One document matched: draft-greevenbosch-scim-vcard-mapping-01.txt
Differences from draft-greevenbosch-scim-vcard-mapping-00.txt
scim B. Greevenbosch
Internet-Draft Huawei Technologies
Intended status: Standards Track November 13, 2012
Expires: May 17, 2013
SCIM and vCard mapping
draft-greevenbosch-scim-vcard-mapping-01
Abstract
This document defines a mapping between Simple Cloud Identity
Management (SCIM) and vCard. It can be used for conversion between
the different schemes, or as guidance to select one of them.
Greevenbosch Expires May 17, 2013 [Page 1]
Internet-Draft SCIM/vCard mapping November 2012
Note
Discussion and suggestions for improvement are requested, and should
be sent to scim@ietf.org.
Status of this Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on May 17, 2013.
Copyright Notice
Copyright (c) 2012 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Greevenbosch Expires May 17, 2013 [Page 2]
Internet-Draft SCIM/vCard mapping November 2012
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4
2. Requirements notation . . . . . . . . . . . . . . . . . . . . 5
3. Mapping from SCIM attributes to vCard properties . . . . . . . 6
4. Mapping from vCard properties to SCIM attributes . . . . . . . 11
5. Mapping between SCIM and vCard IDs . . . . . . . . . . . . . . 16
6. Open issues . . . . . . . . . . . . . . . . . . . . . . . . . 17
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 18
8. Security Considerations . . . . . . . . . . . . . . . . . . . 19
9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 20
10. Normative References . . . . . . . . . . . . . . . . . . . . . 21
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 22
Greevenbosch Expires May 17, 2013 [Page 3]
Internet-Draft SCIM/vCard mapping November 2012
1. Introduction
The Simple Cloud Identity Management (SCIM) core schema
[I-D.scim-core-schema] defines a platform neutral data and extension
model for representing users of cloud services. SCIM core also
defines XML and JSON serialisations of the abstract schema.
This document defines a mapping between SCIM and vCard [RFC6350].
The mapping may serve several purposes:
o To provide a unified conversion mechanism between SCIM and vCard.
o To identify properties that are defined in vCard, but are missing
in SCIM.
o To identify SCIM attributes that may be useful in vCard too.
o To serve as guidance to consider whether vCard can be used as a
basis for SCIM.
o To provide discussion material on whether vCard could replace the
SCIM schema completely.
The SCIM WG is recommended to consider these issues.
Greevenbosch Expires May 17, 2013 [Page 4]
Internet-Draft SCIM/vCard mapping November 2012
2. Requirements notation
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119].
Greevenbosch Expires May 17, 2013 [Page 5]
Internet-Draft SCIM/vCard mapping November 2012
3. Mapping from SCIM attributes to vCard properties
Table 1 describes a mapping from SCIM attributes to the vCard
properties.
The reverse mapping from vCard to SCIM is defined in Section 4. The
reason for having two tables is that some mappings are not
invertible.
+-----------------------+---------------------+---------------------+
| SCIM attribute | vCard property | Notes |
+-----------------------+---------------------+---------------------+
| id | UID | May need conversion |
| | | from SCIM id space |
| | | to vCard UID space. |
| | | Exact conversion |
| | | TBD. |
| | | |
| externalId | | |
| | | |
| meta/created | | |
| | | |
| meta/lastModified | REV | |
| | | |
| meta/location | | No direct vCard |
| | | equivalent. |
| | | Candidates could be |
| | | SOURCE and |
| | | ORG-DIRECTORY. |
| | | |
| meta/version | | |
| | | |
| meta/attributes | | |
| | | |
| userName | | |
| | | |
| name/formatted | FN | |
| | | |
| name/familyName | N (family names) | Combined with other |
| | | name attributes in |
| | | a single N element. |
| | | |
| name/givenName | N (given names) | Combined with other |
| | | name attributes in |
| | | a single N element. |
| | | |
Greevenbosch Expires May 17, 2013 [Page 6]
Internet-Draft SCIM/vCard mapping November 2012
| name/middleName | N (additional | Combined with other |
| | names) | name attributes in |
| | | a single N element. |
| | | |
| name/honorificPrefix | N (honorific | Combined with other |
| | prefixes) | name attributes in |
| | | a single N element. |
| | | |
