM3VqMGNtlrbIzbwL2 Cc: scim@ietf.org Subject: Re: [scim] Porposed charter X-BeenThere: scim@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Simple Cloud Identity Management BOF List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Feb 2012 07:26:37 -0000 Thanks Morteza, that clearifies Regards //Samuel On Fri, Feb 10, 2012 at 2:35 AM, Morteza Ansari (moransar) wrote: > Samuel, > > I wasn't sure how detailed we want to get in the charter. For example, do= we want to put in a listing of all the bindings we want to include? =A0I d= on't know the answer and am happy to go either way. > > Also, I am not sure I fully understand your second question. The IETF wor= k will be based on the work we did on SCIM 1.0 and certainly evolve from th= at, but it will be work that will be developed following IETF processes and= model. The WG will decide if the result is SCIM 2.0 or some other designat= ion. > > > Cheers, > Morteza > > -----Original Message----- > From: Samuel Erdtman [mailto:samuel@erdtman.se] > Sent: Thursday, February 09, 2012 12:20 PM > To: Morteza Ansari (moransar) > Cc: scim@ietf.org > Subject: Re: [scim] Porposed charter > > Looks good buy some thoughts, don't know if they are relevant or just a r= esult of my lack of knowledge. > > Feels like there is different abstraction levels in sections "SCIM 1.0 co= nsists of" and "The Working Group will produce one or more documents suitab= le for consideration as a Proposed Standard that will". The section on how = to proceed feels very abstract would it bee good to mention concrete things= like a OpenId Connect binding etc. > > Further is it SCIM 2.0 that we aim to develop under IETF or is it a IETF = approved version of 1.0? > > I like the section on working group should consider stuff. > > Regards > //Samuel > > On Thu, Feb 9, 2012 at 4:32 AM, Morteza Ansari (moransar) wrote: >> Hi folks, >> >> >> >> Here is the proposed charter as we discussed over the cloud-directory >> mailing list. Please review and send your comments. >> >> >> >> >> >> Cheers, >> >> Morteza >> >> >> >> >> >> Simplified Cloud Identity Management (SCIM) >> >> -------------------------------------------------------- >> >> >> >> Charter >> >> >> >> Current Status: BOF Request >> >> >> >> Chair(s): >> >> =A0=A0=A0=A0 TBD1 >> >> =A0=A0=A0=A0 TBD2 >> >> >> >> Applications Area Director(s): >> >> =A0=A0=A0 =A0Pete Resnick >> >> =A0=A0=A0=A0=A0Peter Saint-Andre >> >> >> >> Mailing Lists: >> >> =A0=A0=A0=A0 General Discussion: scim@ietf.org >> >> =A0=A0=A0=A0 To Subscribe:=A0=A0=A0=A0 https://www.ietf.org/mailman/list= info/scim >> >> =A0=A0=A0=A0 Archive: >> http://www.ietf.org/mail-archive/web/scim/current/maillist.html >> >> >> >> Description of Working Group: >> >> >> >> The Simple Cloud Identity Management (SCIM) specification is designed >> to make managing user identity lifecycle in cloud based applications >> and services easier. >> >> >> >> The specification suite seeks to build upon experience with existing >> schemas and deployments, placing specific emphasis on simplicity of >> development and integration, while applying existing authentication, >> authorization, and privacy models. Its intent is to reduce the cost >> and complexity of user management operations by providing a common >> user schema and extension model, as well as binding documents to >> provide patterns for exchanging this schema using standard protocols. >> >> >> >> The group will work to adapt the SCIM 1.0 specification produced under >> the Open Web Foundation framework (http://www.simplecloud.info) as an >> IETF technology for management of user identities in cloud-based applica= tions. >> >> >> >> SCIM 1.0 consists of: >> >> =B7=A0=A0=A0=A0=A0=A0=A0=A0 Schema definition for identity related objec= ts >> >> =B7=A0=A0=A0=A0=A0=A0=A0=A0 Protocol definition for accessing and managi= ng the identity >> objects >> >> =B7=A0=A0=A0=A0=A0=A0=A0=A0 Binding of SCIM schema to Security Assertion= Markup Language >> (SAML) messages and assertions >> >> =B7=A0=A0=A0=A0=A0=A0=A0=A0 Binding of SCIM schema to Lightweight Direct= ory Access >> Protocol >> (LDAP) schema (RFC4519) >> >> >> >> The Working Group will produce one or more documents suitable for >> consideration as a Proposed Standard that will: >> >> =B7=A0=A0=A0=A0=A0=A0=A0=A0 Improve the terminology used >> >> =B7=A0=A0=A0=A0=A0=A0=A0=A0 Embody good security practices, document gap= s in its >> capabilities, and propose a path forward for addressing the gaps >> >> =B7=A0=A0=A0=A0=A0=A0=A0=A0 Promote interoperability >> >> =B7=A0=A0=A0=A0=A0=A0=A0=A0 Provide guidelines for extensibility >> >> >> >> SCIM 1.0 will be used as the starting point. The working group will >> strive to retain backward compatibility with the 1.0 specification. >> Changes that are not backwards compatible may be accepted if the group >> determines changes are required to meet the group's technical >> objectives and the group clearly documents the reasons for making them. >> >> >> >> The Working Group should consider: >> >> =B7=A0=A0=A0=A0=A0=A0=A0=A0 Implementer experience >> >> =B7=A0=A0=A0=A0=A0=A0=A0=A0 The end-user experience, including internati= onalization >> >> =B7=A0=A0=A0=A0=A0=A0=A0=A0 Existing uses of SCIM >> >> =B7=A0=A0=A0=A0=A0=A0=A0=A0 Ability to achieve broad implementation >> >> =B7=A0=A0=A0=A0=A0=A0=A0=A0 Ability to address broader use cases than th= ose considered >> by the original authors >> >> =B7=A0=A0=A0=A0=A0=A0=A0=A0 Additional functions or extensions that are = needed to >> address key security concerns, cross-area review, and implementer >> feedback >> >> >> >> The working group will focus on adapting the core technology first but >> work on extensions will be considered after the core work is well in han= d. >> >> >> _______________________________________________ >> scim mailing list >> scim@ietf.org >> https://www.ietf.org/mailman/listinfo/scim >> From trey.drake@unboundid.com Fri Feb 10 05:15:34 2012 Return-Path: X-Original-To: scim@ietfa.amsl.com Delivered-To: scim@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DB8F521F86C2 for ; Fri, 10 Feb 2012 05:15:34 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.599 X-Spam-Level: X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CsOa79sKd9a1 for ; Fri, 10 Feb 2012 05:15:33 -0800 (PST) Received: from mail-iy0-f172.google.com (mail-iy0-f172.google.com [209.85.210.172]) by ietfa.amsl.com (Postfix) with ESMTP id C27C921F86B8 for ; Fri, 10 Feb 2012 05:15:33 -0800 (PST) Received: by iagf6 with SMTP id f6so328252iag.31 for ; Fri, 10 Feb 2012 05:15:33 -0800 (PST) Received: by 10.42.157.133 with SMTP id d5mr8798685icx.46.1328879733103; Fri, 10 Feb 2012 05:15:33 -0800 (PST) Received: from [192.168.241.189] (24-155-184-100.static.grandenetworks.net. [24.155.184.100]) by mx.google.com with ESMTPS id n1sm6838615obm.11.2012.02.10.05.15.30 (version=TLSv1/SSLv3 cipher=OTHER); Fri, 10 Feb 2012 05:15:30 -0800 (PST) Mime-Version: 1.0 (Apple Message framework v1257) Content-Type: text/plain; charset=iso-8859-1 From: Trey Drake In-Reply-To: <93C6FB63F046384C86EC8F7F3FFEC7BEA72D09@XMB-RCD-313.cisco.com> Date: Fri, 10 Feb 2012 07:15:29 -0600 Content-Transfer-Encoding: quoted-printable Message-Id: References: <93C6FB63F046384C86EC8F7F3FFEC7BEA723CB@XMB-RCD-313.cisco.com> <93C6FB63F046384C86EC8F7F3FFEC7BEA723DB@XMB-RCD-313.cisco.com> <56C3C758F9D6534CA3778EAA1E0C34371C61F432@BL2PRD0410MB351.namprd04.prod.outlook.com> <93C6FB63F046384C86EC8F7F3FFEC7BEA72D09@XMB-RCD-313.cisco.com> To: Morteza Ansari (moransar) X-Mailer: Apple Mail (2.1257) X-Gm-Message-State: ALoCoQll5HDl0o+QlDmooks6foBZh5KsWyRiwIsQ53otU4ft/8S9VHfW6UEsKxK6vegazBVDZ/82 Cc: "Lipton, Paul C" , scim@ietf.org, Kelly Grizzle Subject: Re: [scim] Porposed charter X-BeenThere: scim@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Simple Cloud Identity Management BOF List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Feb 2012 13:15:35 -0000 I would prefer to leave the schema open ended. Recall, we consciously = kept the API and messaging schema clean to preserve our ability to = extend beyond basic constructs like User and Group. IMO, "Device" and = the like are in scope. On Feb 9, 2012, at 6:30 PM, Morteza Ansari (moransar) wrote: > I like the idea of excluding entitlement semantics and in general = policy from the charter and I think at least the folks that were = involved with SCIM 1.0 also agreed on that. I can add that to the = charter. >=20 > On the "device" identity I am not so sure. I think there were a lot of = interest in "device" identity aspect of things but we decided to exclude = it in 1.0 project to get to a final spec sooner. I would like to hear = what others think on this front before deciding one way or another. >=20 > Personally speaking, I would like to keep that within the scope of the = WG charter. >=20 >=20 > Cheers, > Morteza >=20 > -----Original Message----- > From: Kelly Grizzle [mailto:kelly.grizzle@sailpoint.com]=20 > Sent: Thursday, February 09, 2012 6:19 AM > To: Morteza Ansari (moransar); Lipton, Paul C; scim@ietf.org > Subject: RE: Porposed charter >=20 > Generally, I think the charter looks good. As far as what is "out of = scope", I would say that things that we explicitly left as opaque in the = 1.0 spec should stay that way. For example, the exact format for = entitlements is unspecified - it may be a URN, an XACML string, or = something else. I don't think that SCIM should try to solve the problem = of how to format entitlements. We should leverage existing specs if we = go there. >=20 > Also, my preference is to keep the core constrained to primarily = identity and security-related objects - identities, groups, possibly = roles, etc... Things outside of this (ie - machines, etc...) should = probably be an extension, although in some cases we might have an = "official" extensions. >=20 > --Kelly >=20 > -----Original Message----- > From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf = Of Morteza Ansari (moransar) > Sent: Wednesday, February 08, 2012 9:58 PM > To: Lipton, Paul C; scim@ietf.org > Subject: Re: [scim] Porposed charter >=20 > Thanks Paul, this is exactly why we wanted to discuss the draft = charter here. Excellent point, I can take a shot at adding that, but = would be great if others throw in suggestions on what should be = excluded. >=20 >=20 > Cheers, > Morteza >=20 > -----Original Message----- > From: Lipton, Paul C [mailto:Paul.Lipton@ca.com]=20 > Sent: Wednesday, February 08, 2012 7:41 PM > To: Morteza Ansari (moransar); scim@ietf.org > Subject: RE: Porposed charter >=20 > Hi all, >=20 > I realize that I am not a SCIM-er, but I've done some charters before. = In the spirit of being helpful, may I point out that one most important = part of a charter is the "Out of Scope" section. This not only helps = focus the group and fights "scope creep," but helps protect participants = from unanticipated IP obligations.=20 >=20 > Just a thought.