A few issues were discovered in SCHAC 1.5.0 release.

PDF: 1.5.0 - 2015-04-12

On page 10 in 'schacHomeOrganizationType' Format

The format description does not make much sense like it is now. Especially the part 'and assigned by the SCHAC URN Registry for this attribute at ' does not match the context.
Also updating the reference to ISO3166-2 would make sense.
How about something like this?

Format: urn:schac:homeOrganizationType:<country-code>:<string> <country-code> = int

<string> MUST be registered in the [SCHAC-URN-Registry] <country-code> = valid two-letter [ISO3166-2] country code

<string> from a nationally controlled vocabulary, published through the URI identified at the [SCHAC-URN-Registry] 

Typo on page 10 in 'schacHomeOrganizationType' Examples

Correct (cf. SCHAC URN registry)

Outdated contact address on cover page


Broken link to TF-EMC2 on page 3

A missing '>' at the end of the link:

TF-EMC2 <http://www.terena.org/activities/tf-emc2and

Use the more specific ISO3166-2 reference

  • schacCountryOfCitizenship on page 7
  • schacHomeOrganizationType on page 10
  • schacCountryOfResidence on page 10
  • schacPersonalPosition on page 12

  • schacPersonalUniqueCode on page 13
  • schacPersonalUniqueID  on page 14
  • schacPersonalPosition on page 17

ISO 3166-2 is the correct specification for the two-character ISO3166 spec.


LDAP schema: schac v: 20150413-1.5.0

Eight outdated URN Registry References

In all eight cases the reference to the URN registry is labeled as 'TERENA URN Registry' and the URL has the outdated prefix:

  • schacHomeOrganizationType

  • schacPersonalPosition (twice)
  • schacPersonalUniqueCode
  • schacPersonalUniqueID
  • schacUserStatus
  • schacProjectMembership
  • schacProjectSpecificRole
SCHAC URN Registry

Outdated URNs in comments

There are 27 occurrences of example URNs using the outdated prefix




  • No labels

1 Comment

  1. "But wait there's more!"

    • p.12, schacPersonalPosition: "Format" and "References" link to a non-existing wiki page (correct would be SCHAC URN Registry).
    • p.13, schacPersonalUniqueCode: "References" has the same broken link as above (Format is correct there)

    Regarding the "missing" > in the TF-EMC2 link: In much of the document there are no angle brackets around URLs and in fact there's no need for any. (That's possibly a carry-over from plain-text days.) The section "About SCHAC" has them, the cover page or "Related work" doesn't, section "Attribute Classification" again has them, but none of the URLs within the main spec text have those, then section "Authorization, Entitlements" has them in the body text again, while section "Group-related Attributes" doesn't, etc.

    That last section also has a broken link to http://middleware.internet2.edu/dir/groups, another victim of The Great Internet2 Website Overhaul of (or since, really) 2013. The last working version is archived and most links there still work (i.e., are archived, too). The intention of that reference in the "Group-related Attributes" section of the SCHAC spec seemes to be to link to the "(Best) Practices in Directory Groups" document specifically, though, of which 2 PDF copies (one for A4 paper, one for letter) can now be found in the MACE-Dir wiki.

    Also, I wonder why Appendix A is needed at all, since a separate LDAP schema is published as part of the SCHAC 1.5 release (or vice versa: why the separate file when an LDAP schema is included in the spec). This way it's practically guaranteed to lead to (yet more) inconsistencies.