Definition of a Uniform Resource Name (URN) Namespace
for the Schema for Academia (SCHAC)
University of Malaga
Avd. Cervantes, 2MalagaE-29071MalagaSpain+34-95-213-2366 victoriano@uma.es http://www.uma.es/
The University of Queensland
r.mcduff@uq.edu.auhttp://www.uq.edu.au/
This document describes a Uniform Resource Name (URN)
namespace for the Schema for Academia (SCHAC).
This namespace is for naming persistent resources defined by
the SCHAC international activity participants, their working groups
and other designated subordinates. The namespace main use will
be the creation of controlled vocabulary values for attributes in the
SCHAC schema. This values will be associated to particular instances
of persons or objects belonging to any of the SCHAC object classes.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in
this document are to be interpreted as described
in RFC 2119.
The SCHAC international activity was born inside the TF-EMC2
middleware task force of the Trans European Research and
Education Network Association.
The initial aim of SCHAC was to harmonise the disjoint person
schemas of the participating countries in order to have a common
way for expressing data about persons, exchanged between educational
organizations. SCHAC, as other person schemas, is designed to ease the
sharing of information about a given individual between parties, mostly,
but not limited to, educational and research institutions. The main
aims of this sharing are: to provide resources to individuals and to
allow said individuals to move, virtually and physically, between
such institutions. Thus, the SCHAC schema was defined with input
from all participants' national person schemas.
SCHAC does not supplant other person schemas such as
organizationalPerson ,
inetOrgPerson or
eduPerson ,
it extends those where needed for the purposes of
Higher Education outside the United States.
This characteristic has made SCHAC, originally
an European effort, useful for groups outside Europe.
schac
Registration Version Number 1
Registration Date: 2008-11-07
European Committee for Academic Middleware
TERENA
ATTN: Licia Florio
Singel
Amsterdam
The Netherlands
Email: florio@terena.org
Phone:
Contact: Victoriano Giralt
Affiliation: University of Malaga
Central ICT Services
Blvd. Louis Pasteur, 33
Campus de Teatinos
29071 Malaga
Spain
Email: victoriano@uma.es
Phone: +34 95 213 2366
The Namespace Specific Strings (NSS) of all URNs assigned by
SCHAC will conform to the syntax defined in section 2.2 of RFC
2141, "URN Syntax".
In addition, all SCHAC URN NSSs will consist of a left-to-right
series of tokens delimited by colons. The left-to-right sequence
of colon-delimited tokens corresponds to descending nodes in
a tree. To the right of the lowest naming authority node,
there may be zero, one, or more levels of hierarchical naming
nodes terminating in a rightmost leaf node. See the section
below entitled "Identifier assignment" for more on the semantics
of NSSs. This syntax convention is captured in the following
normative ABNF rules for SCHAC NSSs (see RFC 5234):
The exclusion of the colon from the list of "other" characters
means that the colon can only occur as a delimiter between
string tokens. Note that this ABNF rule set guarantees that
any valid SCHAC NSS is also a valid RFC 2141 NSS.
None.
It is the responsibility of TERENA to guarantee uniqueness of
the names of immediately subordinate naming authorities. Each
lower-level naming authority in turn inherits the
responsibility of guaranteeing uniqueness of names in their
branch of the naming tree.
TERENA bears ultimate responsibility for maintaining the
usability of SCHAC URNs over time. This responsibility may be
delegated to subordinate naming authorities per the discussion
in the section below on identifier assignment. That section
provides a mechanism for the delegation to be revoked in the
case a subordinate naming authority ceases to function.
TERENA will create an initial series of immediately subordinate
naming authorities, and will define a process for adding to
that list of authorities. Each country with a representative in SCHAC
will be invited to designate a naming authority. Country specific
namespaces based on the country Internet TLD
will be assigned then to the designated authority.
The subordinated namespaces int and eu will remain under
TERENA authority, controlled by the SCHAC activity members,
for entities of global international or European interest.
There is also the possibility of granting subordinate namespaces
to multi-country organizations, in this case the organizational
Internet FQDN will be used as prefix.
As an example, an European level interest entity would be any value
related to information used in the Higher Education European Space,
or the so called Bologna process. Such entities will belong in the
eu subordinate namespace.
Global international entities could encompass values related to the
Grid comunity or values useful both for some European and Australian
universities. Such entities would belong in the int subordinate
namespace.
Examples of multicountry organizations include TERENA itself or an
association like EPI (educationalpolicy.org) that has members from
Australia, Canada and the US.
URNs intended for values of SCHAC attributes will include the
attribute name immediately after the NSS prefix, before any
geographical namespace delegation, such that any string can
convey information about the attribute for which it is a value.
For example, values for schacUserStatus, will be of the from:
Automated registry publication mechanisms will be provided if at
all possible, based on the work on distributed URN registries
done by the TF-EMC2 task force members.
