IETF
scim@jabber.ietf.org
Thursday, 29 March 2012< ^ >
Room Configuration

GMT+0
[06:20:52] Mani joins the room
[06:21:38] Mani leaves the room
[06:58:59] Melinda joins the room
[07:02:22] barryleiba joins the room
[07:03:07] <barryleiba> 'morning, Melinda
[07:03:28] <Melinda> Good morning (night here in Alaska). Are you in the room?
[07:03:38] m&m joins the room
[07:03:39] Sean Turner joins the room
[07:03:46] <barryleiba> Da
[07:03:56] hildjj joins the room
[07:04:12] naptee joins the room
[07:04:45] <Melinda> The volume is a little low
[07:05:02] <barryleiba> better?
[07:05:11] <hildjj> I'll channel your comments. Please prefix with "MIC:"
[07:05:19] <Melinda> Yup - thanks
[07:06:06] Sean Turner leaves the room
[07:06:13] stpeter joins the room
[07:06:23] smb joins the room
[07:06:32] stpeter has set the subject to: SCIM BoF, IETF 83
[07:06:42] tony.l.hansen joins the room
[07:06:56] wseltzer joins the room
[07:07:51] Roland Hedberg joins the room
[07:07:51] bkihara.l joins the room
[07:08:28] kazubu joins the room
[07:08:37] Sean Turner joins the room
[07:10:11] sue joins the room
[07:10:53] eburger joins the room
[07:11:01] sftcd joins the room
[07:11:33] resnick joins the room
[07:11:58] Karen O'Donoghue joins the room
[07:16:38] IETF joins the room
[07:16:41] sue leaves the room
[07:16:43] sue joins the room
[07:23:20] =JeffH joins the room
[07:27:00] pcl joins the room
[07:27:27] <smb> The WebEx session is now up.
[07:27:39] <stpeter> super
[07:27:59] <eburger> Is the WebEx chat tied into the Jabber room?
[07:28:05] <stpeter> no
[07:28:10] <stpeter> that would be nice, eh?
[07:28:22] <stpeter> take it to the remote participation BoF ;-)
[07:28:26] mnot joins the room
[07:28:28] <resnick> meetecho has that feature.
[07:28:31] <eburger> So if I want to follow the conversation, I have to fire up WebEx?
[07:28:42] Dan York joins the room
[07:28:47] <eburger> I know Meetecho does - they follow IETF standards :-)
[07:28:49] <stpeter> eburger: or the audio stream?
[07:29:11] <hildjj> we should talk to the WebEx team and ask them for XMPP support.
[07:29:15] <resnick> @eric: I guess you'll be going to the remote participation BOF Friday? ;)
[07:29:27] hildjj mutters to himself
[07:29:31] <eburger> Duh
[07:29:41] <eburger> Or, it is the plan.
[07:29:54] <eburger> @stpeter: do you know anyone at Cisco? :-)
[07:30:51] <stpeter> eburger: now that I don't have a dot, I'll get right to work on that :P
[07:31:01] <Melinda> What's being provided via webex that isn't through Jabber/audio? Just slides?
[07:31:55] <eburger> No idea - I'm not bothering to bring up the WebEx session if I'm in the room. Since you're remote, does anyone use the text box on WebEx?
[07:32:25] <hildjj> eburger: in general, no. don't know if they're doing it today, though.
[07:32:44] <Melinda> I've never seen anybody use it, but I've used webex with an IETF meeting maybe once. I think it's a real problem that it's not integrated with Jabber
[07:33:08] <eburger> Agreed. A topic for tomorrow!
[07:33:27] <resnick> I don't get this.
[07:33:28] <stpeter> BTW we're on Slide 5 "Solutions - Challenges"
[07:33:38] barryleiba leaves the room
[07:33:46] <resnick> Why would an assertion expire and you want to keep the identity?
[07:34:16] <stpeter> if you want to channel to the room, please prepend your question with "MIC"
[07:36:26] pcl leaves the room
[07:36:28] <eburger> Pete's at the Mic
[07:36:40] <eburger> Bob is doing the dynamic answering
[07:37:21] <hildjj> When pete gets back: it takes >24h to process the full list for one of our customers.
[07:37:57] cheevarat joins the room
[07:38:03] alexey.melnikov joins the room
[07:40:36] <stpeter> Hannes Tschofenig at the mic
[07:41:00] barryleiba joins the room
[07:45:03] <alexey.melnikov> Still not convinced that LDAP, with LDAP replication and/or sync via LDIF is not sufficient. SASL OAUTH can tie this web services.
[07:45:15] <stpeter> alexey.melnikov: are you in the physical room?
[07:45:20] <m&m> he is
[07:45:21] <alexey.melnikov> "I hate your tools, I will invent new ones" is not a good argument.
[07:45:26] <alexey.melnikov> I am
[07:45:27] <Sean Turner> okay a pet peeve: having "simple" or "lightweight" in the title. Can we please not do that - it won't be simple when we get done with it.
[07:45:27] <stpeter> alexey.melnikov: feel free to take that to the mic :)
[07:45:31] <eburger> Is there a bit of forum shopping here? Why not just do a schema in OASIS? OASIS does schemas.
[07:45:42] <resnick> He's shy, you know.
[07:45:43] <smb> Chair hat on: That's a comment for the later discussion
[07:45:59] <eburger> I've got it in my question queue :-)
[07:45:59] <stpeter> eburger: AFAIK these folks haven't talked to anyone else, so that's not forum shopping
[07:46:05] <hildjj> i bet nobody is going to care about the name
[07:46:09] <resnick> @smb: ack.