| name/honorificSuffix | N (honorific | Combined with other |
| | suffixes) | name attributes in |
| | | a single N element. |
| | | |
| displayName | | |
| | | |
| nickName | NICKNAME | |
| | | |
| profileUrl | URL | |
| | | |
| employeeNumber | | |
| | | |
| title | TITLE | |
| | | |
| userType | ROLE | Consider |
| | | distinction with |
| | | the "roles" |
| | | attribute. |
| | | |
| preferredLanguage | LANG | Language tag |
| | | according to |
| | | [RFC5646]. |
| | | |
| locale | | |
| | | |
| timezone | TZ | |
| | | |
| active | | |
| | | |
| password | | |
| | | |
| costCenter | | |
| | | |
| organization | ORG | Use the |
| | | hierarchical order |
| | | defined in vCard. |
| | | |
| division | ORG | Use the |
| | | hierarchical order |
| | | defined in vCard. |
Greevenbosch Expires May 17, 2013 [Page 7]
Internet-Draft SCIM/vCard mapping November 2012
| department | ORG | Use the |
| | | hierarchical order |
| | | defined in vCard. |
| | | |
| manager/managerId | | SCIM specific ID, |
| | | related to "id" |
| | | attribute. The |
| | | vCard RELATED |
| | | property could be |
| | | used, but a TYPE |
| | | "manager" may need |
| | | definition. |
| | | |
| manager/displayName | | |
| | | |
| email | EMAIL | |
| | | |
| phoneNumber | TEL | |
| (type="work") | (TYPE="voice,work") | |
| | | |
| phoneNumber | TEL | |
| (type="home") | (TYPE="voice,home") | |
| | | |
| phoneNumber | TEL (TYPE="cell") | |
| (type="mobile") | | |
| | | |
| phoneNumber | TEL (TYPE="fax") | |
| (type="fax") | | |
| | | |
| phoneNumber | TEL (TYPE="pager") | |
| (type="pager") | | |
| | | |
| phoneNumber | TEL (no TYPE) | |
| (type="other") | | |
| | | |
| phoneNumber (no type) | TEL (no TYPE) | |
| | | |
| im | IMPP | |
| | | |
| photo | PHOTO | URL of a web |
| | | location where the |
| | | photo can be |
| | | retrieved. |
| | | |
| address | ADR | See [RFC6350] for |
| | | the internal coding |
| | | of the ADR |
| | | property. |
Greevenbosch Expires May 17, 2013 [Page 8]
Internet-Draft SCIM/vCard mapping November 2012
| address/formatted | ADR (LABEL) | |
| | | |
| address/streetAddress | ADR (street | Combined with other |
| | address) | address attributes |
| | | into a single ADR |
| | | element. |
| | | |
| address/locality | ADR (locality) | Combined with other |
| | | address attributes |
| | | into a single ADR |
| | | element. |
| | | |
| address/region | ADR (region) | Combined with other |
| | | address attributes |
| | | into a single ADR |
| | | element. |
| | | |
| address/postalCode | ADR (postal code) | Combined with other |
| | | address attributes |
| | | into a single ADR |
| | | element. |
| | | |
| address/country | ADR (country) | Combined with other |
| | | address attributes |
| | | into a single ADR |
| | | element. |
| | | |
| group/displayName | FN | vCard KIND property |
| | | MUST equal "group". |
| | | |
| group/members | multiple MEMBER | Multiple SCIM |
| | properties | specific IDs, |
| | | related to "id" |
| | | attribute. |
| | | Conversion between |
| | | SCIM id and vCard |
| | | UID TBD. |
| | | |
| emails | Multiple EMAIL | See "email" for |
| | fields | mapping per |
| | | property. |
| | | |
| phoneNumbers | Multiple TEL | See "phoneNumber" |
| | properties | for mapping per |
| | | property. |
| | | |
Greevenbosch Expires May 17, 2013 [Page 9]
Internet-Draft SCIM/vCard mapping November 2012
| ims | Multiple IMPP | See "im" for |
| | properties | mapping per |
| | | property. |
| | | |
| photos | Multiple PHOTO | See "photo" for |
| | properties | mapping per |
| | | property. |
| | | |
| addresses/* | Multiple ADR fields | See "address/*" for |
| | | mapping per |
| | | address. |
| | | |
| groups | | Related to "group" |
| | | attribute. |
| | | |
| entitlements | | Hard to map as it |
| | | is proprietary by |
| | | nature. |
| | | |
| roles | Multiple ROLE | Consider |
| | properties | distinction with |
| | | the "userType" |
| | | attribute. |
| | | |
| x509Certificates | KEY | Care is required: |
| | | keys may not have |
| | | the same usage. |
+-----------------------+---------------------+---------------------+
Table 1: SCIM to vCard mapping
Greevenbosch Expires May 17, 2013 [Page 10]
Internet-Draft SCIM/vCard mapping November 2012
4. Mapping from vCard properties to SCIM attributes
Table 2 describes a mapping from vCard properties to SCIM attributes.