=20 >=20 > Regards, > Paul=20 > =20 > Paul Lipton > CA Technologies > VP, Industry Standards and Open Source > Member, CA Council for Technical Excellence Office Phone: +1 609 = 583-9718 > Mobile: +1 267 987-6887 > Email: paul.lipton@ca.com >=20 > =3D=3D=3D >=20 > From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf = Of Morteza Ansari (moransar) > Sent: Wednesday, February 08, 2012 10:33 PM > To: scim@ietf.org > Subject: [scim] Porposed charter >=20 > Hi folks, >=20 > Here is the proposed charter as we discussed over the cloud-directory = mailing list. Please review and send your comments. >=20 >=20 > Cheers, > Morteza >=20 >=20 > Simplified Cloud Identity Management (SCIM) > -------------------------------------------------------- >=20 > Charter >=20 > Current Status: BOF Request >=20 > Chair(s): > TBD1 > TBD2 >=20 > Applications Area Director(s): > Pete Resnick > Peter Saint-Andre >=20 > Mailing Lists: > General Discussion: scim@ietf.org > To Subscribe: https://www.ietf.org/mailman/listinfo/scim > Archive: = http://www.ietf.org/mail-archive/web/scim/current/maillist.html >=20 > Description of Working Group: >=20 > The Simple Cloud Identity Management (SCIM) specification is designed = to make managing user identity lifecycle in cloud based applications and = services easier. >=20 > The specification suite seeks to build upon experience with existing = schemas and deployments, placing specific emphasis on simplicity of = development and integration, while applying existing authentication, = authorization, and privacy models. Its intent is to reduce the cost and = complexity of user management operations by providing a common user = schema and extension model, as well as binding documents to provide = patterns for exchanging this schema using standard protocols. >=20 > The group will work to adapt the SCIM 1.0 specification produced under = the Open Web Foundation framework (http://www.simplecloud.info) as an = IETF technology for management of user identities in cloud-based = applications. >=20 > SCIM 1.0 consists of: > . Schema definition for identity related objects . Protocol definition = for accessing and managing the identity objects . Binding of SCIM schema = to Security Assertion Markup Language (SAML) messages and assertions . = Binding of SCIM schema to Lightweight Directory Access Protocol (LDAP) = schema (RFC4519) >=20 > The Working Group will produce one or more documents suitable for = consideration as a Proposed Standard that will: > . Improve the terminology used > . Embody good security practices, document gaps in its capabilities, = and propose a path forward for addressing the gaps . Promote = interoperability . Provide guidelines for extensibility >=20 > SCIM 1.0 will be used as the starting point. The working group will = strive to retain backward compatibility with the 1.0 specification. = Changes that are not backwards compatible may be accepted if the group = determines changes are required to meet the group's technical objectives = and the group clearly documents the reasons for making them. >=20 > The Working Group should consider: > . Implementer experience > . The end-user experience, including internationalization . Existing = uses of SCIM . Ability to achieve broad implementation . Ability to = address broader use cases than those considered by the original authors = . Additional functions or extensions that are needed to address key = security concerns, cross-area review, and implementer feedback >=20 > The working group will focus on adapting the core technology first but = work on extensions will be considered after the core work is well in = hand. > _______________________________________________ > scim mailing list > scim@ietf.org > https://www.ietf.org/mailman/listinfo/scim >=20 >=20 > _______________________________________________ > scim mailing list > scim@ietf.org > https://www.ietf.org/mailman/listinfo/scim From trey.drake@unboundid.com Fri Feb 10 05:25:14 2012 Return-Path: X-Original-To: scim@ietfa.amsl.com Delivered-To: scim@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CD6E721F870B for ; Fri, 10 Feb 2012 05:25:12 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.599 X-Spam-Level: X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mHtwmn4PzEjm for ; Fri, 10 Feb 2012 05:25:09 -0800 (PST) Received: from mail-iy0-f172.google.com (mail-iy0-f172.google.com [209.85.210.172]) by ietfa.amsl.com (Postfix) with ESMTP id 5DBEB21F861E for ; Fri, 10 Feb 2012 05:25:09 -0800 (PST) Received: by iagf6 with SMTP id f6so341036iag.31 for ; Fri, 10 Feb 2012 05:25:09 -0800 (PST) Received: by 10.42.74.195 with SMTP id x3mr8898542icj.41.1328880308977; Fri, 10 Feb 2012 05:25:08 -0800 (PST) Received: from [192.168.241.189] (24-155-184-100.static.grandenetworks.net. [24.155.184.100]) by mx.google.com with ESMTPS id b3sm6875699obp.6.2012.02.10.05.25.07 (version=TLSv1/SSLv3 cipher=OTHER); Fri, 10 Feb 2012 05:25:07 -0800 (PST) Content-Type: text/plain; charset=iso-8859-1 Mime-Version: 1.0 (Apple Message framework v1257) From: Trey Drake In-Reply-To: Date: Fri, 10 Feb 2012 07:25:02 -0600 Content-Transfer-Encoding: quoted-printable Message-Id: References: <93C6FB63F046384C86EC8F7F3FFEC7BEA723CB@XMB-RCD-313.cisco.com> <93C6FB63F046384C86EC8F7F3FFEC7BEA723DB@XMB-RCD-313.cisco.com> <56C3C758F9D6534CA3778EAA1E0C34371C61F432@BL2PRD0410MB351.namprd04.prod.outlook.com> <93C6FB63F046384C86EC8F7F3FFEC7BEA72D09@XMB-RCD-313.cisco.com> To: cloud-directory@googlegroups.com, Simple Cloud Identity Management X-Mailer: Apple Mail (2.1257) X-Gm-Message-State: ALoCoQnoTw5GHEJB1G1BBusrbJzQ6saADmngalKx9sP2mYClTVKv7b4MRtUfCw/WiIpJQMPA52aj Subject: Re: [scim] Porposed charter X-BeenThere: scim@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Simple Cloud Identity Management BOF List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Feb 2012 13:25:14 -0000 Re-post to the clouddirectory WG mailing list. It appears we should = cross-post to the ietf and clouddirectory (there are > 250 members on = the Google Group mailing list and I'm assuming far less on ietf) lists = lest we lose community input.=20 Thanks, Trey On Feb 10, 2012, at 7:15 AM, Trey Drake wrote: > I would prefer to leave the schema open ended. Recall, we consciously = kept the API and messaging schema clean to preserve our ability to = extend beyond basic constructs like User and Group. IMO, "Device" and = the like are in scope. >=20 > On Feb 9, 2012, at 6:30 PM, Morteza Ansari (moransar) wrote: >=20 >> I like the idea of excluding entitlement semantics and in general = policy from the charter and I think at least the folks that were = involved with SCIM 1.0 also agreed on that. I can add that to the = charter. >>=20 >> On the "device" identity I am not so sure. I think there were a lot = of interest in "device" identity aspect of things but we decided to = exclude it in 1.0 project to get to a final spec sooner. I would like to = hear what others think on this front before deciding one way or another. >>=20 >> Personally speaking, I would like to keep that within the scope of = the WG charter. >>=20 >>=20 >> Cheers, >> Morteza >>=20 >> -----Original Message----- >> From: Kelly Grizzle [mailto:kelly.grizzle@sailpoint.com]=20 >> Sent: Thursday, February 09, 2012 6:19 AM >> To: Morteza Ansari (moransar); Lipton, Paul C; scim@ietf.org >> Subject: RE: Porposed charter >>=20 >> Generally, I think the charter looks good. As far as what is "out of = scope", I would say that things that we explicitly left as opaque in the = 1.0 spec should stay that way. For example, the exact format for = entitlements is unspecified - it may be a URN, an XACML string, or = something else. I don't think that SCIM should try to solve the problem = of how to format entitlements. We should leverage existing specs if we = go there. >>=20 >> Also, my preference is to keep the core constrained to primarily = identity and security-related objects - identities, groups, possibly = roles, etc... Things outside of this (ie - machines, etc...) should = probably be an extension, although in some cases we might have an = "official" extensions. >>=20 >> --Kelly >>=20 >> -----Original Message----- >> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf = Of Morteza Ansari (moransar) >> Sent: Wednesday, February 08, 2012 9:58 PM >> To: Lipton, Paul C; scim@ietf.org >> Subject: Re: [scim] Porposed charter >>=20 >> Thanks Paul, this is exactly why we wanted to discuss the draft = charter here. Excellent point, I can take a shot at adding that, but = would be great if others throw in suggestions on what should be = excluded. >>=20 >>=20 >> Cheers, >> Morteza >>=20 >> -----Original Message----- >> From: Lipton, Paul C [mailto:Paul.Lipton@ca.com]=20 >> Sent: Wednesday, February 08, 2012 7:41 PM >> To: Morteza Ansari (moransar); scim@ietf.org >> Subject: RE: Porposed charter >>=20 >> Hi all, >>=20 >> I realize that I am not a SCIM-er, but I've done some charters = before. In the spirit of being helpful, may I point out that one most = important part of a charter is the "Out of Scope" section. This not only = helps focus the group and fights "scope creep," but helps protect = participants from unanticipated IP obligations.=20 >>=20 >> Just a thought.=20 >>=20 >> Regards, >> Paul=20 >>=20 >> Paul Lipton >> CA Technologies >> VP, Industry Standards and Open Source >> Member, CA Council for Technical Excellence Office Phone: +1 609 = 583-9718 >> Mobile: +1 267 987-6887 >> Email: paul.lipton@ca.com >>=20 >> =3D=3D=3D >>=20 >> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf = Of Morteza Ansari (moransar) >> Sent: Wednesday, February 08, 2012 10:33 PM >> To: scim@ietf.org >> Subject: [scim] Porposed charter >>=20 >> Hi folks, >>=20 >> Here is the proposed charter as we discussed over the cloud-directory = mailing list. Please review and send your comments. >>=20 >>=20 >> Cheers, >> Morteza >>=20 >>=20 >> Simplified Cloud Identity Management (SCIM) >> -------------------------------------------------------- >>=20 >> Charter >>=20 >> Current Status: BOF Request >>=20 >> Chair(s): >> TBD1 >> TBD2 >>=20 >> Applications Area Director(s): >> Pete Resnick >> Peter Saint-Andre >>=20 >> Mailing Lists: >> General Discussion: scim@ietf.org >> To Subscribe: https://www.ietf.org/mailman/listinfo/scim >> Archive: = http://www.ietf.org/mail-archive/web/scim/current/maillist.html >>=20 >> Description of Working Group: >>=20 >> The Simple Cloud Identity Management (SCIM) specification is designed = to make managing user identity lifecycle in cloud based applications and = services easier. >>=20 >> The specification suite seeks to build upon experience with existing = schemas and deployments, placing specific emphasis on simplicity of = development and integration, while applying existing authentication, = authorization, and privacy models. Its intent is to reduce the cost and = complexity of user management operations by providing a common user = schema and extension model, as well as binding documents to provide = patterns for exchanging this schema using standard protocols. >>=20 >> The group will work to adapt the SCIM 1.0 specification produced = under the Open Web Foundation framework (http://www.simplecloud.info) as = an IETF technology for management of user identities in cloud-based = applications. >>=20 >> SCIM 1.0 consists of: >> . Schema definition for identity related objects . Protocol = definition for accessing and managing the identity objects . Binding of = SCIM schema to Security Assertion Markup Language (SAML) messages and = assertions . Binding of SCIM schema to Lightweight Directory Access = Protocol (LDAP) schema (RFC4519) >>=20 >> The Working Group will produce one or more documents suitable for = consideration as a Proposed Standard that will: >> . Improve the terminology used >> . Embody good security practices, document gaps in its capabilities, = and propose a path forward for addressing the gaps . Promote = interoperability . Provide guidelines for extensibility >>=20 >> SCIM 1.0 will be used as the starting point. The working group will = strive to retain backward compatibility with the 1.0 specification. = Changes that are not backwards compatible may be accepted if the group = determines changes are required to meet the group's technical objectives = and the group clearly documents the reasons for making them. >>=20 >> The Working Group should consider: >> . Implementer experience >> . The end-user experience, including internationalization . Existing = uses of SCIM . Ability to achieve broad implementation . Ability to = address broader use cases than those considered by the original authors = . Additional functions or extensions that are needed to address key = security concerns, cross-area review, and implementer feedback >>=20 >> The working group will focus on adapting the core technology first = but work on extensions will be considered after the core work is well in = hand. >> _______________________________________________ >> scim mailing list >> scim@ietf.org >> https://www.ietf.org/mailman/listinfo/scim >>=20 >>=20 >> _______________________________________________ >> scim mailing list >> scim@ietf.org >> https://www.ietf.org/mailman/listinfo/scim >=20 From trey.drake@unboundid.com Fri Feb 10 05:26:29 2012 Return-Path: X-Original-To: scim@ietfa.amsl.com Delivered-To: scim@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9DC7B21F8714 for ; Fri, 10 Feb 2012 05:26:28 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.599 X-Spam-Level: X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vqDYVx8sUMnQ for ; Fri, 10 Feb 2012 05:26:28 -0800 (PST) Received: from mail-tul01m020-f172.google.com (mail-tul01m020-f172.google.com [209.85.214.172]) by ietfa.amsl.com (Postfix) with ESMTP id BC59721F8705 for ; Fri, 10 Feb 2012 05:26:27 -0800 (PST) Received: by obbwd15 with SMTP id wd15so4518160obb.31 for ; Fri, 10 Feb 2012 05:26:27 -0800 (PST) Received: by 10.50.45.195 with SMTP id p3mr3646304igm.2.1328880387034; Fri, 10 Feb 2012 05:26:27 -0800 (PST) Received: from [192.168.241.189] (24-155-184-100.static.grandenetworks.net. [24.155.184.100]) by mx.google.com with ESMTPS id ml8sm6898588obc.0.2012.02.10.05.26.25 (version=TLSv1/SSLv3 cipher=OTHER); Fri, 10 Feb 2012 05:26:26 -0800 (PST) Content-Type: text/plain; charset=windows-1252 Mime-Version: 1.0 (Apple Message framework v1257) From: Trey Drake In-Reply-To: Date: Fri, 10 Feb 2012 07:26:21 -0600 Content-Transfer-Encoding: quoted-printable Message-Id: <0EBA476D-4A7D-40B3-94A0-E73734A6410C@unboundid.com> References: <93C6FB63F046384C86EC8F7F3FFEC7BE8A0405@XMB-RCD-313.cisco.com> To: cloud-directory@googlegroups.com, Simple Cloud Identity Management X-Mailer: Apple Mail (2.1257) X-Gm-Message-State: ALoCoQlPQ3DY9RK/kMmxIRvNMBsdgHoifT+mGOC+gRpS8ytBuBSJfId4jlFUrBkP4y3EM0lTy0sd Subject: Re: [scim] Draft BOF charter X-BeenThere: scim@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Simple Cloud Identity Management BOF List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Feb 2012 13:26:29 -0000 They are not. Paul M. owns the SAML AI, but we owe him feedback on the = latest proposal (see mailing list). =20 I've had an open action item for months to kickstart the LDAP binding. = I'll sketch next week. Thanks, Trey=20 On Feb 8, 2012, at 10:16 AM, Samuel Erdtman wrote: > Are the SAML and LDAP binding done? >=20 > Regards > //Samuel >=20 >=20 > On Wed, Jan 25, 2012 at 10:06 AM, Morteza Ansari (moransar) > wrote: >> Sorry folks, but I didn=92t get a chance to get this out sooner. = Attached is >> the strawman proposal for the BOF charter. Let=92s review this on the = call >> tomorrow and we can continue to work on it on the list. >>=20 >>=20 >>=20 >>=20 >>=20 >> Cheers, >>=20 >> Morteza >>=20 >>=20 >>=20 >>=20 >>=20 >> Simplified Cloud Identity Management (SCIM) >>=20 >> -------------------------------------------------------- >>=20 >>=20 >>=20 >> Charter >>=20 >>=20 >>=20 >> Current Status: BOF Request >>=20 >>=20 >>=20 >> Chair(s): >>=20 >> TBD1 >>=20 >> TBD2 >>=20 >>=20 >>=20 >> Applications Area Director(s): >>=20 >> Pete Resnick >>=20 >> Peter Saint-Andre >>=20 >>=20 >>=20 >> Mailing Lists: >>=20 >> General Discussion: scim@ietf.org >>=20 >> To Subscribe: https://www.ietf.org/mailman/listinfo/scim >>=20 >> Archive: >> http://www.ietf.org/mail-archive/web/scim/current/maillist.html >>=20 >>=20 >>=20 >> Description of Working Group: >>=20 >>=20 >>=20 >> The Simple Cloud Identity Management (SCIM) specification is designed = to >> make managing user identity lifecycle in cloud based applications and >> services easier. >>=20 >>=20 >>=20 >> The specification suite seeks to build upon experience with existing = schemas >> and deployments, placing specific emphasis on simplicity of = development and >> integration, while applying existing authentication, authorization, = and >> privacy models. Its intent is to reduce the cost and complexity of = user >> management operations by providing a common user schema and extension = model, >> as well as binding documents to provide patterns for exchanging this = schema >> using standard protocols. >>=20 >>=20 >>=20 >> The group will work to adapt the SCIM 1.0 specification (produced = under the >> Open Web Foundation framework) as an IETF technology for management = of user >> identities in cloud-based applications. >>=20 >>=20 >>=20 >> SCIM 1.0 consists of: >>=20 >> =B7 Schema definition for identity related objects >>=20 >> =B7 Protocol definition for accessing and managing the = identity >> objects >>=20 >> =B7 Binding of SCIM schema to Security Assertion Markup = Language >> (SAML) messages and assertions >>=20 >> =B7 Binding of SCIM schema to Lightweight Directory Access = Protocol >> (LDAP) schema (RFC4519) >>=20 >>=20 >>=20 >> The Working Group will produce one or more documents suitable for >> consideration as a Proposed Standard that will: >>=20 >> =B7 Improve the terminology used >>=20 >> =B7 Embody good security practices, document gaps in its = capabilities, >> and propose a path forward for addressing the gaps >>=20 >> =B7 Promote interoperability >>=20 >> =B7 Provide guidelines for extensibility >>=20 >>=20 >>=20 >> SCIM 1.0 will be used as the starting point. The working group will = strive >> to retain backward compatibility with the 1.0 specification. Changes = that >> are not backwards compatible may be accepted if the group determines = changes >> are required to meet the group's technical objectives and the group = clearly >> documents the reasons for making them. >>=20 >>=20 >>=20 >> The Working Group should consider: >>=20 >> =B7 Implementer experience >>=20 >> =B7 The end-user experience, including internationalization >>=20 >> =B7 Existing uses of SCIM >>=20 >> =B7 Ability to achieve broad implementation >>=20 >> =B7 Ability to address broader use cases than those = considered by the >> original authors >>=20 >> =B7 Additional functions or extensions that are needed to = address key >> security concerns, cross-area review, and implementer feedback >>=20 >>=20 >>=20 >> The working group will focus on adapting the core technology first = but work >> on extensions will be considered after the core work is well in hand. From stpeter@stpeter.im Thu Feb 16 13:12:23 2012 Return-Path: X-Original-To: scim@ietfa.amsl.com Delivered-To: scim@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F2F3421F8745 for ; Thu, 16 Feb 2012 13:12:22 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.566 X-Spam-Level: X-Spam-Status: No, score=-102.566 tagged_above=-999 required=5 tests=[AWL=0.033, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2erY48lsxW62 for ; Thu, 16 Feb 2012 13:12:18 -0800 (PST) Received: from stpeter.im (mailhost.stpeter.im [207.210.219.225]) by ietfa.amsl.com (Postfix) with ESMTP id CF35B21F85BB for ; Thu, 16 Feb 2012 13:12:17 -0800 (PST) Received: from squire.local (unknown [64.101.72.114]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id 56FC940058 for ; Thu, 16 Feb 2012 14:23:10 -0700 (MST) Message-ID: <4F3D712C.90909@stpeter.im> Date: Thu, 16 Feb 2012 14:12:12 -0700 From: Peter Saint-Andre User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.5; rv:10.0) Gecko/20120129 Thunderbird/10.0 MIME-Version: 1.0 To: scim@ietf.org X-Enigmail-Version: 1.3.5 OpenPGP: url=https://stpeter.im/stpeter.asc Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Subject: [scim] BoF Chairs X-BeenThere: scim@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Simple Cloud Identity Management BOF List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Feb 2012 21:12:23 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I'm happy to announce that Steve Bellovin and Eliot Lear have agreed to co-chair the BoF. Both Steve and Eliot have a great deal of experience within the IETF, so you will be in good hands. Peter - -- Peter Saint-Andre https://stpeter.im/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk89cSwACgkQNL8k5A2w/vyMWQCggTnFh8Aqm6EWZ3s5NwtuYV8l HFsAoKLL2+b8uVv0jDByAwr8es3Pq5kc =P4T6 -----END PGP SIGNATURE----- From stpeter@stpeter.im Thu Feb 23 10:15:03 2012 Return-Path: X-Original-To: scim@ietfa.amsl.com Delivered-To: scim@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A399B21F868A for ; Thu, 23 Feb 2012 10:15:02 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.683 X-Spam-Level: X-Spam-Status: No, score=-102.683 tagged_above=-999 required=5 tests=[AWL=-0.084, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rVCwI0iWXivW for ; Thu, 23 Feb 2012 10:15:01 -0800 (PST) Received: from stpeter.im (mailhost.stpeter.im [207.210.219.225]) by ietfa.amsl.com (Postfix) with ESMTP id 2F39921F8627 for ; Thu, 23 Feb 2012 10:15:00 -0800 (PST) Received: from squire.local (unknown [64.101.72.114]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id 2022A40058 for ; Thu, 23 Feb 2012 11:26:18 -0700 (MST) Message-ID: <4F468222.10704@stpeter.im> Date: Thu, 23 Feb 2012 11:14:58 -0700 From: Peter Saint-Andre User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.5; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2 MIME-Version: 1.0 To: scim@ietf.org X-Enigmail-Version: 1.3.5 OpenPGP: url=https://stpeter.im/stpeter.asc Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Subject: [scim] SCIM BoF approved X-BeenThere: scim@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Simple Cloud Identity Management BOF List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Feb 2012 18:15:03 -0000 Folks, During the IESG/IAB coordination call today, the SCIM BoF was approved. Congratulations! Now the real work begins. :) In preparing for the BoF, I encourage you all to read RFC 5454 ("Considerations for Having a Successful Birds-of-a-Feather Session"): http://tools.ietf.org/html/rfc5434 Please note that IETFers will use the BoF as way to answer the following sorts of questions: - whether SCIM is a technology that is worth spending all this time on (a working group is a fairly significant commitment for the IETF) - whether the IETF is the right place to do the work - whether there is "energy": that is, whether there are enough people to do things like write the specs, review the specs, participate on the mailing list, and chair the working group - whether there are any IPR issues (in this case, whether there is clarity regarding the transition from OWF to IETF IPR rules) - whether the proposed charter is scoped correctly Right now the BoF is tentatively scheduled for Thursday, March 29, 09:00-11:30 Paris time, but that is subject to change (although change is unlikely given how packed the schedule is). See you in Paris! Peter -- Peter Saint-Andre https://stpeter.im/ From stpeter@stpeter.im Thu Feb 23 10:17:53 2012 Return-Path: X-Original-To: scim@ietfa.amsl.com Delivered-To: scim@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7092021F86C5 for ; Thu, 23 Feb 2012 10:17:53 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.681 X-Spam-Level: X-Spam-Status: No, score=-102.681 tagged_above=-999 required=5 tests=[AWL=-0.082, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NZpp5Wcg0jQE for ; Thu, 23 Feb 2012 10:17:52 -0800 (PST) Received: from stpeter.im (mailhost.stpeter.im [207.210.219.225]) by ietfa.amsl.com (Postfix) with ESMTP id 9978B21F866D for ; Thu, 23 Feb 2012 10:17:52 -0800 (PST) Received: from squire.local (unknown [64.101.72.114]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id 94F6F40058 for ; Thu, 23 Feb 2012 11:29:10 -0700 (MST) Message-ID: <4F4682CF.1020001@stpeter.im> Date: Thu, 23 Feb 2012 11:17:51 -0700 From: Peter Saint-Andre User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.5; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2 MIME-Version: 1.0 To: scim@ietf.org References: <4F468222.10704@stpeter.im> In-Reply-To: <4F468222.10704@stpeter.im> X-Enigmail-Version: 1.3.5 OpenPGP: url=https://stpeter.im/stpeter.asc Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Subject: Re: [scim] SCIM BoF approved X-BeenThere: scim@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Simple Cloud Identity