From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: scim@ietf.org
Reply-To: iesg@ietf.org
Subject: WG Review: System for Cross-domain Identity Management (scim)
A new IETF WG has been proposed in the Applications and Real-Time Area. The
IESG has not made any determination yet. The following draft charter was
submitted, and is provided for informational purposes only. Please send your
comments to the IESG mailing list (iesg@ietf.org) by 2021-10-18.
System for Cross-domain Identity Management (scim)
-----------------------------------------------------------------------
Current status: Proposed WG
Chairs:
Nancy Cam-Winget <ncamwing@cisco.com>
Assigned Area Director:
Roman Danyliw <rdd@cert.org>
Applications and Real-Time Area Directors:
Murray Kucherawy <superuser@gmail.com>
Francesca Palombini <francesca.palombini@ericsson.com>
Mailing list:
Address: scim@ietf.org
To subscribe: https://www.ietf.org/mailman/listinfo/scim
Archive: https://mailarchive.ietf.org/arch/browse/scim/
Group page: https://datatracker.ietf.org/group/scim/
Charter: https://datatracker.ietf.org/doc/charter-ietf-scim/
The System for Cross-domain Identity Management (SCIM) specifications provide
an HTTP-based protocol (RFC7643) and schema (RFC7644) that makes managing
identities in multi-domain scenarios easier. Since its publication in 2015,
SCIM has seen growing adoption.
The first goal of this working group is to incorporate implementation
experience; errata and interoperability feedback; and current security and
best practices into a revised version of RFC7643 (protocol) and RFC7644 (base
schema) suitable for consideration at the Internet Standard level of
specification maturity.
Additionally, implementation experience with SCIM has surfaced new use cases
and requirements. The WG will document them in a revision of RFC7642. The WG
will also consider publishing extensions to SCIM that have found broad
adoption. These extensions may include profiles and schemas for
interoperability in additional use cases.
The currently planned scope of work for the SCIM WG is:
* Revision of RFC 7642 that will:
* Focus on Use cases and implementation patterns
* Pull vs. Push based use cases
* Events and signals use cases
* Deletion use cases
* New use cases may be added to the revised RFC
* Revision of RFC 7643 and 7644 that will include:
* Profiling SCIM relationships with other identity-centric protocols such
as OAuth 2.0, OpenID Connect, Shared Signals, and Fastfed * Updates to
the evolution of the externalid usage
* Updates to account state for capturing context of the state or
change in state of the users account
* Multi-Value Query Filtering and Paging (based on draft-hunt-scim-mv-paging)
* Define a method for coordinating resources between domains:
* Incremental approach to synchronization
* Consider building off of RFC8417 and draft-hunt-idevent-scim
* Support for deletion-related goals including:
* Handling Deletes in SCIM Servers that don’t allow Deletes (Soft
Deletes) (based on draft-ansari-scim-soft-delete)
* Support for advanced automation scenarios such as:
* Discovery and negotiation of client credentials
* Attribute mapping
* Per-attribute schema negotiation
* Enhance the existing schema to support exchanging of HR, Enterprise group
and privileged access management (based on draft-grizzle-scim-pam-ext)
Milestones:
Dec 2021 - Working group adoption of I-D for revising RFC7642
Dec 2021 - Working group adoption of I-Ds for Soft Delete
Mar 2022 - Working group adoption of I-Ds (either new or existing) for
privileged access management
Mar 2022 - Working group adoption of I-Ds for Multi-valued paging
Mar 2022 - Working Group adoption of I-Ds for coordination/synchronization
between domains
Jun 2022 - Progress I-D revising RFC7642 to WGLC
Jun 2022 - Working group adoption of I-D revising RFC7643
Jun 2022 - Working group adoption of I-D revising RFC7644
Dec 2022 - Progress I-Ds for Soft Delete to WGLC
Dec 2022 - Progress I-Ds for Multi-valued paging to WGLC
Mar 2023 - Progress I-Ds (either new or existing) for privileged access
management to WGLC
Jun 2023 - Progress I-Ds for coordination/synchronization between domains
to WGLC
Jun 2023 - Progress I-D revising RFC7643 to WGLC
Jun 2023 - Progress I-D revising RFC7644 to WGLC
WG action announcement
WG Action Announcement
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: The IESG <iesg@ietf.org>,
scim-chairs@ietf.org,
scim@ietf.org
Subject: WG Action: Rechartered System for Cross-domain Identity Management (scim)
The System for Cross-domain Identity Management (scim) WG in the Applications
and Real-Time Area of the IETF has been rechartered. For additional
information, please contact the Area Directors or the WG Chair.