[07:46:31] <Sean Turner> @hildjj: hence why I typed it here and didn't say it at the mic ;)
[07:46:39] <mnot> Stop The CRUD!
[07:46:50] <stpeter> :)
[07:46:55] <m&m> heh
[07:46:55] <eburger> If you know a protocol is out there in a particular forum, and you say that it does not do a schema, and all it needs is a schema, wouldn't you ask to add a schema?
[07:47:10] <mnot> HTTP != CRUD
[07:47:22] <eburger> Judy @ mic
[07:47:43] <stpeter> HTTP = FUD, not CRUD ;-)
[07:47:53] <mnot> no, that was WS-*
[07:48:01] <m&m> /shudder
[07:48:20] <mnot> </evil_voice>
[07:48:38] <resnick> So the "M" in "SCIM" here really should be "moving", not "management", eh?
[07:48:42] <hildjj> eburger: one of the requirements is that it be easy to implement. OASIS is unlikely to prioritize that requirement, based on past performance
[07:49:01] <mnot> joe: word.
[07:49:11] <Melinda> Sean: I'd like to see "cloud" disappear
[07:49:16] <Melinda> That's completely inaudible
[07:49:23] <mnot> s/cloud/shiny/
[07:49:29] <resnick> Better Melinda?
[07:49:30] <alexey.melnikov> I agree that the word "cloud" is a distraction
[07:49:40] <alexey.melnikov> mnot: Yay!
[07:49:44] <Melinda> That's much better (audio)
[07:49:45] <stpeter> Melinda: I think someone in marketing came up with the name
[07:49:55] <mnot> I don't mind the cloud bit. It focuses a community, of sorts
[07:49:57] <stpeter> Melinda: the previous comment came from someone who did not come to the mic
[07:50:09] <hildjj> scalable contracts for identity metadata
[07:50:10] <resnick> Eliot repeated it.
[07:50:16] <Melinda> As nearly as I can tell they used a random buzzphrase generator for the name
[07:50:34] <Melinda> If SPML had gone anywhere this would be unnecessary, but it hasn't.
[07:50:41] <alexey.melnikov> <sarcasm>Maybe we should have a JSON encoding rules for LDAP</sarcasm>
[07:50:43] <stpeter> Melinda: it's fully buzzword compliant~
[07:50:52] <mnot> is there not yet an IETF WG acryonym generator online?
[07:51:04] <Sean Turner> @melinda: I tend to agree
[07:51:46] <m&m> maybe they used this: http://www.all-acronyms.com/special/acronym_generator
[07:51:51] <hildjj> alexy, feel freel to write an I-D for JER for ASN.1. But it's unlikely to meet the ease-of-implementation bar, and there's no existing code for either side of the conversation.
[07:52:27] <Melinda> In my previous gig we had bulk updates being generated out of a BANNER (Oracle) database, and from that they were generating sql updates and LDIF. It took two days to get smeone provisioned because of the 24-hour latency in each step.
[07:52:33] <stpeter> Slide 5 of second desk, here
[07:52:41] <stpeter> (BTW)
[07:53:12] <stpeter> Slide 6: Model
[07:53:12] <resnick> I'm trying hard to listen for "why we want to do this in the IETF". Not quite heard it yet. :-)
[07:53:47] <resnick> (BTW: If you want Steve or Bill to relay something to the room, prepend with "mic" so that they know.)
[07:53:53] <mnot> because most other orgs doing cloud work are just hand-waving, and this actually would help.
[07:54:08] <stpeter> Slide 7: Simple Structure
[07:54:15] <hildjj> mnot: exactly. there are app-layer interop issues to deal with.
[07:54:23] <Melinda> This isn't a "cloud" problem. Sorry to keep harping on that, but iI think that it's really misleading
[07:54:24] <hildjj> example: comparison of identifiers
[07:54:24] <eburger> A few times we've heard the data is "like vCard" however, the word vCard does not appear in the Schema document. Why not extensions to vCard?
[07:54:39] <hildjj> Melinda: assume that the words in the title will change.
[07:54:39] <resnick> @mnot: I guess my question is: They seem to be doing well now. Do they need the rest of us mucking up their work?
[07:54:51] <stpeter> eburger: it sounds like you have a lot of questions :)
[07:54:52] <stpeter> Slide 8: "Example: User"
[07:54:58] <barryleiba> Melinda: Yes, looks like DC stuff
[07:55:01] <m&m> there's enough bikesheds, let's not get too caught up in them right now
[07:55:06] <Melinda> I bet "cloud" won't be replaced with "enterprise," which is equally applicable.
[07:55:07] <hildjj> resnick: yes. they're asking for help to get the interop correct
[07:55:08] <eburger> @Melinda: but if they don't call it Cloud, then they can't have DIFFERENT solutions to the same problem.
[07:55:14] <smb> I'm seeing a lot of great questions I hope y'all will ask during the discussion period
[07:55:15] <mnot> pete: that's a good question, but they want a venue somewhere. I'd rather see it here; the chances of it being mucked up are far less than ost other places 9as long as they have a strong chair)
[07:55:16] <alexey.melnikov> For the record, LDAP schema is not flat. You can have a hierarchy of objects
[07:55:19] <Melinda> !! Eric ftw
[07:55:43] <eburger> :-)
[07:55:47] <stpeter> smb: I think there will be no lack of folks at the mic :)
[07:55:48] <resnick> @mnot/jhildebrand: Ack.
