Date: Fri, 29 Mar 2024 11:26:54 +0000 (UTC)
Message-ID: <1505675130.45.1711711614294@wiki-prod.refeds.org>
Subject: Exported From Confluence
MIME-Version: 1.0
Content-Type: multipart/related;
boundary="----=_Part_44_928569154.1711711614293"
------=_Part_44_928569154.1711711614293
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Content-Location: file:///C:/exported.html
Schema Editorial Board Notes - 16 January 2023
Schema Editorial Board Notes - 16 January 2023
Attend=
ees:
Agenda
- Administrivia
- SEB nominations
- Open PRs and Issues
- https://github.com/REFEDS/eduperson
- https://github.com/voperson/voperson
- Subcommittee status
- only "active" subcommittee is voPerson
- SCHAC
- Malaysia SCHAC assignments
- we also have a question from Matthew Economou to answer, relating=
to his schacProjectMembership registration request (programme/org details =
given but no program name, etc)[and he also has a schema modification propo=
sal in the form of usingOID/URI as well as names for the schacProjectMember=
ship andschacProjectRole attributes....]
- Splitting out protocol profiles from schema - status?
- AOB
Notes
- Administrivia
- SEB nominations
- Open PRs and Issues
- https://github.com/REFEDS/eduperson
- https://github.com/REFEDS/eduperson/pull/17 -=
389 is a directory run by RedHat; slightly different to LDAP. PR has been =
accepted and closed.
- https://github.com/REFEDS/eduperson/issues/5=
- need to rename the current file, dropping the date, and then tag the cur=
rent version (v4.4.0). Heather and Benn will meet to determine how much his=
tory we have to work with, then Heather will drop a note to the schema-disc=
uss list advising of the change in filename and tagging releases; Heather a=
nd Benn will make the actual changes later.
- https://github.com/REFEDS/eduperson/issues/7=
- closed with "The spec contains the following: "It consists of a set of d=
ata elements or attributes about individuals within higher education, along=
with recommendations on the syntax and semantics of the data that may be a=
ssigned to those attributes""
- https://github.com/REFEDS/eduperson/issues/8=
- this may be a result of different LDAP services; Alan Buxey to do research for this
- https://github.com/voperson/voperson - these issues =
are really just documenting potential future items or other things that don=
't have much energy behind them. Progress will happen when people have a us=
e case that needs to be solved.
- There may be interest from EOSC, but it hasn't been clear how to indica=
te that interest. PRs are a good start or, alternatively, updates to the is=
sues indicating areas of interest.
- Subcommittee status
- only "active" subcommittee is voPerson - community hasn't put further t=
ime into this after the 2.0 release. This may change as EOSC offers input.<=
/li>
- SCHAC
- Malaysia SCHAC assignments
- we also have a question from Matthew Economou to answer, relating=
to his schacProjectMembership registration request (programme/org details =
given but no program name, etc)[and he also has a schema modification propo=
sal in the form of usingOID/URI as well as names for the schacProjectMember=
ship andschacProjectRole attributes....]
- The request to add a note on how to register is purely an editorial cha=
nge; the other part of his request is more a breaking change ("I don't unde=
rstand why these attributes' values cannot be essentially free form. I reco=
mmend expanding the definitions of schacProjectMembership and schacProjectR=
ole to include OID URNs and HTTP URLs as valid project and project role nam=
es (respectively), e.g., urn:oid:1.3.6.1.4.1.0.123 might represent a projec=
t and urn:oid:1.3.6.1.4.1.0.123.456 might represent a role within that proj=
ect, as might https://example.com/project and https://=
example.com/project/role.").
- The spec says that values should be registered, but there is nothing on=
record in the registry. Why are these values registered at all? Can we ass=
ign a namespace? Unclear if that's what's being asked for.
- Does he have a working implementation using OIDs?
- Should we be assigning namespaces with OIDs? Need to also stop conflati=
ng URL with URN and URI. Need to ask the REFEDS list. It will be quite a bi=
t of work to add this; need to know if it has value.
- Splitting out protocol profiles from schema - status?
- Any of the protocols that we would hope to pick this up have already cr=
eated a reference to the eduPerson spec. Splitting that out to get rid of t=
he LDAP-specific things, but that would create docs that wouldn't actually =
be useful for voPerson or OIDC info claims, JSON web tokens, etc. Given all=
that, is what we've done so far by creating the attribute dictionary suffi=
cient? There isn't a driving need to do this; voPerson started with this as=
an assumption, but it's not actually critical for anything else.
- 2018 white paper from the OIDCre working group: https://docs.google.com/document/d/=
1b-Mlet3Lq7qKLEf1BnHJ4nL1fq-vMe7fzpXyrq2wp08/edit
- One benefit of the LDAP schema is that it does offer very strict value =
formats. That said, there is divergence in how different protocols are impl=
ementing it. If LDAP is your integration protocol, this makes sense, but wh=
at's happening in practice is that integration protocols are now OIDC, SAML=
, etc, not directly through LDAP.
- Informal poll of SEB members says there is not enough energy to fully s=
plit the protocols from the schema, but we are uncertain about expanding th=
e attribute dictionary
- AOB
------=_Part_44_928569154.1711711614293--