...
Work Item 6 | Protocol specific markup | ||||||
---|---|---|---|---|---|---|---|
Date Added / Date Completed | Discussed on Schema Editorial Board Notes, 7 February 2020, Schema Editorial Board Notes, 12 March 2020 | ||||||
Description | Reformat the specification to include new markup that would make it easier to extract mechanically extract the examples into a protocol appropriate set | ||||||
People | Proposed by Alan Buxey | ||||||
Approved by the Schema Board |
...
Work Item 7 | Expand Attribute Values | ||||||
---|---|---|---|---|---|---|---|
Date Added / Date Completed | Discussed on Schema Editorial Board Notes, 7 February 2020, Schema Editorial Board Notes, 12 March 2020 | ||||||
Description | Check for some possible notes from Internet2's Tech Ex 2019. Affiliations, in particular, could use potential expansion (though maybe groups are a better way to handle the many variances of affiliation possibilities). This is something we should explore with the community to figure out what they need us to do. Some federations have done this on a federation-specific level. Board must reach out to learn more about what federations that are doing this on a local level are doing and why. | ||||||
People | Proposed by Miro Milinovic | ||||||
Approved by the Schema Board Anchor | | Work Item 8 | Work Item 8 | Work Item 8AcademicID | |||
Date Added / Date Completed | Discussed on Schema Editorial Board Notes, 7 February 2020 | ||||||
Description | Consider adding AcademicID to a schema (the way we have ORCID). Maybe this belongs in SCHAC? | ||||||
People | Proposed by Miro Milinovic | ||||||
Alan Buxey and Heather Flanagan will put together a schema subcommittee to discuss and come up with a proposal |
Closed Items
| Change the opening paragraph in section 1.2 before the "glossary" style portion discussing identifier concepts to the following (it splits the text apart and inserts a discussion of protocol-specific IDs in the middle) | ||||||
---|---|---|---|---|---|---|---|
Date Added / Date Completed | Proposed on 28 March 2019 | ||||||
Description | "Among the most common and useful personal attributes are identifiers. An identifier is an information element that is specifically designed to distinguish each entry from its peers in a particular set. While almost any information in an entry may contribute to differentiating it from similar entries, identifiers are intentionally designed to do this. It is common for entries to contain several different identifiers, used for different purposes or generated by different information sources. Note that while the eduPerson specification includes a number of generic identifier attribute types, it is increasingly common for individual security protocols such as OpenID Connect and SAML to define their own "standard" subject identifiers and related functionality. In some cases (e.g., SAML) this material has been explicitly informed by, and is a reaction to, problems or limitations arising from the application of the eduPerson-defined identifiers to federated authentication. In most cases, it is advisable to defer to a particular protocol's specifications to understand what constitutes best practice in that particular context. It may often be reasonable to map usage of eduPerson Identifiers have a number of characteristics that help to determine appropriate usage. The following comments are offered to help clarify some points of definition for these various identifiers. These concepts are also referred to in various attribute descriptions." | ||||||
People | Proposed by Scott Cantor | ||||||
Approved by the Schema Board | The following change was approved by the Schema Board on the 3 June 2019 call: 1.2. Identifier Concepts Among the most common and useful personal attributes are identifiers. An identifier is an information element that is specifically designed to distinguish each entry from its peers in a particular set. While almost any information in an entry may contribute to differentiating it from similar entries, identifiers are intentionally designed to do this. It is common for entries to contain several different identifiers, used for different purposes or generated by different information sources. Note that while the eduPerson specification includes a number of generic identifier attribute types, it is increasingly common for individual security protocols such as OpenID Connect and SAML to define their own protocol-specific subject identifiers and related functionality. In some cases (e.g., SAML) this material has been explicitly informed by, and is a reaction to, problems or limitations arising from the application of the eduPerson-defined identifiers to federated authentication. In most cases, it is advisable to defer to a particular protocol's specifications to understand what constitutes best practice in that particular context. It may often be reasonable to map usage of eduPerson identifiers into a protocol, but be aware that there may be subtle differences to account for when mapping to multiple protocols such as SAML and OpenID Connect. Identifiers have a number of characteristics that help to determine appropriate usage. The following comments are offered to help clarify some points of definition for these various identifiers. These concepts are also referred to in various attribute descriptions. |
...
| Adding a prominent note to the top of the eduPersonTargetedID definition | ||||||
---|---|---|---|---|---|---|---|
Date Added / Date Completed | Proposed on 28 March 2019 | ||||||
Description | "NOTE: eduPersonTargetedID is DEPRECATED and will be removed from a future version of this specification. Its equivalent definition in SAML 2.0 has been replaced by a new specification for standard Subject Identifier attributes [Ref TBD], one of which ("urn:oasis:names:tc:SAML:attribute:pairwise-id") is a direct replacement for this identifier with a simpler syntax and safer comparison rules. Existing use of this attribute in SAML 1.1 or SAML 2.0, and the equivalent <NameID> Format of "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" should be phased out in favor of the new Subject Identifier attributes." | ||||||
People | Proposed by Scott Cantor | ||||||
Approved by the Schema Board | The following changes to eduPersonTargetedID notes were approved by the Schema Board on the 29 August 2019 call: NOTE: eduPersonTargetedID is DEPRECATED and will be marked as obsolete in a future version of this specification. Its equivalent definition in SAML 2.0 has been replaced by a new specification for standard Subject Identifier attributes [http://docs.oasis-open.org/security/saml-subject-id-attr/v1.0/csprd03/saml-subject-id-attr-v1.0-csprd03.pdf], one of which ("urn:oasis:names:tc:SAML:attribute:pairwise-id") is a direct replacement for this identifier with a simpler syntax and safer comparison rules. Existing use of this attribute in SAML 1.1 or SAML 2.0 should be phased out in favor of the new Subject Identifier attributes." |
Work Item 8 | AcademicID | ||||||
---|---|---|---|---|---|---|---|
Date Added / Date Completed | Discussed on Schema Editorial Board Notes, 7 February 2020, Schema Editorial Board Notes, 12 March 2020 | ||||||
Description | Consider adding AcademicID to a schema (the way we have ORCID). Maybe this belongs in SCHAC? | ||||||
People | Proposed by Miro Milinovic | ||||||
Approved by the Schema Board | The Schema Board does not accept this proposal at this time. The group consensus is to deal with requests for new unique identifiers on a case by case basis; will reconsider if we see a number of requests coming in. |