Management BOF List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Feb 2012 18:17:53 -0000 On 2/23/12 11:14 AM, Peter Saint-Andre wrote: > In preparing for the BoF, I encourage you all to read RFC 5454 That's RFC 5434. The URL was correct. Peter -- Peter Saint-Andre https://stpeter.im/ From moransar@cisco.com Thu Feb 23 12:51:34 2012 Return-Path: X-Original-To: scim@ietfa.amsl.com Delivered-To: scim@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 12C6221F887D for ; Thu, 23 Feb 2012 12:51:34 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -10.099 X-Spam-Level: X-Spam-Status: No, score=-10.099 tagged_above=-999 required=5 tests=[AWL=0.500, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pb0QVJs5YsHM for ; Thu, 23 Feb 2012 12:51:31 -0800 (PST) Received: from rcdn-iport-4.cisco.com (rcdn-iport-4.cisco.com [173.37.86.75]) by ietfa.amsl.com (Postfix) with ESMTP id B76D821F8817 for ; Thu, 23 Feb 2012 12:51:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=moransar@cisco.com; l=1727; q=dns/txt; s=iport; t=1330030289; x=1331239889; h=mime-version:content-transfer-encoding:subject:date: message-id:in-reply-to:references:from:to; bh=F6X3y5iaHbYSQEiIqLAJfwwEX3MLxT3vvCtX+QFHOqY=; b=R6oiUorFoVQMxVFUw5OLDgdLsCw+I4klNsOqOBsdgKW2npcb/EptaokR c8MgQiVsT0IMHEJzZucqm6Mnr2DUkXKDChb1UYh3K0iDjkAt7JrObOq0T QiZvRFeF52tVuwIJnOvM+88nqXHJDsiYDtBj11xhZT+Z24SxBs37V+lu4 k=; X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: Av8EAEqmRk+tJXG8/2dsb2JhbABEslCBB4FzAQEBBAEBAQ8BHQo0FwQCAQgRBAEBCwYXAQYBJh8JCAEBBAESCBqHaJpgAZ5sjHgQKD4aBQMChVQMBggSglljBIhPn3U X-IronPort-AV: E=Sophos;i="4.73,471,1325462400"; d="scan'208";a="61363072" Received: from rcdn-core2-1.cisco.com ([173.37.113.188]) by rcdn-iport-4.cisco.com with ESMTP; 23 Feb 2012 20:51:28 +0000 Received: from xbh-rcd-202.cisco.com (xbh-rcd-202.cisco.com [72.163.62.201]) by rcdn-core2-1.cisco.com (8.14.3/8.14.3) with ESMTP id q1NKpSj4023714; Thu, 23 Feb 2012 20:51:28 GMT Received: from xmb-rcd-313.cisco.com ([72.163.63.28]) by xbh-rcd-202.cisco.com with Microsoft SMTPSVC(6.0.3790.4675); Thu, 23 Feb 2012 14:51:27 -0600 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Date: Thu, 23 Feb 2012 14:51:26 -0600 Message-ID: <93C6FB63F046384C86EC8F7F3FFEC7BEC2B283@XMB-RCD-313.cisco.com> In-Reply-To: <4F468222.10704@stpeter.im> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [scim] SCIM BoF approved Thread-Index: AczyVxjoBeLBd2kqRWC2oT4lTRq5+QAFbp6A References: <4F468222.10704@stpeter.im> From: "Morteza Ansari (moransar)" To: "Peter Saint-Andre" , X-OriginalArrivalTime: 23 Feb 2012 20:51:27.0939 (UTC) FILETIME=[E9C67930:01CCF26C] Subject: Re: [scim] SCIM BoF approved X-BeenThere: scim@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Simple Cloud Identity Management BOF List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Feb 2012 20:51:34 -0000 Thanks Peter. I will update the charter draft based on the feedback and send an updated version to the list. Cheers, Morteza -----Original Message----- From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of Peter Saint-Andre Sent: Thursday, February 23, 2012 10:15 AM To: scim@ietf.org Subject: [scim] SCIM BoF approved Folks, During the IESG/IAB coordination call today, the SCIM BoF was approved. Congratulations! Now the real work begins. :) In preparing for the BoF, I encourage you all to read RFC 5454 ("Considerations for Having a Successful Birds-of-a-Feather Session"): http://tools.ietf.org/html/rfc5434 Please note that IETFers will use the BoF as way to answer the following sorts of questions: - whether SCIM is a technology that is worth spending all this time on (a working group is a fairly significant commitment for the IETF) - whether the IETF is the right place to do the work - whether there is "energy": that is, whether there are enough people to do things like write the specs, review the specs, participate on the mailing list, and chair the working group - whether there are any IPR issues (in this case, whether there is clarity regarding the transition from OWF to IETF IPR rules) - whether the proposed charter is scoped correctly Right now the BoF is tentatively scheduled for Thursday, March 29, 09:00-11:30 Paris time, but that is subject to change (although change is unlikely given how packed the schedule is). See you in Paris! Peter -- Peter Saint-Andre https://stpeter.im/ _______________________________________________ scim mailing list scim@ietf.org https://www.ietf.org/mailman/listinfo/scim From phil.hunt@oracle.com Thu Feb 23 15:24:51 2012 Return-Path: X-Original-To: scim@ietfa.amsl.com Delivered-To: scim@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2AA4921F86A7 for ; Thu, 23 Feb 2012 15:24:51 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -9.032 X-Spam-Level: X-Spam-Status: No, score=-9.032 tagged_above=-999 required=5 tests=[AWL=1.565, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8, UNPARSEABLE_RELAY=0.001] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zqecmYYvaz37 for ; Thu, 23 Feb 2012 15:24:49 -0800 (PST) Received: from rcsinet15.oracle.com (rcsinet15.oracle.com [148.87.113.117]) by ietfa.amsl.com (Postfix) with ESMTP id 5E73921F85A0 for ; Thu, 23 Feb 2012 15:24:41 -0800 (PST) Received: from ucsinet21.oracle.com (ucsinet21.oracle.com [156.151.31.93]) by rcsinet15.oracle.com (Sentrion-MTA-4.2.2/Sentrion-MTA-4.2.2) with ESMTP id q1NNOdHF019108 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 23 Feb 2012 23:24:40 GMT Received: from acsmt358.oracle.com (acsmt358.oracle.com [141.146.40.158]) by ucsinet21.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id q1NNOco7018462 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 23 Feb 2012 23:24:39 GMT Received: from abhmt103.oracle.com (abhmt103.oracle.com [141.146.116.55]) by acsmt358.oracle.com (8.12.11.20060308/8.12.11) with ESMTP id q1NNOcdc027367; Thu, 23 Feb 2012 17:24:38 -0600 Received: from dhcp-rmdc-twvpn-1-vpnpool-10-159-28-129.vpn.oracle.com (/10.159.28.129) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Thu, 23 Feb 2012 15:24:37 -0800 From: Phil Hunt Mime-Version: 1.0 (Apple Message framework v1251.1) Content-Type: multipart/alternative; boundary="Apple-Mail=_DAC1929E-E82F-45E1-B02A-2A155E7963FB" Date: Thu, 23 Feb 2012 15:24:39 -0800 In-Reply-To: <8F20CA41-B61E-4EE0-B801-F08F9CD48444@oracle.com> To: scim@ietf.org, "Morteza Ansari (moransar)" References: <8F20CA41-B61E-4EE0-B801-F08F9CD48444@oracle.com> Message-Id: X-Mailer: Apple Mail (2.1251.1) X-Source-IP: ucsinet21.oracle.com [156.151.31.93] X-CT-RefId: str=0001.0A090203.4F46CAB8.0071,ss=1,re=-2.300,fgs=0 Subject: Re: [scim] Porposed charter X-BeenThere: scim@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Simple Cloud Identity Management BOF List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Feb 2012 23:24:51 -0000 --Apple-Mail=_DAC1929E-E82F-45E1-B02A-2A155E7963FB Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=iso-8859-1 Morteza,=20 Very happy to see the SCIM WG is starting soon! Regarding the charter, I propose that the working group also adopt the = following OASIS Provisioning TC documents as input material: * A RESTful Binding to SPML - = http://wiki.oasis-open.org/provision/restpml * SIMPLEST: A standard schema for Identity and Access Management - = http://wiki.oasis-open.org/provision/simplest These documents can provide some additional implementation insight into = the final SCIM WG product. Based on the OASIS Provisioning TC experience, there are some additional = cloud requirements that could be added into SCIM 1.0, hopefully in a = straightforward, backwards compatible way.=20 The key items are: * Support for multiple targets within a SCIM service provider * A change to schema introducing a Person entity which for example is = associated with one or more User entities. The first item arises out of some practical deployment architecture = issues, the latter arises from an attestation issue that arises = regarding tracking what user accounts are associated with individuals -- = especially when they have more than one User account. For those that = want to read ahead now, I suggest reading: = http://wiki.oasis-open.org/provision/simplest#AccountManagement.3ATargetan= dAccount I propose to present on these two topics at the BoF and then based on = feedback can contribute the content in draft form into the WG for its = consideration. Regards, Phil @independentid www.independentid.com phil.hunt@oracle.com From: "Morteza Ansari (moransar)" To: Date: Wed, 8 Feb 2012 21:32:58 -0600 List-id: Simple Cloud Identity Management BOF Hi folks, =20 Here is the proposed charter as we discussed over the cloud-directory = mailing list. Please review and send your comments. =20 =20 Cheers, Morteza =20 =20 Simplified Cloud Identity Management (SCIM) -------------------------------------------------------- =20 Charter =20 Current Status: BOF Request =20 Chair(s): TBD1 TBD2 =20 Applications Area Director(s): Pete Resnick Peter Saint-Andre =20 Mailing Lists: General Discussion: scim at ietf.org To Subscribe: https://www.ietf.org/mailman/listinfo/scim Archive: = http://www.ietf.org/mail-archive/web/scim/current/maillist.html =20 Description of Working Group: =20 The Simple Cloud Identity Management (SCIM) specification is designed to = make managing user identity lifecycle in cloud based applications and = services easier. =20 The specification suite seeks to build upon experience with existing = schemas and deployments, placing specific emphasis on simplicity of = development and integration, while applying existing authentication, = authorization, and privacy models. Its intent is to reduce the cost and = complexity of user management operations by providing a common user = schema and extension model, as well as binding documents to provide = patterns for exchanging this schema using standard protocols. =20 The group will work to adapt the SCIM 1.0 specification produced under = the Open Web Foundation framework (http://www.simplecloud.info) as an = IETF technology for management of user identities in cloud-based = applications. =20 SCIM 1.0 consists of: =B7 Schema definition for identity related objects =B7 Protocol definition for accessing and managing the identity = objects =B7 Binding of SCIM schema to Security Assertion Markup Language = (SAML) messages and assertions =B7 Binding of SCIM schema to Lightweight Directory Access = Protocol (LDAP) schema (RFC4519) =20 The Working Group will produce one or more documents suitable for = consideration as a Proposed Standard that will: =B7 Improve the terminology used =B7 Embody good security practices, document gaps in its = capabilities, and propose a path forward for addressing the gaps =B7 Promote interoperability =B7 Provide guidelines for extensibility =20 SCIM 1.0 will be used as the starting point. The working group will = strive to retain backward compatibility with the 1.0 specification. = Changes that are not backwards compatible may be accepted if the group = determines changes are required to meet the group's technical objectives = and the group clearly documents the reasons for making them. =20 The Working Group should consider: =B7 Implementer experience =B7 The end-user experience, including internationalization =B7 Existing uses of SCIM =B7 Ability to achieve broad implementation =B7 Ability to address broader use cases than those considered = by the original authors =B7 Additional functions or extensions that are needed to = address key security concerns, cross-area review, and implementer = feedback =20 The working group will focus on adapting the core technology first but = work on extensions will be considered after the core work is well in = hand. --Apple-Mail=_DAC1929E-E82F-45E1-B02A-2A155E7963FB Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=iso-8859-1 A RESTful Binding = to SPML - http://wiki.oasis-op= en.org/provision/restpml
These documents can provide = some additional implementation insight into the final SCIM WG = product.

