System for Cross-domain Identity Management: Definitions, Overview, Concepts, and Requirements
draft-ietf-scim-use-cases-08
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2015-09-22
|
08 | (System) | RFC Editor state changed to AUTH48-DONE from AUTH48 |
2015-09-03
|
08 | (System) | RFC Editor state changed to AUTH48 from RFC-EDITOR |
2015-08-21
|
08 | (System) | RFC Editor state changed to RFC-EDITOR from REF |
2015-07-26
|
08 | (System) | RFC Editor state changed to REF from RFC-EDITOR |
2015-07-13
|
08 | (System) | RFC Editor state changed to RFC-EDITOR from EDIT |
2015-07-02
|
08 | Jean Mahoney | Closed request for Telechat review by GENART with state 'No Response' |
2015-05-22
|
08 | Amy Vezza | IESG state changed to RFC Ed Queue from Approved-announcement sent |
2015-05-21
|
08 | (System) | RFC Editor state changed to EDIT |
2015-05-21
|
08 | (System) | Announcement was received by RFC Editor |
2015-05-21
|
08 | (System) | IANA Action state changed to No IC from In Progress |
2015-05-21
|
08 | (System) | IANA Action state changed to In Progress |
2015-05-20
|
08 | Amy Vezza | IESG state changed to Approved-announcement sent from Approved-announcement to be sent |
2015-05-20
|
08 | Amy Vezza | IESG has approved the document |
2015-05-20
|
08 | Amy Vezza | Closed "Approve" ballot |
2015-05-20
|
08 | Amy Vezza | Ballot approval text was generated |
2015-05-20
|
08 | Barry Leiba | IESG state changed to Approved-announcement to be sent from IESG Evaluation::AD Followup |
2015-05-07
|
08 | Kathleen Moriarty | [Ballot comment] Thank you very much for addressing each of my discusses and comments. The security and privacy consideration additions are much appreciated. |
2015-05-07
|
08 | Kathleen Moriarty | [Ballot Position Update] Position for Kathleen Moriarty has been changed to No Objection from Discuss |
2015-05-07
|
08 | Kepeng Li | New version available: draft-ietf-scim-use-cases-08.txt |
2015-05-02
|
07 | Kepeng Li | IANA Review state changed to Version Changed - Review Needed from IANA OK - No Actions Needed |
2015-05-02
|
07 | Kepeng Li | New version available: draft-ietf-scim-use-cases-07.txt |
2015-04-26
|
06 | Gunter Van de Velde | Closed request for Last Call review by OPSDIR with state 'No Response' |
2015-04-23
|
06 | Cindy Morgan | IESG state changed to IESG Evaluation::AD Followup from IESG Evaluation |
2015-04-23
|
06 | Kathleen Moriarty | [Ballot discuss] I had a discuss on section 3.4, that should be quick to clear up on privacy and security considerations. My concern is on … [Ballot discuss] I had a discuss on section 3.4, that should be quick to clear up on privacy and security considerations. My concern is on the requirements in section 3.4 and maybe it's a language issue where I am reading this differently than it was intended. If that's the case, it would be good to make sure the text and intent is clear. Current text: Requirements: o YourHR must ensure that the personal information generated by the local offices is timely available in a globally-accessible database. o Identity management of the personal data must be protected against unauthorised access and remain confidential to only authorised parties. o All operation with identity data must be securely logged. o The logs should be available for auditing. My concern is with bullets 1 & 2. To me, this reads as though personal information will be globally available and just the identity management information is protected. What is meant by globally available and are there some access restrictions? Sorry This was not in my review yesterday, I had a UI error. |
2015-04-23
|
06 | Kathleen Moriarty | Ballot discuss text updated for Kathleen Moriarty |
2015-04-23
|
06 | Kathleen Moriarty | [Ballot discuss] I had a discuss on section 3.4, that should be quick to clear up on privacy considerations. I'll write it up again shortly. |
2015-04-23
|
06 | Kathleen Moriarty | [Ballot Position Update] Position for Kathleen Moriarty has been changed to Discuss from No Objection |