System for Cross-domain Identity Management (scim)
-----------------------------------------------------------------------
Current status: Proposed WG
Chairs:
Nancy Cam-Winget <ncamwing@cisco.com>
Assigned Area Director:
Roman Danyliw <rdd@cert.org>
Applications and Real-Time Area Directors:
Murray Kucherawy <superuser@gmail.com>
Francesca Palombini <francesca.palombini@ericsson.com>
Mailing list:
Address: scim@ietf.org
To subscribe: https://www.ietf.org/mailman/listinfo/scim
Archive: https://mailarchive.ietf.org/arch/browse/scim/
Group page: https://datatracker.ietf.org/group/scim/
Charter: https://datatracker.ietf.org/doc/charter-ietf-scim/
The System for Cross-domain Identity Management (SCIM) specifications provide
an HTTP-based protocol (RFC7643) and schema (RFC7644) that makes managing
identities in multi-domain scenarios easier. Since its publication in 2015,
SCIM has seen growing adoption.
The first goal of this working group is to incorporate implementation
experience; errata and interoperability feedback; and current security and
best practices into a revised version of RFC7643 (protocol) and RFC7644 (base
schema) suitable for consideration at the Internet Standard level of
specification maturity.
Additionally, implementation experience with SCIM has surfaced new use cases
and requirements. The WG will document them in a revision of RFC7642. The WG
will also consider publishing extensions to SCIM that have found broad
adoption. These extensions may include profiles and schemas for
interoperability in additional use cases.
The scope of work for the SCIM WG is:
* Revision of RFC7642 that will:
* Focus on Use cases and implementation patterns
* Pull vs. Push based use cases
* Events and signals use cases
* Deletion use cases
* New use cases may be added to the revised RFC
* Revision of RFC7643 and RFC7644 that will include:
* Profiling SCIM relationships with other identity-centric protocols such
as OAuth 2.0, OpenID Connect, Shared Signals, and Fastfed * Updates to
the evolution of the externalid usage
* Updates to account state for capturing context of the state or
change in state of the users account
* Multi-Value Query Filtering and Paging (will use draft-hunt-scim-mv-paging
as input) * Define a method for coordinating resources between domains:
* Incremental approach to synchronization
* Consider building off of RFC8417 and draft-hunt-idevent-scim
* Support for deletion-related goals including:
* Handling Deletes in SCIM Servers that don’t allow Deletes (Soft
Deletes) (will use draft-ansari-scim-soft-delete as input)
* Support for advanced automation scenarios such as:
* Discovery and negotiation of client credentials
* Attribute mapping
* Per-attribute schema negotiation
* Enhance the existing schema to support exchanging of human resources,
enterprise group and privileged access management (will use
draft-grizzle-scim-pam-ext as input)
Milestones:
Dec 2021 - Working group adoption of I-D for revising RFC7642
Dec 2021 - Working group adoption of I-Ds for Soft Delete
Mar 2022 - Working group adoption of I-Ds (either new or existing) for
privileged access management
Mar 2022 - Working group adoption of I-Ds for Multi-valued paging
Mar 2022 - Working Group adoption of I-Ds for coordination/synchronization
between domains
Jun 2022 - Progress I-D revising RFC7642 to WGLC
Jun 2022 - Working group adoption of I-D revising RFC7643
Jun 2022 - Working group adoption of I-D revising RFC7644
Dec 2022 - Progress I-Ds for Soft Delete to WGLC
Dec 2022 - Progress I-Ds for Multi-valued paging to WGLC
Mar 2023 - Progress I-Ds (either new or existing) for privileged access
management to WGLC
Jun 2023 - Progress I-Ds for coordination/synchronization between domains
to WGLC
Jun 2023 - Progress I-D revising RFC7643 to WGLC
Jun 2023 - Progress I-D revising RFC7644 to WGLC