[07:55:59] <stpeter> we might need a separate mic line for eburger :)
[07:56:04] <stpeter> Slide 9: "Example: Ext User"
[07:56:12] <m&m> (-:
[07:56:19] <stpeter> Slide 10: "Example: Group"
[07:56:42] <hildjj> draft-zyp-json-schema
[07:57:12] <eburger> @smb: I assume I should hold the "why not vCard" as basis for schema question to the general discussion time? It isn't a clarifying question IMHO
[07:57:12] <stpeter> Slide 11: "Protocol"
[07:57:19] <smb> Correct.
[07:57:19] <resnick> @eburger: Indeed.
[07:57:31] <mnot> "bindings." Please.
[07:57:42] <mnot> grrrr
[07:57:42] <eburger> IETF newbie. We should be kind.
[07:57:54] <barryleiba> eburger:We'd really like to retire the vCard format anyway, in favour of XML or JSON.
[07:58:01] <stpeter> mnot: I think by "bindings" they mean "mappings"
[07:58:23] <eburger> @Barry: sigh. OK.
[07:58:23] <mnot> I know exactly what they mean. Hence the growl.
[07:58:39] <stpeter> barryleiba: isn't there an XML representation of vCard? ;-) RFC 6351
[07:59:00] <alexey.melnikov> stpeter: exactly (XML representation of vCards)
[07:59:17] <alexey.melnikov> Ok, so far I can only see some schema work
[07:59:26] <eburger> Right. So my question is back on the table :-)
[07:59:32] <barryleiba> vCard extensions... so we keep vcardDAV open
[07:59:37] <alexey.melnikov> If people just want to use HTTP, I think people should be honest about that
[07:59:45] pcl joins the room
[07:59:52] <mnot> varddav != HTTP. There, I said it.
[08:00:05] <hildjj> i'll note that when we discussed JSON encodings of vCard, nobody wanted to do the work.
[08:00:12] pcl leaves the room
[08:00:21] <hildjj> nor did we want to do vCard/LDAP mappings
[08:00:28] <resnick> We've got to convince them to skip "versioned".
[08:00:28] <barryleiba> Rather than HTTP, vCard over DAV
[08:00:31] <alexey.melnikov> hildjj: it is never late to do the JSON mapping
[08:00:34] <eburger> If it is all about interoperability, how could we POSSIBLY have two encodings?
[08:00:37] <m&m> cURL: the new "telnet" (client)
[08:00:42] <mnot> joe: many people want to do that (somewhere)
[08:00:46] <barryleiba> JSON mapping: +1
[08:00:46] <eburger> It must be EITHER JSON or XML. Can't be both.
[08:00:46] <alexey.melnikov> barryleiba: Yes, and we have a protocol for that ;-)
[08:00:47] pcl joins the room
[08:00:54] <stpeter> Slide 12: "Operations"
[08:00:59] <hildjj> eburger: disagree. but in practice, everyone will use JSON
[08:01:25] <hildjj> we could certainly constrain the scope to be JSON-only
[08:01:34] <stpeter> eburger: so you suggest that these guys should've used SPML <http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=provision> and then just defined a standard payload format for that?
[08:01:42] <mnot> what media type do they use for patch?
[08:01:51] <eburger> That's one option, unless SPML just doesn't work.
[08:02:01] <stpeter> eburger: good question
[08:02:02] <eburger> Or is "too hard"
[08:02:22] <resnick> The "why not use DAV" question is going to come up.
[08:02:24] <hildjj> mnot: it needs to be changed to be draft-ietf-appsawg-json-patch.
[08:02:30] <stpeter> Slide 13: "Discovery"
[08:02:39] <mnot> bulk: I think I just threw up in my mouth
[08:02:42] <eburger> Looks like HTTP binding ;-)
[08:02:48] <eburger> (slide on screen)
[08:03:31] <stpeter> Slide 14: "Create Request"
[08:04:13] <hildjj> whoever's computer keeps beeping, can you please mute?
[08:04:14] <eburger> There's the answer: JSON mandatory to implement, XML optional. Therefore, JSON.
[08:04:18] <stpeter> Slide 15: "Create Response"
[08:04:21] <eburger> Beep
[08:04:41] <hildjj> BXXP?
[08:04:41] <stpeter> Slide 16: "Get Request"
[08:04:52] <pcl> (hildjj: evidently not)
[08:05:05] resnick has BEEP flashbacks
[08:05:07] <stpeter> ooh, a BEEP binding
[08:05:09] <stpeter> Slide 17: "Get Response"
[08:05:12] <eburger> hee hee
[08:05:15] <barryleiba> too much detail here
[08:05:26] <m&m> I wonder if the type is expected to be keyed by "Accept:" or by extension?
[08:05:38] <hildjj> barryleiba: agree. if we're short on time, the chairs might decide to move this along.
[08:05:40] <stpeter> Slide 18: "Filter Request"
[08:05:41] <resnick> PBSD. Post BEEP Stress Disorder
[08:05:43] <m&m> but I don't wonder enough to go to a mic d-:
[08:06:01] <pcl> moving myself to the mic is a significant operation this morning...