2015-04-23
|
06 | Benoît Claise | [Ballot comment] - From the charter: The use cases document will be a "living document", guiding the working group during its development of … [Ballot comment] - From the charter: The use cases document will be a "living document", guiding the working group during its development of the standards. The group may take snapshots of that document for Informational publication, to serve as documentation of the motivation for the work in progress and to similarly guide planning and implementation. ... Mar 2013 - Initial adoption of SCIM use cases, as a living document Looking at the charter and the draft name, I was ready to ask: is this a living document? should it be published? Reading the draft, it contains way more than the use cases: concepts and requirements are included. Which means that, even if you add new use cases, the requirements will (hopefully) not change. This is a good reason to publish. You should really update the title, and potentially the abstract to match the content: a mix of use cases, requirements, some (framework type of level) concepts and flows. Don't get me wrong, it's not a bad thing to combine all these into a single document, and I enjoyed the read. Proposal: from "SCIM Definitions, Overview, and Flows" to something such as "SCIM Definitions, Overview, Concepts, and Requirements" - I'm certainly not an expert in identity management, but I understood the difference between SCIM and ABFAB as ABFAB = just in time provisioning, as opposed to SCIM = pre-provisioning (ok, except maybe in the SSO "special" use case). A few words on this in the intro would have helped me to put the right context. Editorial: - It's intent is to reduce -> Its intend is to reduce - C.R.U.D -> CRUD (since you have it in the acronym section) |
2015-04-23
|
06 | Benoît Claise | Ballot comment text updated for Benoit Claise |
2015-04-23
|
06 | Benoît Claise | [Ballot comment] - From the charter: The use cases document will be a "living document", guiding the working group during its development of … [Ballot comment] - From the charter: The use cases document will be a "living document", guiding the working group during its development of the standards. The group may take snapshots of that document for Informational publication, to serve as documentation of the motivation for the work in progress and to similarly guide planning and implementation. ... Mar 2013 - Initial adoption of SCIM use cases, as a living document Looking at the charter and the draft name, I was ready to ask: is this a living document? should it be published? Reading the draft, it contains way more than the use cases: concepts and requirements are included. Which means that, even if you add new use cases, the requirements will (hopefully) not change. This is a good reason to publish. You should really update the title, and potentially the abstract to match the content: a mix of use cases, requirements, some (framework type of level) concepts and flows. Don't get me wrong, it's not a bad thing to combine all these into a single document, and I enjoyed the read. Proposal: from "SCIM Definitions, Overview, and Flows" to something such as "SCIM Definitions, Overview, Concepts, and Requirements" - I'm certainly an expert in identity management, so maybe it's obvious to everybody. I understood the difference between SCIM and ABFAB as ABFAB = just in time provisioning, as opposed to SCIM = pre-provisioning (ok, except maybe in the SSO "special" use case). A few words on this in the intro would have helped me Editorial: - It's intent is to reduce -> Its intend is to reduce - C.R.U.D -> CRUD (since you have it in the acronym section) |
2015-04-23
|
06 | Benoît Claise | [Ballot Position Update] New position, No Objection, has been recorded for Benoit Claise |
2015-04-22
|
06 | Spencer Dawkins | [Ballot Position Update] New position, No Objection, has been recorded for Spencer Dawkins |
