[an error occurred while processing this directive] [an error occurred while processing this directive]

Charter

System for Cross-domain Identity Management (scim)
--------------------------------------------------

 Charter

 Current Status: Active

 Chairs:
     Morteza Ansari 
     Leif Johansson 

 Applications and Real-Time Area Directors:
     Ben Campbell 
     Alissa Cooper 
     Alexey Melnikov 

 Applications and Real-Time Area Advisor:
     Alexey Melnikov 

 Mailing Lists:
     General Discussion: scim@ietf.org
     To Subscribe:       https://www.ietf.org/mailman/listinfo/scim
     Archive:            https://mailarchive.ietf.org/arch/browse/scim/

Description of Working Group:

  The System for Cross-domain Identity Management (SCIM) working group
  will standardize methods for creating, reading, searching, modifying,
  and deleting user identities and identity-related objects across
  administrative domains, with the goal of simplifying common tasks
  related to user identity management in services and applications.
  
  "Standardize" does not necessarily mean that the working group will
  develop new technologies.  The existing specifications for "SCIM 1.0"
  provide RESTful interfaces on top of HTTP rather than defining a new
  application protocol.  That will be the basis for the new work.
  
  Today, distributed identity management across administrative domains
  is complicated by a lack of protocol and schema standardization
  between consumers and producers of identities.  This has led to a
  number of approaches, including error-prone manual administration and
  bulk file uploads, as well as proprietary protocols and mediation
  devices that must be adapted to each service for each organization.
  While there is existing work in the field, it has not been widely
  adopted for a variety of reasons, including a lack of common artifacts
  such as schema, toolsets, and libraries.
  
  The SCIM working group will develop the core schema and interfaces
  based on HTTP and REST to address these problems.  Initially, the
  group will focus on
  - a schema definition
  - a set of operations for creation, modification, and deletion of users
  - schema discovery
  - read and search
  - bulk operations
  - mapping between the inetOrgPerson LDAP object class (RFC 2798) and
   the SCIM schema
  
  It will follow that by considering extensions for client targeting of
  specific SCIM endpoints and SAML binding.  The approach will be
  extensible.
  
  The group will use, as starting points, the following drafts in the
  following ways:
      draft-scim-use-cases-00 as the initial use cases for SCIM
      draft-scim-core-schema-00 as the schema specification
      draft-scim-api-00 as the protocol specification
  
  These drafts are based on existing specifications, which together are
  commonly known as SCIM 1.0.  Because there is existing work with
  existing implementations, some consideration should be given to
  backward compatibility, though getting it right takes priority.  This
  group will consider the operational experience gathered from the
  existing work, as well as experiences with work done by other bodies,
  including the OASIS Provisioning TC.
  
  The use cases document will be a "living document", guiding the
  working group during its development of the standards.  The group may
  take snapshots of that document for Informational publication, to
  serve as documentation of the motivation for the work in progress
  and to similarly guide planning and implementation.
  
  The group will produce Proposed Standards for a schema, a REST-based
  protocol, and a SAML binding, as well as an Informational document
  defining an LDAP mapping. In doing so, the group will make the
  terminology consistent, identify any functional gaps that would be
  useful for future work, address internationalization, and provide
  guidelines and mechanisms for extensibility.
  
  In addition, the working group will ensure that the SCIM protocol
  embodies good security practices. Given both the sensitivity of the
  information being conveyed in SCIM messages and the regulatory
  requirements regarding the privacy of personally identifiable
  information, the working group will pay particular attention to issues
  around authorization, authenticity, and privacy.
  
  The group considers the following out of scope for this group:
      Defining new authentication schemes
      Defining new policy/authorization schemes


Goals and Milestones:
  Done     - Initial adoption of SCIM core schema
  Done     - Initial adoption of SCIM restful interface draft
  Nov 2012 - Initial adoption of SCIM LDAP inetOrgPerson mapping draft
  Dec 2012 - Proposal for client targeting of SCIM endpoints
  Feb 2013 - SCIM core schema to IESG as Proposed Standard
  Mar 2013 - Initial adoption of SCIM use cases, as a living document
  May 2013 - SCIM restful interface to IESG as Proposed Standard
  Jun 2013 - SCIM LDAP inetOrgPerson mapping to IESG as Informational
  Jul 2013 - Initial adoption of SCIM SAML bindings draft
  Aug 2013 - Client targeting of SCIM endpoints to IESG as Proposed Standard
  Sep 2013 - Snapshot update of SCIM use cases as Informational (possibly)
  Nov 2013 - SCIM SAML bindings to IESG as Proposed Standard
  Jan 2014 - Work completed; discuss re-charter

[an error occurred while processing this directive]