[Docs] [txt|pdf|xml|html] [Tracker] [Email] [Diff1] [Diff2] [Nits]

Versions: 00 01 02 03 04 05 06 RFC 6338

Network Working Group                                          V. Giralt
Internet-Draft                                              Univ. Malaga
Intended status: Experimental                                  R. McDuff
Expires: November 2, 2009                               Univ. Queensland
                                                             May 1, 2009

Definition of a Uniform Resource Name (URN) Namespace for the Schema for
                            Academia (SCHAC)

Status of this Memo

   This Internet-Draft is submitted to IETF in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at

   The list of Internet-Draft Shadow Directories can be accessed at

   This Internet-Draft will expire on November 2, 2009.

Copyright Notice

   Copyright (c) 2009 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents in effect on the date of
   publication of this document (http://trustee.ietf.org/license-info).
   Please review these documents carefully, as they describe your rights
   and restrictions with respect to this document.

Giralt & McDuff         Expires November 2, 2009                [Page 1]

Internet-Draft             SCHAC URN Namespace                  May 2009


   This document describes a Uniform Resource Name (URN) namespace for
   the Schema for Academia (SCHAC).

   This namespace is for naming persistent resources defined by the
   SCHAC international activity participants, their working groups and
   other designated subordinates.  The namespace main use will be the
   creation of controlled vocabulary values for attributes in the SCHAC
   schema.  This values will be associated to particular instances of
   persons or objects belonging to any of the SCHAC object classes.

Giralt & McDuff         Expires November 2, 2009                [Page 2]

Internet-Draft             SCHAC URN Namespace                  May 2009

Requirements Language

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   document are to be interpreted as described in RFC 2119[1].

Giralt & McDuff         Expires November 2, 2009                [Page 3]

Internet-Draft             SCHAC URN Namespace                  May 2009

1.  Introduction

   The SCHAC international activity was born inside the TF-EMC2
   middleware task force of the Trans European Research and Education
   Network Association.  The initial aim of SCHAC was to harmonise the
   disjoint person schemas of the participating countries in order to
   have a common way for expressing data about persons, exchanged
   between educational organizations.  SCHAC, as other person schemas,
   is designed to ease the sharing of information about a given
   individual between parties, mostly, but not limited to, educational
   and research institutions.  The main aims of this sharing are: to
   provide resources to individuals and to allow said individuals to
   move, virtually and physically, between such institutions.  Thus, the
   SCHAC schema was defined with input from all participants' national
   person schemas[4].

   SCHAC does not supplant other person schemas such as
   organizationalPerson [5], inetOrgPerson [6] or eduPerson [7], it
   extends those where needed for the pourposes of Higher Education
   outside the United States.  This characteristic has made SCHAC,
   originally an European effort, useful for groups outside Europe.

Giralt & McDuff         Expires November 2, 2009                [Page 4]

Internet-Draft             SCHAC URN Namespace                  May 2009

2.  Specification Template

   Namespace ID:


   Registration Information:

      Registration Version Number 1

      Registration Date: 2008-11-07

   Registrant of the namespace:

      European Committee for Academic Middleware
      ATTN: Licia Florio
      The Netherlands

      Email: florio@terena.org

      Contact: Victoriano Giralt
      Affiliation: University of Malaga
      Central ICT Services
      Blvd.  Louis Pasteur, 33
      Campus de Teatinos
      29071 Malaga

      Email: victoriano@uma.es
      Phone: +34 95 213 2366

   Syntactic structure:

      The Namespace Specific Strings (NSS) of all URNs assigned by SCHAC
      will conform to the syntax defined in section 2.2 of RFC 2141,
      "URN Syntax"[8].  In addition, all SCHAC URN NSSs will consist of
      a left-to-right series of tokens delimited by colons.  The left-
      to-right sequence of colon-delimited tokens corresponds to
      descending nodes in a tree.  To the right of the lowest naming
      authority node, there may be zero, one, or more levels of
      hierarchical naming nodes terminating in a rightmost leaf node.

Giralt & McDuff         Expires November 2, 2009                [Page 5]

Internet-Draft             SCHAC URN Namespace                  May 2009

      See the section below entitled "Identifier assignment" for more on
      the semantics of NSSs.  This syntax convention is captured in the
      following normative ABNF rules for SCHAC NSSs (see RFC 5234[2]):

            SCHAC-NSS    =   1*(subStChar) 0*(":" 1*(subStChar))

            subStChar    =   trans / "%" HEXDIG HEXDIG

            trans        =   ALPHA / DIGIT / other / reserved

            other        =   "(" / ")" / "+" / "," / "-" / "." /
                             "=" / "@" / ";" / "$" /
                             "_" / "!" / "*" / "'"

            reserved     =   "/" / "?" / "#"

      The exclusion of the colon from the list of "other" characters
      means that the colon can only occur as a delimiter between string
      tokens.  Note that this ABNF rule set guarantees that any valid
      SCHAC NSS is also a valid RFC 2141 NSS.