Based on the OASIS Provisioning TC = experience, there are some additional cloud requirements that could be = added into SCIM 1.0, hopefully in a straightforward, backwards = compatible way. 

The key items = are:
* Support for multiple targets within a SCIM service = provider
* A change to schema introducing a Person entity = which for example is associated with one or more User = entities.

The first item arises out of some = practical deployment architecture issues, the latter arises from an = attestation issue that arises regarding tracking what user accounts are = associated with individuals -- especially when they have more than one = User account. For those that want to read ahead now, I suggest = reading:

I propose to = present on these two topics at the BoF and then based on feedback can = contribute the content in draft form into the WG for its = consideration.

Regards,

=
www.independentid.com
phil.hunt@oracle.com


Hi folks,

 

Here is = the proposed charter as we discussed over the cloud-directory mailing = list. Please review and send your comments.

 

 

Cheers,

Morteza

 

 

Simplified Cloud Identity Management = (SCIM)

Charter

Current Status: BOF = Request

 

     = TBD1

     TBD2

Applications Area = Director(s):

     Pete Resnick = <presnick at qualcomm.com>

 

Mailing = Lists:

     General Discussion: = scim at ietf.org

https://www.ietf.org/m= ailman/listinfo/scim

h= ttp://www.ietf.org/mail-archive/web/scim/current/maillist.html

Description of Working = Group:

 

The Simple Cloud = Identity Management (SCIM) specification is designed to make managing = user identity lifecycle in cloud based applications and services = easier.

 

The specification = suite seeks to build upon experience with existing schemas and = deployments, placing specific emphasis on simplicity of development and = integration, while applying existing authentication, authorization, and = privacy models. Its intent is to reduce the cost and complexity of user = management operations by providing a common user schema and extension = model, as well as binding documents to provide patterns for exchanging = this schema using standard protocols.

The group will work to adapt the SCIM 1.0 = specification produced under the Open Web Foundation framework (http://www.simplecloud.info) = as an IETF technology for management of user identities in cloud-based = applications.