[08:06:03] <smb> We're doing fine on time -- this session was planned to go till 10:20
[08:06:03] <=JeffH> is PATCH in the httpbis specs? is in rfc2068 afict
[08:06:04] <mnot> if they want to negotiation, it'd be better to use agent-driven negotiation (i.e., links)
[08:06:07] <stpeter> Slide 19: "Filter Response"
[08:06:07] <mnot> no
[08:06:10] <mnot> 5789
[08:06:12] <hildjj> m&m: the draft says either
[08:06:32] <stpeter> Slide 20: "Protocol Extensibility"
[08:06:43] Ralph Droms joins the room
[08:07:14] <stpeter> Slide 21: "XML Schema"
[08:07:15] <resnick> Why is versioning good?
[08:07:15] <alexey.melnikov> Let's not kid ourselves: because we switched the format for JSON and the protocol to HTTP, it doesn't magically make provisioning work within 24 hours. Sorry
[08:07:32] <pcl> versioning is good because we're going to get something wrong and need a new version later
[08:07:39] <barryleiba> JSON AND XML?
[08:07:40] <pcl> pragmatic, not elegant
[08:07:42] <stpeter> Slide 22: "Security Considerations"
[08:07:49] <mnot> pete: good q. Versioning of HTTP apis is NOT what it seems (to most)
[08:07:53] <hildjj> alexey.melnikov: there's running code that suggests otherwise
[08:08:19] <stpeter> Slide 23: "Security: Protocol"
[08:08:43] <mnot> http://www.mnot.net/blog/2011/10/25/web_api_versioning_smackdown
[08:08:47] <=JeffH> rfc5789: PATCH Method for HTTP
[08:08:54] <=JeffH> thx
[08:08:54] <barryleiba> OAuth is NOT AUTHENTICATION!
[08:08:59] <mnot> jeff: note the new errata
[08:09:01] <resnick> He didn't get the memo about "We don't do MTI at IETF", eh?
[08:09:11] <eburger> Be nice, IETF newbie.
[08:09:13] <alexey.melnikov> hildjj: well, they didn't shop around for well performing solutions then
[08:09:16] <stpeter> Slide 24: "Security: User"
[08:09:20] <m&m> resnick: (-:
[08:09:39] <eburger> :-& :-& :-& :-& :-& :-& :-&
[08:09:40] <pcl> so I'm assuming that it's things like /v1 and then /v2 once there's a compatibility issue
[08:10:06] <pcl> i.e., /v1 evolves in a compatible manner until such a time that some endpoint needs to break
[08:10:10] <stpeter> Slide 25: "Hi/Low Fidelity Bindings"
[08:10:31] <barryleiba> OK, OIDC *is* authentication.
[08:10:49] <smb> we're enough ahead that we're going to stop here for some questions on this presentation.
[08:10:51] <stpeter> Slide 26: "Recap"
[08:11:08] <smb> (this is the last slide)
[08:11:48] <eburger> I would offer that we save the extra time for letting the tomatoes fly at the end.
[08:11:55] <stpeter> heh
[08:12:00] <m&m> lol
[08:12:17] <eburger> sigh
[08:13:04] <barryleiba> The jabber room has emptied into the mic line.
[08:13:13] <stpeter> heh
[08:13:25] <hildjj> first criteria: if you have a bunch of criteria, it's not simple.
[08:13:26] <barryleiba> Anyone remote want to be in the mic queue?
[08:13:38] <Melinda> Not really.
[08:13:43] <alexey.melnikov> hildjj: my employer does LDAP sync over email using LDIF (among other things) ;-). Obviously everybody *MUST use my tools* :-)
[08:14:24] <hildjj> If you can do the whole thing at the command line w/ curl, it might be simple
[08:14:26] <Melinda> I do think that the current architecture is a little more not-simple than it needs to be.
[08:14:37] <mnot> LDAP? Not Simple? WHAT?
[08:14:44] <m&m> hildjj: sounds like a Jeff Foxworthy tagline
[08:15:02] <hildjj> change the C in SCIM to "complex". let's move on.
[08:15:03] <Melinda> I'd be happy to spend the next 75 minutes discussing "simple."
[08:15:16] <hildjj> Some Complex Identity Mappings
[08:15:17] <m&m> bikeshed!
[08:15:26] <hildjj> m&m: totally
[08:15:38] <resnick> Super Complex Identity Movement protocol.
[08:15:38] <Dan York> "Anyone remote want to be in the mic queue?" No, sounds like you all have it covered really well. How many minutes were allocated for questions??? :-D
[08:16:10] <Melinda> I actually don't think it's "bikeshed," although it's definitely premature
[08:16:12] <Sean Turner> @ pete: ;)
[08:16:23] <alexey.melnikov> resnick: *Extended* Super Complex Identity Movement protocol
[08:16:42] <=JeffH> fundamentally: "identity" != "simple"
[08:16:50] <barryleiba> A good reason, but an unfortunate situation.
[08:17:04] <mnot> Mental note: make sure the chunked encoding is correct in my example slides
[08:17:16] <hildjj> it was SPDY, not HTTP
[08:17:26] <Sean Turner> ;)
[08:17:35] <alexey.melnikov> Q: "Why not NETCONF?" A: "Because we don't know about it" kinds of proof my point about "we don't like your tools"
[08:17:44] <resnick> The answer was "yes".
[08:17:54] <stpeter> alexey.melnikov: do feel free to head to the mic :)
[08:18:16] <hildjj> alexey.melnikov: it's a valid question to have them follow up on. you can't expect everyone to know everything.