   Relevant ancillary documentation:


   Identifier uniqueness:

      It is the responsibility of TERENA to guarantee uniqueness of the
      names of immediately subordinate naming authorities.  Each lower-
      level naming authority in turn inherits the responsibility of
      guaranteeing uniqueness of names in their branch of the naming

   Identifier persistence:

      TERENA bears ultimate responsibility for maintaining the usability
      of SCHAC URNs over time.  This responsibility may be delegated to
      subordinate naming authorities per the discussion in the section
      below on identifier assignment.  That section provides a mechanism
      for the delegation to be revoked in the case a subordinate naming
      authority ceases to function.

Giralt & McDuff         Expires November 2, 2009                [Page 6]

Internet-Draft             SCHAC URN Namespace                  May 2009

   Identifier assignment:

      TERENA will create an initial series of immediately subordinate
      naming authorities, and will define a process for adding to that
      list of authorities.  Each country with a representative in SCHAC
      will be invited to designate a naming authority.  Country specific
      namespaces based on the country Internet TLD [9] will be assigned
      then to the designated authority.  The subordinated namespaces int
      and eu will remain under TERENA authority, controlled by the SCHAC
      activity members, for entities of global international or European
      interest.  There is also the possibility of granting subordinate
      namespaces to multi-country organizations, in this case the
      organizational Internet FQDN will be used as prefix.

      As an example, an European level interest entity would be any
      value related to information used in the Higher Education European
      Space, or the so called Bologna process.  Such entities will
      belong in the eu subordinate namespace.

      Global international entities could encompass values related to
      the Grid comunity or values useful both for some European and
      Australian universities.  Such entities would belong in the int
      subordinate namespace.

      Examples of multicountry organizations include TERENA itself or an
      association like EPI (educationalpolicy.org) that has members from
      Australia, Canada and the US.

      URNs intended for values of SCHAC attributes will include the
      attribute name immediately after the NSS prefix, before any
      geographical namespace delegation, such that any string can convey
      information about the attribute for which it is a value.  For
      example, values for schacUserStatus, will be of the from:

                 urn:schac:UserStatus:au: or

      Automated registry publication mechanisms will be provided if at
      all possible, based on the work on distributed URN registries done
      by the TF-EMC2 task force members.

      Institutions and communities affiliated with SCHAC participants
      may request that they be granted subordinate naming authority
      status.  Uniqueness of this namespaces under each country
      authority will be based on the requestor's Internet FQDN.  This

Giralt & McDuff         Expires November 2, 2009                [Page 7]

Internet-Draft             SCHAC URN Namespace                  May 2009

      subordination procedure SHOULD be carried along the delegation
      chain, i.e., all entities that receive a delegated namespace MUST
      have a valid FQDN and MUST publish an Internet accessible URN
      value registry, if at all possible based on the URN registry
      mechanisms designed by the TF-EMC2 task force members.

      On at least an annual basis, TERENA will contact the liaisons or
      directors of each immediately subordinate naming authority.  If
      there is no response, or if the respondent indicates that they
      wish to relinquish naming authority, the authority over that
      branch of the tree reverts to TERENA.  This process will be
      enforced recursively by each naming authority on its subordinates.
      This process guarantees that responsibility for each branch of the
      tree will lapse for less than one year, at worst, before being
      reclaimed by a superior authority.

      Lexical equivalence of two SCHAC namespace specific strings (NSSs)
      is defined below as an exact, case-sensitive string match.  TERENA
      will assign names of immediately subordinate naming authorities in
      lowercase only.  This forestalls the registration of two SCHAC-
      subordinate naming authorities whose names differ only in case.
      Attribute names will use the same mixed case format as in the
      schema definition.

   Identifier resolution:

      TERENA will maintain a registry of all SCHAC assigned URN values,
      both final and for delegation, on its Web site:
      https://www.terena.org/urn Delegation entries will have a pointer
      to the registry of the subordinate naming authority.  This SHOULD
      recurse down the delegation tree, but registries for several
      delegated namespaces MAY be maintained by a single naming

      All registries MUST publish their URNs over an HTTPS link.  The
      registries SHOULD present a certificate from a CA that is included
      in the majority of browsers, like TERENA SCS certificates.

   Lexical equivalence:

      Lexical equivalence of two SCHAC Namespace Specific Strings (NSSs)
      is defined as an exact, case-sensitive string match.

Giralt & McDuff         Expires November 2, 2009                [Page 8]

Internet-Draft             SCHAC URN Namespace                  May 2009

   Conformance with URN syntax:

      All SCHAC NSSs fully conform to RFC 2141 syntax rules for NSSs.

   Validation mechanism:

      As specified in the "Identifier resolution" section above, TERENA
      will maintain an index of all SCHAC assigned URNs on its Web site
      https://www.terena.org/urn.  Presence in that registry or in any
      subordinate one implies that a given URN is valid.  Delegated
      naming authorities MUST guarantee that values are valid in their
      assigned spaces.



Giralt & McDuff         Expires November 2, 2009                [Page 9]

Internet-Draft             SCHAC URN Namespace                  May 2009

3.  Security Considerations

   There are no additional security considerations beyond those normally
   associated with the use and resolution of URNs in general.