Institutions and communities affiliated with SCHAC participants
may request that they be granted subordinate naming authority
status. Uniqueness of these namespaces under country
authority will be based on the requestor's Internet FQDN.
This subordination procedure SHOULD be carried along the
delegation chain, i.e., all entities that receive a delegated
namespace MUST have a valid FQDN and MUST publish an Internet
accessible URN value registry, if at all possible based on the URN
registry mechanisms designed by the TF-EMC2 task force members.
On at least an annual basis, TERENA will contact the liaisons or
directors of each immediately subordinate naming authority. If
there is no response, or if the respondent indicates that they
wish to relinquish naming authority, the authority over that
branch of the tree reverts to TERENA. This process will be
enforced recursively by each naming authority on its
subordinates. This process guarantees that responsibility for
each branch of the tree will lapse for less than one year, at
worst, before being reclaimed by a superior authority.
Lexical equivalence of two SCHAC namespace specific strings
(NSSs) is defined below as an exact, case-sensitive string
match. TERENA will assign names of immediately subordinate
naming authorities in lowercase only. This forestalls the
registration of two SCHAC-subordinate naming authorities whose
names differ only in case. Attribute names will use the same mixed
case format as in the schema definition.
TERENA will maintain a registry of all SCHAC assigned URN values,
both final and for delegation, on its Web site:
https://www.terena.org/urn
Delegation entries will have a pointer to the registry of the
subordinate naming authority. This SHOULD recurse down the
delegation tree, but registries for several delegated namespaces
MAY be maintained by a single naming authority.
All registries MUST publish their URNs over an HTTPS link.
Registries SHOULD consider the user interface implications of
their choice of CA, taking into account issues like browser
alerts and blind trust.
Lexical equivalence of two SCHAC Namespace Specific Strings
(NSSs) is defined as an exact, case-sensitive string match.
All SCHAC NSSs fully conform to RFC 2141 syntax rules for NSSs.
As specified in the "Identifier resolution" section above,
TERENA will maintain an index of all SCHAC assigned URNs on
its Web site https://www.terena.org/urn.
Presence in that registry or in any subordinate one implies that
a given URN is valid. Delegated naming authorities MUST guarantee
that values are valid in their assigned spaces.
Global.
There are no additional security considerations beyond those normally
associated with the use and resolution of URNs in general.
In order to guarantee the validity and origin of SCHAC-NSS URN values,
they MUST be published over HTTPS links.
Registration of an Namespace Identifier (NID) specific to SCHAC is
reasonable given the following considerations:
SCHAC would like to assign URNs to some very fine-grained
objects. This does not seem to be the primary intended use of
the XMLORG namespace (RFC 3120) ,
or the more tightly controlled OASIS namespace (RFC 3121)
.
SCHAC seeks naming autonomy. SCHAC is not a member of OASIS,
so becoming a subordinate naming authority under the
OASIS URN space is not an option. There is the MACE
namespace but the SCHAC development is done outside MACE
activity scope and thus the attributes and values
do not belong into the MACE namespace. Using the MACE
namespace requires the SCHAC namespace to be placed
under one of the SCHAC participants namespace,
which hinders its global scope.
SCHAC will want to assign URNs to non-XML objects as well.
That is another reason that XMLORG may not be an appropriate
higher-level naming authority for SCHAC.
Some of the already defined SCHAC attribute values have been assigned
URNs under the urn:mace:terena.org namespace. These values will enter a
deprecation cycle, with clear indication of them being replaced by
values under the new namespace once it is assigned. Anyhow,
RFC 3406 (which replaced RFC 2611) includes
an explicit statement that two or more URNs may point to the same
resource.
The assignment and use of identifiers within the namespace are open,
and the related rule is established by the SCHAC activity members.
Registration agencies (the next level naming authorities) will be the
National Research and Education Networks and established organizational
cross-border organizations that participate in SCHAC.
It is expected that the majority of the European NRENs,
their constituencies, participants in the Australian
Access Federation and some other international
activities make use of the SCHAC namespace.
After the establishment of the SCHAC namespace, TERENA will,
as soon as practical, establish a registry service (analogously to
other distributed pan-European services, like eduroam, PerfSONAR,
etc.) for the namespace clients.
In accordance with BCP 66 ,
IANA is asked to register the Formal URN Namespace 'schac' in
the Registry of URN Namespaces, using the registration template
presented in Section 2 of this document.
SCHAC is the result of the TERENA TF-EMC2 task force and many others
that have contributed ideas to the development of the schema.
This document has been discussed on the URN-NID list,
with the special help of Alfred Hoenes who has thoroughly reviewed
the documents and helped us correct errors and suggested
clarifications to the text.
SCHAC activity web siteTERENA TF-EMC2http://www.terena.org/activities/tf-emc2/schac.htmlCountry TLDsIANAhttp://www.iana.org/root-whois/eduPerson Object Class SpecificationInternet2http://www.nmi-edit.org/eduPerson/internet2-mace-dir-eduperson-200712.html