2015-04-22
|
06 | Alvaro Retana | [Ballot Position Update] New position, No Objection, has been recorded for Alvaro Retana |
2015-04-22
|
06 | Kathleen Moriarty | [Ballot comment] Section 2.4 I agree with Stephen's question on the assumption of using LDAP. If its' just an example, could you say that or … [Ballot comment] Section 2.4 I agree with Stephen's question on the assumption of using LDAP. If its' just an example, could you say that or abstract it from LDAP or a particular choice. Section 3.2 I agree with Stephen (his comment on security considerations section) that there should be some mention of regulatory concerns when moving identity information between jurisdictional regions (countries, state-by-state for regulations on privacy, and universities have additional regulations on personal information). This also applies to Section 3.4 (or likely all use cases) as personal information is discussed in that use case description. For section 3.4, you'd need to worry about where accounts are provisioned. Nit: Section 2.3.4 At the protocol level, this class of scenarios may result in the use of common protocol exchange patters between CSP-1 & CSP-2. s/patters/patterns/ |
2015-04-22
|
06 | Kathleen Moriarty | [Ballot Position Update] New position, No Objection, has been recorded for Kathleen Moriarty |
2015-04-22
|
06 | Deborah Brungard | [Ballot Position Update] New position, No Objection, has been recorded for Deborah Brungard |
2015-04-22
|
06 | Ben Campbell | [Ballot Position Update] New position, No Objection, has been recorded for Ben Campbell |
2015-04-22
|
06 | Stephen Farrell | [Ballot comment] - 2.1: "make ... easier" seems understated, presumably we care about interop, security, scaling etc. and it'd actually have been easier (in a … [Ballot comment] - 2.1: "make ... easier" seems understated, presumably we care about interop, security, scaling etc. and it'd actually have been easier (in a sense) to just have everyone follow one vendor or open-source thing. - 2.1, "It's intent" - the It's is a little ambiguous. - 2.2.1, last bullet: I don't get that. Are real-time things even in charter I wonder? (CHECK) - 2.2.2, Better to use example.com, example.net than FooBar.Inc etc unless there is a reason that the usual examples do not work. - 2.4, what is the impact for SCIM generally of "assuming" use of LDAP here? If that's just an example, that's fine (but it could be clarified), if it's more than that, then it'd be good to know what exactly is meant. - 3.1, file permissions seem to me to be out of scope of SCIM. Changing UIDs, UUIDs, or similar is in scope though but this section doesn't make that clear. (Put another way: I am correct that SCIM is not NFS, right? :-) - 3.3, as per my comment on 3.1, this is unclear as to what is in or out of scope of SCIM. - 3.5 you say "selected attributes" a number of times. Don't you need to say by whom and when? - 4: it'd be good if this explicitly called out that there can be privacy issues here that go beyond transport security, e.g. moving PII offshore between CSPs. I don't think you need say more than that, but it'd be worth doing I think. |
2015-04-22
|
06 | Stephen Farrell | [Ballot Position Update] New position, No Objection, has been recorded for Stephen Farrell |
2015-04-21
|
06 | Terry Manderson | [Ballot Position Update] New position, No Objection, has been recorded for Terry Manderson |
2015-04-21
|
06 | Jari Arkko | [Ballot Position Update] New position, No Objection, has been recorded for Jari Arkko |
2015-04-21
|
06 | Joel Jaeggli | [Ballot Position Update] New position, No Objection, has been recorded for Joel Jaeggli |
2015-04-20
|
06 | Martin Stiemerling | [Ballot Position Update] New position, No Objection, has been recorded for Martin Stiemerling |
2015-04-16
|
06 | Jean Mahoney | Request for Telechat review by GENART is assigned to Joel Halpern |
2015-04-16
|