[08:19:08] <barryleiba> hildjj: Yes, but it's not like Netconf is a secret, and it's an obvious thing to have considered.
[08:19:32] <barryleiba> It makes me wonder about how they've prepared for IETF proposal.
[08:19:35] <eburger> Don't worry, I have my pile of tomoatoes ready for the charter and IETF-applicability discussion
[08:19:44] <alexey.melnikov> hildjj: Yes, but I think people who did interop are not interested to switch the protocol at this point
[08:20:08] Roland Hedberg leaves the room
[08:20:18] <eburger> @alexi, that is what all consortia who bring stuff to IETF think. Then they get real.
[08:20:24] <mnot> barry: really? I wouldn't be able to describe netconf if pushed on the point.
[08:20:30] <stpeter> well, NETCONF is usually thought of as a protocol for the configuration of network devices, so it's not completely surprising that folks coming from another direction (web services / SPML replacement) might not have considered NETCONF
[08:20:33] <resnick> I'm not smart enough to ask the "Is this a DAV protocol?" question. Sounds like carddav to me (plus some additional operations), but not by bailiwick.
[08:20:40] <eburger> [I do intend to point out the length of time to get stuff done in the IETF. When they learn that, they may go forum shopping :-) ]
[08:20:50] <barryleiba> mnot: But you would know to look at it if you were doing something like this, would you not?
[08:20:52] <stpeter> eburger: :)
[08:20:53] <=JeffH> stpeter: agreed
[08:20:54] <mnot> if this goes DAV, I will lie down in the road.
[08:20:55] <m&m> heh
[08:21:05] <eburger> Mark: do you promise? :-)
[08:21:05] <mnot> barry: nope.
[08:21:12] <stpeter> Igor Feynberg at the mic
[08:21:15] <mnot> I am zero tolerance on DAV
[08:21:24] Roland Hedberg joins the room
[08:21:27] <hildjj> i have to say, i didn't think of NETCONF either.
[08:21:34] Tom Wesselman joins the room
[08:21:37] resnick leaves the room
[08:21:43] naptee leaves the room
[08:21:48] <barryleiba> "<mnot> I am zero tolerance on DAV" - We'll have to chat about this over dinner/wine
[08:22:01] <mnot> barry: cocktails, please :)
[08:22:08] <barryleiba> WFM
[08:22:24] <mnot> ... and Julian should be included.
[08:22:33] <barryleiba> All are welcome
[08:22:36] <stpeter> next presentation
[08:22:36] <eburger> Melinda: can you hear Phil?
[08:22:38] Karen O'Donoghue leaves the room: Replaced by new connection
[08:22:38] Karen O'Donoghue joins the room
[08:22:56] <Melinda> Very well - better than his predecessor
[08:23:02] <barryleiba> OK: time to flush old snark and ready the new.
[08:23:17] <stpeter> Phil Hunt talking about "Targeting"
[08:23:24] resnick joins the room
[08:23:25] <stpeter> Slide 1: "What is Targeting"
[08:24:30] <alexey.melnikov> So there is proposed schema for user entries, groups, resources, access controls. Will this list ever end? Are existing schema languages insufficient?
[08:25:40] <barryleiba> Alexey, I don't think they're talking about a new *language*.
[08:25:49] <barryleiba> Just new schemae.
[08:25:50] <=JeffH> agreed
[08:25:57] <mnot> +1
[08:26:11] <Melinda> I think the issue is that they need to provide a superset - the union of all attributes currently being provisioned.
[08:26:34] <stpeter> barryleiba: schemata, naturally :)
[08:26:47] <Melinda> I don't really understand why people keep mentioning ACLs as something to be provisioned. I don't usually associate those with "identity."
[08:26:53] <stpeter> Slide 2
[08:26:56] <barryleiba> PSA: da.
[08:27:10] <stpeter> Slide 3
[08:27:28] Linlin Zhou joins the room
[08:28:09] <stpeter> Slide 4
[08:28:32] <hildjj> note that this targeting stuff is additional; we could decide to do the core work without taking this on.
[08:28:46] stpeter nods to hildjj
[08:29:03] <stpeter> this is being presented as a possible extension path
[08:29:11] <stpeter> Slide 5
[08:29:16] pcl leaves the room
[08:29:17] <alexey.melnikov> barryleiba: schema language.
[08:29:23] <eburger> That was Elliot's loaded question: do we do this now or later
[08:29:30] <eburger> Later is the default
[08:29:49] <stpeter> eburger: later, if anyone has any energy left :)
[08:30:05] <alexey.melnikov> barryleiba: if I were do this with JSON over HTTP, I would have defined JSON mapping for LDAP schema. Plenty of good work on registering object classes and attributes there.
[08:30:29] <eburger> @Alexi: PLEASE go to the mic during discussion, if that really makes sense
[08:30:41] <hildjj> alexey.melnikov: would that mapping include a bunch of OIDs?
[08:30:43] <alexey.melnikov> barryleiba: I do hate "now I need to have a huge mapping table for attribute names to map this to LDAP"
[08:30:54] <alexey.melnikov> hildjj: no OIDs
[08:31:09] <resnick> I'm going to want to hear a lot about the entities in this ontology.
[08:31:10] resnick apologizes for the philosophy burp
[08:31:10] <alexey.melnikov> hildjj: just use LDAP attribute names
[08:31:31] <stpeter> resnick: is there an ontologist in the house?