   In order to guarantee the validity and origin of SCHAC-NSS URN
   values, they MUST be published over HTTPS links.

Giralt & McDuff         Expires November 2, 2009               [Page 10]

Internet-Draft             SCHAC URN Namespace                  May 2009

4.  Namespace Considerations

   Registration of an Namespace Identifier (NID) specific to SCHAC is
   reasonable given the following considerations:

      SCHAC would like to assign URNs to some very fine-grained objects.
      This does not seem to be the primary intended use of the XMLORG
      namespace (RFC 3120) [10], or the more tightly controlled OASIS
      namespace (RFC 3121) [11].

      SCHAC seeks naming autonomy.  SCHAC is not a member of OASIS, so
      becoming a subordinate naming authority under the OASIS URN space
      is not an option.  There is the MACE namespace but the SCHAC
      development is done outside MACE activity scope and thus the
      attributes and values do not belong into MACE namespace.  Using
      the MACE namespace requires the schac namespace to be placed under
      one of the SCHAC participants namespace, which hinders its global

      SCHAC will want to assign URNs to non-XML objects as well.  That
      is another reason that XMLORG may not be an appropriate higher-
      level naming authority for SCHAC.

   Some of the already defined SCHAC attribute values have been assigned
   URNs under the urn:mace:terena.org namespace.  These values will
   enter a deprecation cycle, with clear indication of them being
   replaced by values under the new namespace once it is assigned.
   Anyhow, RFC 3406 [3] (which replaced RFC 2611) includes an explicit
   statement that two or more URNs may point to the same resource.

Giralt & McDuff         Expires November 2, 2009               [Page 11]

Internet-Draft             SCHAC URN Namespace                  May 2009

5.  Community Considerations

   The assignment and use of identifiers within the namespace are open,
   and the related rule is established by the SCHAC activity members.
   Registration agencies (the next level naming authorities) will be the
   National Research and Education Networks and established
   organizational cross-border organizations that participate in SCHAC.

   It is expected that the majority of the European NRENs, their
   constituencies, participants in the Australian Access Federation and
   some other international activities make use of the SCHAC namespace.

   After the establishment of the SCHAC namespace, TERENA will, as soon
   as practical, establish a registry service (analogously to other
   distributed pan-European services, like eduroam, PerfSONAR, etc.) for
   the namespace clients.

Giralt & McDuff         Expires November 2, 2009               [Page 12]

Internet-Draft             SCHAC URN Namespace                  May 2009

6.  IANA Considerations

   In accordance with BCP 66 [3], IANA is asked to register the Formal
   URN Namespace 'schac' in the Registry of URN Namespaces, using the
   registration template presented in Section 2 of this document.

   Note to RFC Editor: this section may be removed on publication as an

Giralt & McDuff         Expires November 2, 2009               [Page 13]

Internet-Draft             SCHAC URN Namespace                  May 2009

7.  References

7.1.  Normative References

   [1]   Bradner, S., "Key words for use in RFCs to Indicate Requirement
         Levels", BCP 14, RFC 2119, March 1997.

   [2]   Crocker, D. and P. Overell, "Augmented BNF for Syntax
         Specifications: ABNF", STD 68, RFC 5234, January 2008.

   [3]   Daigle, L., van Gulik, D., Iannella, R., and P. Faltstrom,
         "Uniform Resource Names (URN) Namespace Definition Mechanisms",
         BCP 66, RFC 3406, October 2002.

7.2.  Informative References

   [4]   TERENA TF-EMC2, "SCHAC activity web site".

   [5]   Sciberras, A., "Lightweight Directory Access Protocol (LDAP):
         Schema for User Applications", RFC 4519, June 2006.

   [6]   Smith, M., "Definition of the inetOrgPerson LDAP Object Class",
         RFC 2798, April 2000.

   [7]   MACE-Dir, "eduPerson Object Class Specification",
         December 2007.

   [8]   Moats, R., "URN Syntax", RFC 2141, May 1997.

   [9]   IANA, "Country TLDs".

   [10]  Best, K. and N. Walsh, "A URN Namespace for XML.org", RFC 3120,
         June 2001.

   [11]  Best, K. and N. Walsh, "A URN Namespace for OASIS", RFC 3121,
         June 2001.

Giralt & McDuff         Expires November 2, 2009               [Page 14]

Internet-Draft             SCHAC URN Namespace                  May 2009

Authors' Addresses

   Victoriano Giralt M.D.
   University of Malaga
   Avd. Cervantes, 2
   Malaga, Malaga  E-29071

   Phone: +34-95-213-2366
   Email: victoriano@uma.es
   URI:   http://www.uma.es/

   Dr. Rodney McDuff
   The University of Queensland

   Email: r.mcduff@uq.edu.au
   URI:   http://www.uq.edu.au/

Giralt & McDuff         Expires November 2, 2009               [Page 15]

Html markup produced by rfcmarkup 1.114, available from https://tools.ietf.org/tools/rfcmarkup/