06 | Jean Mahoney | Request for Telechat review by GENART is assigned to Joel Halpern |
2015-04-14
|
06 | (System) | IANA Review state changed to IANA OK - No Actions Needed from Version Changed - Review Needed |
2015-04-14
|
06 | Kepeng Li | IANA Review state changed to Version Changed - Review Needed from IANA OK - No Actions Needed |
2015-04-14
|
06 | Kepeng Li | New version available: draft-ietf-scim-use-cases-06.txt |
2015-04-14
|
05 | Barry Leiba | Placed on agenda for telechat - 2015-04-23 |
2015-04-14
|
05 | Barry Leiba | Changed consensus to Yes from Unknown |
2015-04-14
|
05 | Barry Leiba | IESG state changed to IESG Evaluation from Waiting for AD Go-Ahead |
2015-04-14
|
05 | Barry Leiba | Ballot has been issued |
2015-04-14
|
05 | Barry Leiba | [Ballot Position Update] New position, Yes, has been recorded for Barry Leiba |
2015-04-14
|
05 | Barry Leiba | Created "Approve" ballot |
2015-04-09
|
05 | Tero Kivinen | Request for Last Call review by SECDIR Completed: Has Nits. Reviewer: Magnus Nystrom. |
2015-04-07
|
05 | Pearl Liang | IESG/Authors/WG Chairs: IANA has reviewed draft-ietf-scim-use-cases-05, which is currently in Last Call, and has the following comments: We understand that, upon approval of this … IESG/Authors/WG Chairs: IANA has reviewed draft-ietf-scim-use-cases-05, which is currently in Last Call, and has the following comments: We understand that, upon approval of this document, there are no IANA Actions that need completion. While it is helpful for the IANA Considerations section of the document to remain in place upon publication, if the authors prefer to remove it, IANA doesn't object. If this assessment is not accurate, please respond as soon as possible. |
2015-04-07
|
05 | (System) | IANA Review state changed to IANA OK - No Actions Needed from IANA - Review Needed |
2015-04-07
|
05 | (System) | IESG state changed to Waiting for AD Go-Ahead from In Last Call |
2015-03-28
|
05 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Victor Fajardo |
2015-03-28
|
05 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Victor Fajardo |
2015-03-27
|
05 | Jean Mahoney | Request for Last Call review by GENART is assigned to Joel Halpern |
2015-03-27
|
05 | Jean Mahoney | Request for Last Call review by GENART is assigned to Joel Halpern |
2015-03-26
|
05 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Magnus Nystrom |
2015-03-26
|
05 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Magnus Nystrom |
2015-03-24
|
05 | Cindy Morgan | IANA Review state changed to IANA - Review Needed |
2015-03-24
|
05 | Cindy Morgan | The following Last Call announcement was sent out: From: The IESG To: IETF-Announce CC: Reply-To: ietf@ietf.org Sender: Subject: Last Call: (System for Cross-domain Identity Management … The following Last Call announcement was sent out: From: The IESG To: IETF-Announce CC: Reply-To: ietf@ietf.org Sender: Subject: Last Call: (System for Cross-domain Identity Management (SCIM) Definitions, Overview, and Flows) to Informational RFC The IESG has received a request from the System for Cross-domain Identity Management WG (scim) to consider the following document: - 'System for Cross-domain Identity Management (SCIM) Definitions, Overview, and Flows' as Informational RFC The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2015-04-07. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract This document provides definitions and an overview of the System for Cross-domain Identity Management (SCIM). It lays out the system's models and flows, and includes user scenarios, use cases, and requirements. The file can be obtained via http://datatracker.ietf.org/doc/draft-ietf-scim-use-cases/ IESG discussion can be tracked via http://datatracker.ietf.org/doc/draft-ietf-scim-use-cases/ballot/ No IPR declarations have been submitted directly on this I-D. |
2015-03-24
|
05 | Cindy Morgan | IESG state changed to In Last Call from Last Call Requested |
2015-03-24