[08:31:39] <eburger> Yes, but LDAP is enterprise, and this is for Cloud ;-)
[08:31:51] <stpeter> Slide 6
[08:32:01] <alexey.melnikov> eburger: Sigh. Yes. Not sufficiently shiny.
[08:32:03] <resnick> I'm an epistemologist man, not an ontologist.
[08:32:18] <eburger> proctologist?
[08:32:28] <m&m> ouch
[08:32:36] <mnot> I disagree. There is a LOT of cruft in LDAP that people shouldn't have to wade through.
[08:32:40] <barryleiba> ornithologist
[08:32:47] <hildjj> ew.
[08:32:48] <eburger> tweet tweet
[08:32:50] <barryleiba> Following feral fowl?
[08:32:59] <stpeter> Slide 7
[08:33:17] <hildjj> i don't like the idea of naming schemes for constructing URLs
[08:33:19] <resnick> My partner was one explaining to a friend that I studied epistemology. The friend asked, "So, he's going to be an OB/GYN?" Double-ouch.
[08:33:26] <resnick> s/one/once
[08:33:50] <hildjj> maybe a URL template would be a good idea.
[08:34:01] <m&m> hildjj: +1
[08:34:25] <alexey.melnikov> hildjj: yes. It was published as an RFC this week?
[08:34:37] <stpeter> URI templates: http://tools.ietf.org/html/rfc6570
[08:34:44] <mnot> finally
[08:34:45] <=JeffH> hildjj: +1
[08:34:48] <hildjj> w00t. needed that for something else
[08:34:52] <m&m> /whew
[08:35:15] <stpeter> I think we're getting too much detail on this possible targeting extension at this point
[08:35:19] <hildjj> particularly don't like clients introspecting URLs that they're redirected to.
[08:35:46] <m&m> stpeter: agreed
[08:35:48] <barryleiba> PSA: much too much detail in general in this and the last presentation
[08:36:06] pcl joins the room
[08:36:18] <stpeter> barryleiba: I didn't mind the examples on the core spec because they gave a flavor of the fundamentals
[08:36:29] <eburger> Actually not too bad: lots of never-evers in the room, and it's a good tutorial on what they've got.
[08:36:39] <eburger> It also ensure they get slammed at the end :-(
[08:36:46] <barryleiba> An example or two is fine, but running through all the protocol details is too much.
[08:36:53] <mnot> y
[08:36:56] <eburger> But, OK, PSA, Thanks
[08:37:06] <=JeffH> :)
[08:37:37] <hildjj> "it can be extended" was already pretty clear
[08:38:21] <stpeter> hildjj: rightio
[08:38:26] <m&m> /nod
[08:38:49] Dan York leaves the room
[08:39:32] <sue> why audio stream disrupt so often
[08:40:33] <hildjj> Cisco is a smaller Internet company. :)
[08:40:47] <Melinda> Than it used to be, sure.
[08:41:48] <hildjj> eberger: although i disagree that it can't be done, i agree that limiting the syntaxes is a good idea.
[08:42:34] <eburger> @Joe: I'm not saying it can't be done. I'm just being realistic that a brand new schema and protocol, in the IETF, will take five years from start to product.
[08:42:41] <eburger> Most of the target cloud providers will be long dead by then.
[08:42:48] <hildjj> +1. reducing the surface area will help with that.
[08:42:49] <stpeter> sue: not sure, we've had a lot of audio issues this week
[08:43:26] <eburger> And, @Joe, w.r.t. Cisco & Oracle: you will take TWO years from specs finished to interoperable products :-)
[08:43:27] <Melinda> I haven't had any problems tonight, but have previous nights. I tend to assume it's a network problem between here and there rather than an audio problem per se.
[08:43:38] <IETF> what does this have to do with Coud Identity per se? 2-3 years ago it would have been 'internet identity' or 'federated identity'. Is it meant as a draw to the BoF? Could have been "identiy management - including for the Cloud"
[08:43:44] <hildjj> eburger: i *wish* it only took 2 years. :)
[08:44:00] <barryleiba> Melinda: how is networking to AK usually?
[08:44:28] <eburger> I forgot to ask the LDAP Q. I'm in the Q to ask it.
[08:44:29] <hildjj> IETF: won't respond to anonymous questions. please reset your nick if you want me to comment
[08:44:32] <Melinda> Not that bad. There's a fat pipe between south central AK and Oregon
[08:44:40] <stpeter> hildjj: I can see people's real JIDs ;-)
[08:44:56] <hildjj> stpeter: i see it as anti-social behavior.
[08:45:12] <stpeter> hildjj: as do I
[08:45:14] <hildjj> many clients support "/nick foo"
[08:45:38] <IETF> sorry,..trying again...
[08:45:43] IETF leaves the room
[08:46:03] pcl is now known as foo
[08:46:03] foo is now known as pcl
[08:46:03] pcl is now known as foo
[08:46:26] Tom Wesselman leaves the room
[08:46:32] <foo> mmmmm…. foo!
[08:46:53] <barryleiba> /nick седая борода
[08:47:03] <foo> barry: yours does not
[08:47:04] <barryleiba> Hm, doesn't work in my client.
[08:47:19] <hildjj> XMPP is a good example of a protocol where we didn't have to do a requirements doc
[08:47:20] <barryleiba> Waddyagonnado?