 

SCIM 1.0 consists = of:

=B7Schema definition for identity related = objects

=B7Protocol definition for accessing and = managing the identity objects

Binding of SCIM schema to Security = Assertion Markup Language (SAML) messages and = assertions

=B7Binding of SCIM schema to Lightweight = Directory Access Protocol (LDAP) schema = (RFC4519)

 

The Working Group = will produce one or more documents suitable for consideration as a = Proposed Standard that will:

Improve the terminology = used

=B7Embody good security practices, = document gaps in its capabilities, and propose a path forward for = addressing the gaps

=B7Promote = interoperability

=B7Provide guidelines for = extensibility

 

SCIM 1.0 will be = used as the starting point. The working group will strive to retain = backward compatibility with the 1.0 specification. Changes that are not = backwards compatible may be accepted if the group determines changes are = required to meet the group's technical objectives and the group clearly = documents the reasons for making them.

The Working Group should = consider:

=B7Implementer = experience

=B7The end-user experience, including = internationalization

=B7Existing uses of = SCIM

=B7Ability to achieve broad = implementation

=B7Ability to address broader use cases = than those considered by the original authors

Additional functions or extensions = that are needed to address key security concerns, cross-area review, and = implementer feedback

 

The working group = will focus on adapting the core technology first but work on extensions = will be considered after the core work is well in = hand.



= --Apple-Mail=_DAC1929E-E82F-45E1-B02A-2A155E7963FB-- From prateek.mishra@oracle.com Tue Feb 28 09:04:13 2012 Return-Path: X-Original-To: scim@ietfa.amsl.com Delivered-To: scim@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C22DE21F86C5 for ; Tue, 28 Feb 2012 09:04:13 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -10.599 X-Spam-Level: X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PVa0WdUrW9-3 for ; Tue, 28 Feb 2012 09:04:13 -0800 (PST) Received: from acsinet15.oracle.com (acsinet15.oracle.com [141.146.126.227]) by ietfa.amsl.com (Postfix) with ESMTP id 3AF1421F8682 for ; Tue, 28 Feb 2012 09:04:13 -0800 (PST) Received: from ucsinet22.oracle.com (ucsinet22.oracle.com [156.151.31.94]) by acsinet15.oracle.com (Sentrion-MTA-4.2.2/Sentrion-MTA-4.2.2) with ESMTP id q1SH4B6R031817 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Tue, 28 Feb 2012 17:04:12 GMT Received: from acsmt356.oracle.com (acsmt356.oracle.com [141.146.40.156]) by ucsinet22.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id q1SH4AeM009563 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 28 Feb 2012 17:04:11 GMT Received: from abhmt102.oracle.com (abhmt102.oracle.com [141.146.116.54]) by acsmt356.oracle.com (8.12.11.20060308/8.12.11) with ESMTP id q1SH4Ajd028898 for ; Tue, 28 Feb 2012 11:04:10 -0600 Received: from [192.168.2.3] (/66.31.108.94) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Tue, 28 Feb 2012 09:04:10 -0800 Message-ID: <4F4D0908.4040906@oracle.com> Date: Tue, 28 Feb 2012 12:04:08 -0500 From: prateek mishra Organization: Oracle Corporation User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2 MIME-Version: 1.0 To: scim@ietf.org Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Source-IP: ucsinet22.oracle.com [156.151.31.94] X-CT-RefId: str=0001.0A090206.4F4D090C.0161,ss=1,re=0.000,fgs=0 Subject: [scim] a few questions about the proposed charter X-BeenThere: scim@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Simple Cloud Identity Management BOF List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Feb 2012 17:04:13 -0000 Greetings! I am try to understand both the scope and methodology proposed for this effort. I did read a proposed charter at http://www.ietf.org/mail-archive/web/scim/current/msg00003.html (1) The charter references the "SCIM 1.0 Specification", which I couldnt track down. Where has this specification been developed (perhaps within some standards body?) and in what sense is it a specification? Perhaps this is a reference to a draft documents meant as input to this group? Anyway, it is likely that I am missing the point completely, but I would appreciate any clarification available. (2) What does it mean to say that "the group will work to adapt the SCIM 1.0 specification....as an IETF technology "? (3) The phrase "Cloud Identity Management" describes an enormous technological landscape . It might include, for example, the issuance of credentials to individuals from a cloud service provider, the use of a variety of authentication technologies, means by which user profiles are established and validated, profiling existing standards such as SAML 2.0, OAuth 2.0, XACML 3.0 or SPML 2.0 and so on and so forth. Does the working group plan to work on solutions to all of these problems? Are there some specific problems that are excluded or included within the scope of this work? Thanks in advance, prateek From Chris.Phillips@canarie.ca Tue Feb 28 11:24:07 2012 Return-Path: X-Original-To: scim@ietfa.amsl.com Delivered-To: scim@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1E83821F85CD for ; Tue, 28 Feb 2012 11:24:07 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qw9YpbUZV+vp for ; Tue, 28 Feb 2012 11:24:06 -0800 (PST) Received: from mail.canarie.ca (mail.canarie.ca [205.189.33.5]) by ietfa.amsl.com (Postfix) with ESMTP id 1400821F85B5 for ; Tue, 28 Feb 2012 11:24:05 -0800 (PST) Received: from RANCOR.canarie.local ([fe80::5c7e:71ff:1ed0:916d]) by RANCOR.canarie.local ([fe80::5c7e:71ff:1ed0:916d%10]) with mapi; Tue, 28 Feb 2012 14:24:05 -0500 From: Chris Phillips To: "scim@ietf.org" Date: Tue, 28 Feb 2012 14:24:03 -0500 Thread-Topic: [scim] a few questions about the proposed charter Thread-Index: Acz2Tog6i5eHy2dqTTChSTlRvGg+/A== Message-ID: In-Reply-To: <4F4D0908.4040906@oracle.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/14.10.0.110310 acceptlanguage: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: Re: [scim] a few questions about the proposed charter X-BeenThere: scim@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Simple Cloud Identity Management BOF List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Feb 2012 19:24:07 -0000 Hi Prateek, Speaking as a collaborator on the SCIM effort I'll take a stab at your questions... For #1, see the documents hosted at http://www.simplecloud.info , the ones labelled 1.0 For #2, I believe the intent is to have SCIM be a formal IETF standard...what precisely that entails and what adjustments may be necessary to SCIM as it is today, if any, is why the adapt part is mentioned. For #3, you are right, it is a big landscape. The SCIM contributors are going through the effort of profiling some technologies you mention. Schema mappings are of particular interest and the prominent ones are LDAP objectclasses and SAML. I'm involved with the SCIM->LDAP and SCIM-> SAML schema mappings as they are very relevant to me and my role and organization. Determining what is in and out of scope is hard, but I lean toward answering your question with another one: 'What makes sense and is meaningful and relevant?' I think people will find the SCIM user scenarios[1] have a lot of coverage and utility in the profiling exercise. SCIM evolved with these user scenarios in mind so if you assess how much overlap on the scenarios one has, you will get an idea of how much coverage SCIM has in a given area. As SCIM matures and more comparison and contrasts against other techniques happen I think people will appreciate the 'less is more' approach that SCIM tries to embody. Chris... ___________________________________________________________________________ ___ Chris Phillips | Technical Architect, CANARIE Inc.| chris.phillips@canarie.ca | W: 613.449.6715 [1] http://www.simplecloud.info/specs/draft-scim-scenarios-04.html On 12-02-28 12:04 PM, "prateek mishra" wrote: >Greetings! > >I am try to understand both the scope and methodology proposed for this >effort. I did read a proposed charter at > >http://www.ietf.org/mail-archive/web/scim/current/msg00003.html > >(1) The charter references the "SCIM 1.0 Specification", which I couldnt >track down. Where has this specification been >developed (perhaps within some standards body?) and in what sense is it >a specification? Perhaps this is a reference to a draft documents meant >as input to this group? >Anyway, it is likely that I am missing the point completely, but I would >appreciate any clarification available. > >(2) What does it mean to say that "the group will work to adapt the SCIM >1.0 specification....as an IETF technology "? > >(3) The phrase "Cloud Identity Management" describes an enormous >technological landscape . It might include, for example, the issuance of >credentials >to individuals from a cloud service provider, the use of a variety of >authentication technologies, means by which user profiles are >established and validated, profiling existing >standards such as SAML 2.0, OAuth 2.0, XACML 3.0 or SPML 2.0 and so on >and so forth. Does the working group plan to work on solutions >to all of these problems? Are there some specific problems that are >excluded or included within the scope of this work? > > >Thanks in advance, >prateek >_______________________________________________ >scim mailing list >scim@ietf.org >https://www.ietf.org/mailman/listinfo/scim From Chris.Phillips@canarie.ca Wed Feb 29 08:57:20 2012 Return-Path: X-Original-To: scim@ietfa.amsl.com Delivered-To: scim@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AF95021F8744 for ; Wed, 29 Feb 2012 08:57:20 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.599 X-Spam-Level: X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[AWL=0.999, BAYES_00=-2.599, GB_I_INVITATION=-2, HTML_MESSAGE=0.001] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id J+kEP49-c2WM for ; Wed, 29 Feb 2012 08:57:19 -0800 (PST) Received: from mail.canarie.ca (mail.canarie.ca [205.189.33.5]) by ietfa.amsl.com (Postfix) with ESMTP id 9A04121F873A for ; Wed, 29 Feb 2012 08:57:19 -0800 (PST) Received: from RANCOR.canarie.local ([fe80::5c7e:71ff:1ed0:916d]) by RANCOR.canarie.local ([fe80::5c7e:71ff:1ed0:916d%10]) with mapi; Wed, 29 Feb 2012 11:44:18 -0500 From: Chris Phillips To: "scim@ietf.org" Date: Wed, 29 Feb 2012 11:44:17 -0500 Thread-Topic: Mtg Notes: Weekly SCIM Webex Call Feb 29 Thread-Index: Acz3AWEY0p6n7ASJRESrtr/yOX+3sw== Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/14.10.0.110310 acceptlanguage: en-US Content-Type: multipart/alternative; boundary="_000_CB73C0117A806chrisphillipscanarieca_" MIME-Version: 1.0 Subject: [scim] Mtg Notes: Weekly SCIM Webex Call Feb 29 X-BeenThere: scim@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Simple Cloud Identity Management BOF List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Feb 2012 16:57:20 -0000 --_000_CB73C0117A806chrisphillipscanarieca_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Agenda was light so it was a brief call: Topics Covered: * Availability of the webex connect info on the simplecloud.info site * Chris P to add item to issue tracker to get connect info published = to website & note sent out to both lists as a touch point for others * Current link: https://go.webex.com/go/j.php?J=3D341843003&PW=3DNYW= RkZWZjYjUy * Interop @ IETF topics * Questions arising regarding ability for remote participation at the= interop event. * Email traffic on list suggests it is possible, no formalized way= as of yet however * Kelly Grizzle to check into options and times for the Interop= event and how people can remotely participate & feedback to list * Communications topics: cloud-directory list(200+ subscribers?) and sci= m@ietf.org list (?? Subscribers) * Question regarding communication patterns for the lists what to pos= t where. * Topics for IETF are trickling in at the moment. See past notes = from Trey/Morteza regarding invitation to IETF list * Meeting notes to be posted to both * Encourage cloud-directory members to join IETF list as it is equ= ally low traffic but will insure visibility to new topics introduced * Mappings to SAML update * Chris P working with Trey on initial bindings. Work in progress, g= aining input from other communities and contributors about them. * Last Weeks call indicated that the Multiple documents will be cr= eated instead of one large document * Primary doc for high fidelity set * Sub documents per mapping recommendation activity (LDAP & SAM= L identified so far) * No other mappings suggested yet (OpenIDConnect user Schema?) * Please contact Chris P or Trey if you have an interest in this a= rea. No new topics for next call, so if you have one, please send it out to the = cloud-directory list Chris. ___________________________________________________________________________= ___ Chris Phillips | Technical Architect, CANARIE Inc.| chris.phillips@canarie.= ca | W: 613.449.6715 --_000_CB73C0117A806chrisphillipscanarieca_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Agenda wa= s light so it was a brief call:

Topics Covered:
  • Availability of the webex connect info on the simplecloud.inf= o site
    • =
  • Interop @ IETF topics
    • Questions arising regarding ab= ility for remote participation at the interop event. 
      • Emai= l traffic on list suggests it is possible, no formalized way as of yet howe= ver
        • Kelly Grizzle to check into options and times for the Inter= op event and how people can remotely participate & feedback to list
  • Communications topics: cloud-directory list(200+= subscribers?) and scim@ietf.org list (?? Subscribers)
    • Question= regarding communication patterns for the lists what to post where.
    • Topics for IETF are trickling in at the moment.  See past notes f= rom Trey/Morteza regarding invitation to IETF list
    • Meeting notes to= be posted to both
    • Encou= rage cloud-directory members to join IETF list as it is equally low traffic= but will insure visibility to new topics introduced
<= li>Mappings to SAML update
  • Chris P working with Trey on = initial bindings.  Work in progress, gaining input from other communit= ies and contributors about them.
    • Last Weeks call indicated that= the Multiple documents will be created instead of one large document
      • <= ul>
    • Primary doc for high fidelity set
    • Sub documents per mapping = recommendation activity (LDAP & SAML identified so far)
    • No othe= r mappings suggested yet (OpenIDConnect user Schema?)
  • Please c= ontact Chris P or Trey if you have an interest in this area.
=

No new topics for next call, so if you have one, p= lease send it out to the cloud-directory list

Chri= s.
____________________________________________________= __________________________
Chris Phillips | Technical Architect, = CANARIE Inc.| chris.phillips@canarie.ca | W: 613.449.6715 
<= /div>


--_000_CB73C0117A806chrisphillipscanarieca_-- From phil.hunt@oracle.com Wed Feb 29 09:43:14 2012 Return-Path: X-Original-To: scim@ietfa.amsl.com Delivered-To: scim@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1AE3221F86CB for ; Wed, 29 Feb 2012 09:43:14 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -10.659 X-Spam-Level: X-Spam-Status: No, score=-10.659 tagged_above=-999 required=5 tests=[AWL=1.940, BAYES_00=-2.599, GB_I_INVITATION=-2, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qEgUr-FoVaQz for ; Wed, 29 Feb 2012 09:43:12 -0800 (PST) Received: from acsinet15.oracle.com (acsinet15.oracle.com [141.146.126.227]) by ietfa.amsl.com (Postfix) with ESMTP id A218C21F86BE for ; Wed, 29 Feb 2012 09:43:08 -0800 (PST) Received: from acsinet21.oracle.com (acsinet21.oracle.com [141.146.126.237]) by acsinet15.oracle.com (Sentrion-MTA-4.2.2/Sentrion-MTA-4.2.2) with ESMTP id q1THgMj0027134 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Wed, 29 Feb 2012 17:43:04 GMT Received: from acsmt358.oracle.com (acsmt358.oracle.com [141.146.40.158]) by acsinet21.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id q1THfVtp027880 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 29 Feb 2012 17:41:31 GMT Received: from abhmt110.oracle.com (abhmt110.oracle.com [141.146.116.62]) by acsmt358.oracle.com (8.12.11.20060308/8.12.11) with ESMTP id q1THfUMA014633; Wed, 29 Feb 2012 11:41:31 -0600 Received: from [192.168.1.8] (/24.87.212.4) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Wed, 29 Feb 2012 09:41:30 -0800 Mime-Version: 1.0 (Apple Message framework v1257) Content-Type: multipart/alternative; boundary="Apple-Mail=_DC643E4B-985B-408D-94BC-D52A9CAFCE2E" From: Phil Hunt In-Reply-To: Date: Wed, 29 Feb 2012 09:41:29 -0800 Message-Id: <53FEBCE0-2054-4B92-B358-8C2A1377DC9D@oracle.com> References: To: Chris Phillips X-Mailer: Apple Mail (2.1257) X-Source-IP: acsinet21.oracle.com [141.146.126.237] X-Auth-Type: Internal IP X-CT-RefId: str=0001.0A090208.4F4E63AA.00D7,ss=1,re=-2.300,fgs=0 Cc: "scim@ietf.org" Subject: Re: [scim] Mtg Notes: Weekly SCIM Webex Call Feb 29 X-BeenThere: scim@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Simple Cloud Identity Management BOF List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Feb 2012 17:43:14 -0000 --Apple-Mail=_DC643E4B-985B-408D-94BC-D52A9CAFCE2E Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii Sorry I missed the call. I did not see a notice posted to the IETF SCIM = list for the call. Did I miss something? Some of us are likely not on = the non-IETF list. Am assuming this is just a mix-up during the = switch-over (or I goofed). Also, did anyone have any comments on my suggestions for input docs to = the charter? Thanks! Phil @independentid www.independentid.com phil.hunt@oracle.com On 2012-02-29, at 8:44 AM, Chris Phillips wrote: >=20 > Agenda was light so it was a brief call: >=20 > Topics Covered: > Availability of the webex connect info on the simplecloud.info site > Chris P to add item to issue tracker to get connect info published to = website & note sent out to both lists as a touch point for others > Current link: = https://go.webex.com/go/j.php?J=3D341843003&PW=3DNYWRkZWZjYjUy > Interop @ IETF topics > Questions arising regarding ability for remote participation at the = interop event.=20 > Email traffic on list suggests it is possible, no formalized way as of = yet however > Kelly Grizzle to check into options and times for the Interop event = and how people can remotely participate & feedback to list > Communications topics: cloud-directory list(200+ subscribers?) and = scim@ietf.org list (?? Subscribers) > Question regarding communication patterns for the lists what to post = where. > Topics for IETF are trickling in at the moment. See past notes from = Trey/Morteza regarding invitation to IETF list > Meeting notes to be posted to both > Encourage cloud-directory members to join IETF list as it is equally = low traffic but will insure visibility to new topics introduced > Mappings to SAML update > Chris P working with Trey on initial bindings. Work in progress, = gaining input from other communities and contributors about them. > Last Weeks call indicated that the Multiple documents will be created = instead of one large document > Primary doc for high fidelity set > Sub documents per mapping recommendation activity (LDAP & SAML = identified so far) > No other mappings suggested yet (OpenIDConnect user Schema?) > Please contact Chris P or Trey if you have an interest in this area. >=20 > No new topics for next call, so if you have one, please send it out to = the cloud-directory list >=20 > Chris. > = __________________________________________________________________________= ____ > Chris Phillips | Technical Architect, CANARIE Inc.| = chris.phillips@canarie.ca | W: 613.449.6715=20 >=20 >=20 > _______________________________________________ > scim mailing list > scim@ietf.org > https://www.ietf.org/mailman/listinfo/scim --Apple-Mail=_DC643E4B-985B-408D-94BC-D52A9CAFCE2E Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=us-ascii Sorry = I missed the call. I did not see a notice posted to the IETF SCIM list = for the call. Did I miss something? Some of us are likely not on the = non-IETF list.  Am assuming this is just a mix-up during the = switch-over (or I goofed).

Also, did anyone have = any comments on my suggestions for input docs to the = charter?

Thanks!

Phil

@independentid
www.independentid.com
phil.hunt@oracle.com





On 2012-02-29, at 8:44 AM, Chris Phillips wrote:


Agenda was = light so it was a brief call:

Topics = Covered:
  • Availability of the webex connect info on the = simplecloud.info site
    • Chris P to add item to issue = tracker to get connect info published to website & note sent out to = both lists as a touch point for others
    • Current link:  https://go.scim@ietf.org list (?? = Subscribers)
      • Question regarding communication patterns for = the lists what to post where.
        • Topics for IETF are trickling = in at the moment.  See past notes from Trey/Morteza regarding = invitation to IETF list
        • Meeting notes to be posted to = both
        • Encourage cloud-directory members to join = IETF list as it is equally low traffic but will insure visibility to new = topics introduced
    • Mappings to SAML = update
      • Chris P working with Trey on initial bindings. =  Work in progress, gaining input from other communities and = contributors about them.
        • Last Weeks call indicated that the = Multiple documents will be created instead of one large = document
          • Primary doc for high fidelity set
          • Sub = documents per mapping recommendation activity (LDAP & SAML = identified so far)
          • No other mappings suggested yet = (OpenIDConnect user Schema?)
        • Please contact Chris P or Trey = if you have an interest in this = area.