|
05 | Barry Leiba | Last call was requested |
2015-03-24
|
05 | Barry Leiba | Last call announcement was generated |
2015-03-24
|
05 | Barry Leiba | Ballot approval text was generated |
2015-03-24
|
05 | Barry Leiba | IESG state changed to Last Call Requested from AD Evaluation::AD Followup |
2015-03-24
|
05 | (System) | Sub state has been changed to AD Followup from Revised ID Needed |
2015-03-24
|
05 | Kepeng Li | New version available: draft-ietf-scim-use-cases-05.txt |
2015-03-12
|
04 | Barry Leiba | IESG state changed to AD Evaluation::Revised I-D Needed from AD Evaluation |
2015-03-12
|
04 | Barry Leiba | Notification list changed to draft-ietf-scim-use-cases@ietf.org, draft-ietf-scim-use-cases.shepherd@ietf.org, draft-ietf-scim-use-cases.ad@ietf.org, scim-chairs@ietf.org, scim@ietf.org from scim-chairs@ietf.org, draft-ietf-scim-use-cases.ad@ietf.org, scim@ietf.org, draft-ietf-scim-use-cases@ietf.org, draft-ietf-scim-use-cases.shepherd@ietf.org, moransar@cisco.com |
2015-03-12
|
04 | Barry Leiba | IESG state changed to AD Evaluation from Publication Requested |
2015-03-12
|
04 | Barry Leiba | Ballot writeup was changed |
2015-03-12
|
04 | Barry Leiba | Ballot writeup was generated |
2015-03-12
|
04 | Amy Vezza | Notification list changed to scim-chairs@ietf.org, draft-ietf-scim-use-cases.ad@ietf.org, scim@ietf.org, draft-ietf-scim-use-cases@ietf.org, draft-ietf-scim-use-cases.shepherd@ietf.org, moransar@cisco.com from "Morteza Ansari" <moransar@cisco.com> |
2015-03-12
|
04 | Morteza Ansari | Summary ======= Document shepherd: Morteza Ansari Responsible AD: Barry Leiba Publication type: Informational The SCIM use cases document (draft-ietf-scim-use-cases-03) covers the core set … Summary ======= Document shepherd: Morteza Ansari Responsible AD: Barry Leiba Publication type: Informational The SCIM use cases document (draft-ietf-scim-use-cases-03) covers the core set of use cases discussed in the working group to be used as guidance in developing SCIM schema and API documents. Review and Consensus ==================== The document has been reviewed by the working group and . The active contributors is mostly done by a relatively small number of vendors. The current documents represent use cases for "version 2.0" of an existing standard that was developed at OpenWeb Foundation. The document has gone through WGLC and all comments were addressed during the WGLC. It is the view of the shepherd that the document should be published. Intellectual Property ===================== No issues Other Points ============ There are no downref issues. |
2015-03-12
|
04 | Morteza Ansari | Responsible AD changed to Barry Leiba |
2015-03-12
|
04 | Morteza Ansari | IETF WG state changed to Submitted to IESG for Publication from WG Consensus: Waiting for Write-Up |
2015-03-12
|
04 | Morteza Ansari | IESG state changed to Publication Requested |
2015-03-12
|
04 | Morteza Ansari | IESG process started in state Publication Requested |
2015-03-12
|
04 | Morteza Ansari | Changed document writeup |
2015-03-12
|
04 | Morteza Ansari | Notification list changed to "Morteza Ansari" <moransar@cisco.com> |
2015-03-12
|
04 | Morteza Ansari | Document shepherd changed to Morteza Ansari |
2015-03-05
|
04 | Kepeng Li | New version available: draft-ietf-scim-use-cases-04.txt |
2014-12-09
|
03 | Kepeng Li | New version available: draft-ietf-scim-use-cases-03.txt |
2014-08-18
|
02 | Leif Johansson | IETF WG state changed to WG Consensus: Waiting for Write-Up from In WG Last Call |
2014-06-18
|
02 | Kepeng Li | New version available: draft-ietf-scim-use-cases-02.txt |
2014-03-04
|
01 | Kepeng Li | New version available: draft-ietf-scim-use-cases-01.txt |
2014-02-16
|
00 | Leif Johansson | IETF WG state changed to In WG Last Call from WG Document |
2014-02-16
|
00 | Leif Johansson | Intended Status changed to Informational from None |
2013-08-30
|
00 | Kepeng Li | New version available: draft-ietf-scim-use-cases-00.txt |