[08:47:26] Mani joins the room
[08:47:37] <hildjj> requirements docs are often for WG's that can't otherwise make progress
[08:47:58] <alexey.melnikov> barryleiba: LOL
[08:48:09] <barryleiba> Alexey: did I get it right?
[08:48:11] <Melinda> I don't know about that, but I can't see the point of reverse-engineering requirements out of an existing protocol
[08:48:19] Mani leaves the room
[08:48:23] <alexey.melnikov> barryleiba: yes, it means "old beard"
[08:48:25] <hildjj> Melinda: +1
[08:48:38] <Sean Turner> I think req docs are a bit delay tactic sometimes
[08:48:49] <Sean Turner> /bit/bit of
[08:49:03] <m&m> "we have to show progress, so let's write a requirements doc!"
[08:49:07] <stpeter> hildjj: but we had RFC 2779 :)
[08:49:16] <hildjj> stpeter: oh right.
[08:49:21] foo is now known as pcl
[08:49:21] pcl is now known as foo
[08:49:24] <hildjj> and it slowed us down.
[08:49:54] <barryleiba> Req docs can focus people on the problem they're solving. But we should be wary of thinking we always need to do them, or that they always solve problems.
[08:50:06] <stpeter> barryleiba: +1
[08:50:18] Mani joins the room
[08:50:34] <stpeter> Mani: welcome back :)
[08:50:41] <Sean Turner> @barry: so much more eloquent than I - but totally agreed
[08:51:14] <eburger> So the answer is: all of your data formats are mine
[08:51:26] resnick leaves the room
[08:51:29] resnick joins the room
[08:51:32] <Mani> what does this have to do with Coud Identity per se? 2-3 years ago it would have been 'internet identity' or 'federated identity'. Is it meant as a draw to the BoF? Could have been "identiy management - including for the Cloud"
[08:51:33] <barryleiba> Eric: All your formats are belong to us.
[08:52:04] <hildjj> Mani: don't get hung up on the name. it's the easiest part to change.
[08:52:15] <Mani> agreed
[08:52:16] <resnick> I'm not so concerned about requirements as data model.
[08:52:28] <stpeter> EPP = http://tools.ietf.org/html/rfc5730
[08:52:55] <m&m> let's just call it Some Concatenation of Information Munging
[08:52:56] <hildjj> mnot: +1
[08:54:22] foo is now known as pcl
[08:54:22] pcl is now known as foo
[08:54:41] <hildjj> surprised nobody has asked about XCAP.
[08:54:49] <hildjj> *I* am not asking about XCAP.
[08:55:04] <eburger> XCAP is PROOF the IETF is not qualified to do schemas.
[08:55:50] <sue> then IETF is qualified to do what?
[08:55:53] <hildjj> suggestions as to where it could be done?
[08:56:01] <stpeter> eburger: XCAP is proof of something :)
[08:56:02] <Melinda> He mentioned OpenStack
[08:56:07] <hildjj> sue: it's not routing, so we can't do it?
[08:56:07] <Melinda> which is not unreasonable
[08:56:17] <eburger> I didn't pay him to say that :-)
[08:56:23] <hildjj> OpenStack doesn't have the expertise.
[08:56:42] <barryleiba> Eric or something was his name?
[08:56:44] <hildjj> OPEN standards orgs, please.
[08:56:45] <eburger> TMF does make sense...
[08:56:55] <m&m> hildjj: +1000
[08:56:56] <Melinda> I wouldn't know about that, but they're a cloud outfit and this is not a "cloud" problem
[08:56:59] <=JeffH> "we" have the cycles and expertise if a new effort brings new folks along with that expertise.
[08:57:11] <eburger> We have the cycles!!!?!!?!?!?!?!?
[08:57:12] <=JeffH> s/with/having/
[08:57:58] alexey.melnikov leaves the room
[08:58:07] cheevarat leaves the room
[08:59:24] foo is now known as pcl
[08:59:24] pcl is now known as foo
[08:59:45] <=JeffH> rlbob: +1
[08:59:56] <m&m> vote 5 for rlbob
[09:00:20] <barryleiba> m&m: we need the diebold bot in all the rooms
[09:00:39] cheevarat joins the room
[09:00:49] Dan York joins the room
[09:00:53] <m&m> barryleiba: ietfvote in all the meetings
[09:01:28] <Melinda> There we go
[09:02:41] <stpeter> "we reject voting..."
[09:03:21] Karen O'Donoghue leaves the room
[09:03:29] <hildjj> ietfkings, then.
[09:03:36] <m&m> stpeter: ietfhums
[09:03:36] <stpeter> :)
[09:04:17] <foo> groan
[09:04:27] foo is now known as pcl
[09:09:11] <resnick> gap analysis?
[09:09:28] pcl is now known as foo
[09:09:52] <=JeffH> gap is a possibly struggling faux-casual retailer.....
[09:10:27] <mnot> jeff: don't worry, it's cyclical
[09:10:43] <Melinda> yes <http://www.adfg.alaska.gov/index.cfm?adfg=fishregulations.sport>
[09:10:46] <Melinda> yes
[09:10:59] <sue> how many show hands
[09:11:09] <Melinda> yes
[09:11:10] <barryleiba> I hate when they misspell my name. Flrg. It's "i" before "e", except in "Leiba".