    No new topics for next = call, so if you have one, please send it out to the cloud-directory = list

    Chris.
    _________________= _____________________________________________________________
    Ch= ris Phillips | Technical Architect, CANARIE Inc.| chris.phillips@canarie.ca = | W: = 613.449.6715 


_______________________________________________
scim mailing = list
scim@ietf.org
https://www.ietf.org/ma= ilman/listinfo/scim

= --Apple-Mail=_DC643E4B-985B-408D-94BC-D52A9CAFCE2E-- From moransar@cisco.com Wed Feb 29 09:58:46 2012 Return-Path: X-Original-To: scim@ietfa.amsl.com Delivered-To: scim@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3F2D521F8710 for ; Wed, 29 Feb 2012 09:58:46 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -11.198 X-Spam-Level: X-Spam-Status: No, score=-11.198 tagged_above=-999 required=5 tests=[AWL=1.400, BAYES_00=-2.599, GB_I_INVITATION=-2, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iU349+fej1Pk for ; Wed, 29 Feb 2012 09:58:45 -0800 (PST) Received: from rcdn-iport-6.cisco.com (rcdn-iport-6.cisco.com [173.37.86.77]) by ietfa.amsl.com (Postfix) with ESMTP id CE47C21F8705 for ; Wed, 29 Feb 2012 09:58:44 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=moransar@cisco.com; l=22205; q=dns/txt; s=iport; t=1330538324; x=1331747924; h=mime-version:subject:date:message-id:in-reply-to: references:from:to:cc; bh=Fc460mWw2JjXxaRyR04XNKNHACd+t98BXh/2lwhX2/g=; b=OAR+mp5ooyAf5jzT+OUWJDBdPtjSPxJZYAjvitLuPAHMt7spxm5MNJc7 Imix9XRt9rYaufl5B9mfDKxBn0IqRWBI1x9rYeIuTN4xBLB1T0Bi08M81 E//CFCIeiTQDYumv9A87Bo2Wzs9naMt7kvnrcxe+SCHdYlpyMGqtW3rap s=; X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AgYSAFNmTk+tJV2a/2dsb2JhbAAqFwOCP6ADkRuBB4F6AQEBBAEBAQ8BCQEQAzwCCxACAQgRBAEBCwYQBwEGASYfCQgBAQQBEggah2cLKZoWAZ8djH8DCQcKUBiEWRYXAR8VEQIBAQQHBwUEAgEDAgIBAgMBBwMBCYJAYwSIT6AAgT0 X-IronPort-AV: E=Sophos;i="4.73,504,1325462400"; d="scan'208,217";a="62730302" Received: from rcdn-core-3.cisco.com ([173.37.93.154]) by rcdn-iport-6.cisco.com with ESMTP; 29 Feb 2012 17:58:44 +0000 Received: from xbh-rcd-202.cisco.com (xbh-rcd-202.cisco.com [72.163.62.201]) by rcdn-core-3.cisco.com (8.14.3/8.14.3) with ESMTP id q1THwiJ7026615; Wed, 29 Feb 2012 17:58:44 GMT Received: from xmb-rcd-313.cisco.com ([72.163.63.28]) by xbh-rcd-202.cisco.com with Microsoft SMTPSVC(6.0.3790.4675); Wed, 29 Feb 2012 11:58:44 -0600 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01CCF70B.C6EADE8A" Date: Wed, 29 Feb 2012 11:58:44 -0600 Message-ID: <93C6FB63F046384C86EC8F7F3FFEC7BEC9C2A8@XMB-RCD-313.cisco.com> In-Reply-To: <53FEBCE0-2054-4B92-B358-8C2A1377DC9D@oracle.com> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [scim] Mtg Notes: Weekly SCIM Webex Call Feb 29 Thread-Index: Acz3CZ5utNFLcbacR9uQdA/rOymeKQAAFiIQ References: <53FEBCE0-2054-4B92-B358-8C2A1377DC9D@oracle.com> From: "Morteza Ansari (moransar)" To: "Phil Hunt" , "Chris Phillips" X-OriginalArrivalTime: 29 Feb 2012 17:58:44.0249 (UTC) FILETIME=[C7036090:01CCF70B] Cc: scim@ietf.org Subject: Re: [scim] Mtg Notes: Weekly SCIM Webex Call Feb 29 X-BeenThere: scim@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Simple Cloud Identity Management BOF List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Feb 2012 17:58:46 -0000 This is a multi-part message in MIME format. ------_=_NextPart_001_01CCF70B.C6EADE8A Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable This was not an IETF SCIM call. We still have a weekly call for the SCIM 1.0 discussions like draft documents being worked on, interop event being worked out for SCIM 1.0, etc. We need to get better in separating the work that is being wrapped up on SCIM 1.0 and the IETF SCIM work that we are trying to kick start. If the group feels it would help, we certainly could have an IETF SCIM call to get things moving in place of or in addition to the SCIM 1.0 weekly call. =20 =20 Cheers, Morteza =20 From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of Phil Hunt Sent: Wednesday, February 29, 2012 9:41 AM To: Chris Phillips Cc: scim@ietf.org Subject: Re: [scim] Mtg Notes: Weekly SCIM Webex Call Feb 29 =20 Sorry I missed the call. I did not see a notice posted to the IETF SCIM list for the call. Did I miss something? Some of us are likely not on the non-IETF list. Am assuming this is just a mix-up during the switch-over (or I goofed). =20 Also, did anyone have any comments on my suggestions for input docs to the charter? =20 Thanks! =20 Phil =20 @independentid www.independentid.com phil.hunt@oracle.com =20 =20 On 2012-02-29, at 8:44 AM, Chris Phillips wrote: =20 Agenda was light so it was a brief call: =20 Topics Covered: * Availability of the webex connect info on the simplecloud.info site * Chris P to add item to issue tracker to get connect info published to website & note sent out to both lists as a touch point for others * Current link: https://go.webex.com/go/j.php?J=3D341843003&PW=3DNYWRkZWZjYjUy =20 * Interop @ IETF topics * Questions arising regarding ability for remote participation at the interop event.=20 * Email traffic on list suggests it is possible, no formalized way as of yet however * Kelly Grizzle to check into options and times for the Interop event and how people can remotely participate & feedback to list * Communications topics: cloud-directory list(200+ subscribers?) and scim@ietf.org list (?? Subscribers) * Question regarding communication patterns for the lists what to post where. * Topics for IETF are trickling in at the moment. See past notes from Trey/Morteza regarding invitation to IETF list * Meeting notes to be posted to both * Encourage cloud-directory members to join IETF list as it is equally low traffic but will insure visibility to new topics introduced * Mappings to SAML update * Chris P working with Trey on initial bindings. Work in progress, gaining input from other communities and contributors about them. * Last Weeks call indicated that the Multiple documents will be created instead of one large document * Primary doc for high fidelity set * Sub documents per mapping recommendation activity (LDAP & SAML identified so far) * No other mappings suggested yet (OpenIDConnect user Schema?) * Please contact Chris P or Trey if you have an interest in this area. =20 No new topics for next call, so if you have one, please send it out to the cloud-directory list =20 Chris. ________________________________________________________________________ ______ Chris Phillips | Technical Architect, CANARIE Inc.| chris.phillips@canarie.ca | W: 613.449.6715=20 =20 =20 _______________________________________________ scim mailing list scim@ietf.org https://www.ietf.org/mailman/listinfo/scim =20 ------_=_NextPart_001_01CCF70B.C6EADE8A Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

This was not an IETF SCIM call.  We still have a weekly call for = the SCIM 1.0 discussions like draft documents being worked on, interop = event being worked out for SCIM 1.0, etc.  We need to get better in = separating the work that is being wrapped up on SCIM 1.0 and the IETF = SCIM work that we are trying to kick start.  If the group feels it = would help, we certainly could have an IETF SCIM call to get things = moving in place of or in addition to the SCIM 1.0 weekly = call.

 

 

Cheers,

Morteza

 

From:= = scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of = Phil Hunt
Sent: Wednesday, February 29, 2012 9:41 = AM
To: Chris Phillips
Cc: = scim@ietf.org
Subject: Re: [scim] Mtg Notes: Weekly SCIM Webex = Call Feb 29

 

Sorry I = missed the call. I did not see a notice posted to the IETF SCIM list for = the call. Did I miss something? Some of us are likely not on the = non-IETF list.  Am assuming this is just a mix-up during the = switch-over (or I goofed).

 

Also, did anyone have any comments on my suggestions = for input docs to the charter?

 

Thanks!

 

Phil

 

@independentid

phil.hunt@oracle.com<= /span>

 



 

On = 2012-02-29, at 8:44 AM, Chris Phillips wrote:



 

Agenda was light so it was a brief = call:

 

Topics Covered:

  • Availabilit= y of the webex connect info on the simplecloud.info site=
  • Interop @ = IETF topics=
    • Questions = arising regarding ability for remote participation at the interop = event. 
      • Email = traffic on list suggests it is possible, no formalized way as of yet = however
        • Kelly = Grizzle to check into options and times for the Interop event and how = people can remotely participate & feedback to = list
  • Communicati= ons topics: cloud-direc= tory list(200+ subscribers?) and scim@ietf.org list (?? = Subscribers)
    • Question = regarding communication patterns for the lists what to post = where.
      • Topics for = IETF are trickling in at the moment.  See past notes from = Trey/Morteza regarding invitation to IETF list
      • Meeting = notes to be posted to both
      • Encourage cloud-directory = members to join IETF list as it is equally low traffic but will insure = visibility to new topics introduced=
  • Mappings = to SAML update=
    • Chris P = working with Trey on initial bindings.  Work in progress, gaining = input from other communities and contributors about = them.
      • Last Weeks = call indicated that the Multiple documents will be created instead of = one large document
        • Primary = doc for high fidelity set
        • Sub = documents per mapping recommendation activity (LDAP & SAML = identified so far)
        • No other = mappings suggested yet (OpenIDConnect user = Schema?)
      • Please = contact Chris P or Trey if you have an interest in this = area.

 

No new topics for next call, so if you have one, please send it out to = the cloud-directory list

 

Chris.

________________________________________________________________________= ______

Chris Phillips | Technical Architect, CANARIE Inc.| chris.phillips@canarie.ca = | W: = 613.449.6715 

 

 

_______________________________________________
scim= mailing list
scim@ietf.org
https://www.ietf.org/= mailman/listinfo/scim

 

------_=_NextPart_001_01CCF70B.C6EADE8A--