[09:11:21] <hildjj> almost everyone that raised their hands the first time
[09:11:57] <hildjj> either, neither, leiba, seize are 4 exceptions if you please
[09:12:19] <mnot> lol
[09:12:19] <=JeffH> receipt
[09:12:26] <stpeter> for the record, about 12-15 people raised their hands to write/edit, and about 30-40 raised their hands to review
[09:12:28] <mnot> that's the general after-c rule
[09:12:48] <eburger> Not an auspicious start if they spell the responsible AD's name wrong ;-)
[09:13:10] <hildjj> If it had been auto-provisioned, that wouldn't have happened.
[09:13:12] <stpeter> http://www.ietf.org/mail-archive/web/scim/current/msg00144.html
[09:13:17] <stpeter> scroll down
[09:13:51] <m&m> *cymbol crash*
[09:14:30] foo is now known as pcl
[09:14:42] Ralph Droms leaves the room
[09:15:18] <hildjj> "misspell it correctly"
[09:16:18] mnot leaves the room
[09:17:17] <hildjj> have we ever required a WG to do a why-not draft before?
[09:17:23] <hildjj> ever?
[09:17:46] <stpeter> hildjj: yeah, that sounds strange to me
[09:17:58] <hildjj> that sounds like a new way to play process-block to me.
[09:18:20] <smb> <nohat> It is common to have requirements documents; this is just another spin on that.
[09:18:54] <hildjj> this would explicitly be a !requirements draft. and have we ever *required* a requirements doc?
[09:19:03] <smb> yes
[09:19:18] <hildjj> for something that is as well-defined as this?
[09:19:32] pcl is now known as foo
[09:19:57] Linlin Zhou leaves the room
[09:22:46] foo leaves the room
[09:23:35] <eburger> If people are asking what is being done, it is clearly NOT well-defined.
[09:23:49] <smb> we've even had entire working groups for requirements; see, for example, http://www.ietf.org/dyn/wg/charter/history/rpsec-charter.2006-08-01.15.html
[09:23:53] resnick leaves the room
[09:24:02] <hildjj> people who HAVEN'T READ THE DRAFTS
[09:24:14] Dan York leaves the room
[09:24:25] <eburger> But I did ;-)
[09:24:39] <hildjj> smb: but we don't usually require it for problems that come in relatively well-defined.
[09:26:52] <hildjj> we have the precedent that it doesn't matter how many people don't want to do the work.
[09:26:57] <Melinda> !!!
[09:27:17] <Melinda> That interpretation sounded like he thought we were voting
[09:28:15] <Melinda> I don't know what I think about that, actually
[09:30:04] Roland Hedberg leaves the room
[09:30:13] m&m leaves the room: Disconnected: session closed
[09:30:14] hildjj leaves the room
[09:30:27] barryleiba leaves the room
[09:30:28] eburger leaves the room
[09:30:41] sue leaves the room
[09:30:44] sftcd leaves the room
[09:30:53] Melinda leaves the room
[09:31:17] cheevarat leaves the room
[09:31:28] smb leaves the room
[09:34:48] =JeffH leaves the room
[09:35:44] wseltzer leaves the room
[09:35:51] bkihara.l leaves the room
[09:38:09] kazubu leaves the room
[09:39:14] Mani leaves the room
[09:41:39] Linlin Zhou joins the room
[09:42:02] Linlin Zhou leaves the room
[09:42:44] Sean Turner leaves the room
[09:43:00] tony.l.hansen leaves the room
[09:47:58] Ralph Droms joins the room
[09:52:04] sftcd joins the room
[09:52:51] sftcd leaves the room
[09:56:57] tony.l.hansen joins the room
[10:02:14] Ralph Droms leaves the room
[10:03:20] stpeter leaves the room: Disconnected: connection closed
[10:11:13] Roland Hedberg joins the room
[10:11:22] pcl joins the room
[10:11:31] stpeter joins the room
[10:11:37] pcl leaves the room
[10:13:09] hildjj joins the room
[10:15:17] =JeffH joins the room
[10:15:29] =JeffH leaves the room
[10:26:04] Roland Hedberg leaves the room
[10:30:30] hildjj leaves the room
[10:36:17] stpeter leaves the room: Disconnected: connection closed
[10:44:34] m&m joins the room
[10:49:29] m&m leaves the room
[10:50:50] stpeter joins the room
[11:00:15] Roland Hedberg joins the room
[11:10:28] alexey.melnikov joins the room
[11:11:39] stpeter leaves the room
[11:13:09] Ralph Droms joins the room
[11:13:25] Mani joins the room
[11:13:36] Mani leaves the room
[11:15:15] Ralph Droms leaves the room
[12:27:23] Roland Hedberg leaves the room
[12:40:43] Roland Hedberg joins the room
[12:48:27] Roland Hedberg leaves the room
[13:03:44] alexey.melnikov leaves the room
[13:06:26] tony.l.hansen leaves the room
[13:21:05] tony.l.hansen joins the room
[13:31:43] Ralph Droms joins the room
[13:33:17] Ralph Droms leaves the room
[15:33:49] tony.l.hansen leaves the room
[15:43:18] Roland Hedberg joins the room
[15:51:20] tony.l.hansen joins the room
[16:23:54] Roland Hedberg leaves the room
[16:25:09] Roland Hedberg joins the room
[16:49:55] Roland Hedberg leaves the room
[17:41:03] tony.l.hansen leaves the room
[21:46:46] tony.l.hansen joins the room
[22:59:57] tony.l.hansen leaves the room
Powered by ejabberd Powered by Erlang Valid XHTML 1.0 Transitional Valid CSS!