+--------------------+-------------------------+--------------------+
| vCard property | SCIM attribute | Notes |
+--------------------+-------------------------+--------------------+
| SOURCE | | Similar to SCIM |
| | | meta/location. |
| | | |
| KIND | | In vCard can have |
| | | the values |
| | | "individual", |
| | | "group", "org" and |
| | | "location". The |
| | | value |
| | | "application" was |
| | | added by |
| | | [RFC6473]. |
| | | |
| XML | | Purpose: to |
| | | include extended |
| | | XML-encoded vCard |
| | | data in a plain |
| | | vCard. |
| | | |
| FN | name/formatted | |
| | | |
| N (family names) | name/familyName | |
| | | |
| N (given names) | name/givenName | |
| | | |
| N (additional | name/middleName | |
| names) | | |
| | | |
| N (honorific | name/honorificPrefix | |
| prefixes) | | |
| | | |
| N (honorific | name/honorificSuffix | |
| suffixes) | | |
| | | |
| NICKNAME | nickName | |
| | | |
| PHOTO | photo | URL of a web |
| | | location where the |
| | | photo can be |
| | | retrieved. |
| | | |
Greevenbosch Expires May 17, 2013 [Page 11]
Internet-Draft SCIM/vCard mapping November 2012
| BDAY | | |
| | | |
| ANNIVERSARY | | |
| | | |
| GENDER | | Can have the |
| | | values "M"ale, |
| | | "F"emale, "O"ther, |
| | | "N"one or not |
| | | applicable or |
| | | "U"nknown. |
| | | |
| ADR (LABEL) | address/formatted | |
| | | |
| ADR (post office | address/streetAddress | |
| box) | | |
| | | |
| ADR (extended | | |
| address) | | |
| | | |
| ADR (street | address/streetAddress | |
| address) | | |
| | | |
| ADR (locality) | address/locality | |
| | | |
| ADR (region) | address/region | |
| | | |
| ADR (postal code) | address/postalCode | |
| | | |
| ADR (country) | address/country | |
| | | |
| TEL (TYPE="text") | phoneNumber, | |
| | type="other" | |
| | | |
| TEL (TYPE="voice") | phoneNumber, | The vCard TYPE can |
| | type="work"/type="home" | include "work" or |
| | | "home", in which |
| | | case mapping is |
| | | clear. |
| | | |
| TEL (TYPE="fax") | phoneNumber, type="fax" | |
| | | |
| TEL (TYPE="cell") | phoneNumber, | |
| | type="mobile" | |
| | | |
| TEL (TYPE="video") | phoneNumber, | |
| | type="other" | |
| | | |
Greevenbosch Expires May 17, 2013 [Page 12]
Internet-Draft SCIM/vCard mapping November 2012
| TEL (TYPE="pager") | phoneNumber, | |
| | type="pager" | |
| | | |
| TEL | phoneNumber, | |
| (TYPE="textphone") | type="other" | |
| | | |
| TEL (no TYPE) | phoneNumber (no type) | |
| | | |
| EMAIL | email | Can have |
| | | TYPE="work", |
| | | TYPE="home". |
| | | |
| IMPP | im | |
| | | |
| LANG | preferredLanguage | |
| | | |
| TZ | timezone | |
| | | |
| GEO | | GPS coordinates |
| | | |
| TITLE | title | |
| | | |
| ROLE | userType | |
| | | |
| LOGO | | |
| | | |
| ORG | organization | |
| | | |
| MEMBER | | Contains a vCard |
| | | ID of a member of |
| | | this group. The |
| | | vCard MUST have |
| | | KIND="group". |
| | | |
| RELATED | | Contains a vCard |
| | | ID of another |
| | | related vCard. |
| | | Can have many TYPE |
| | | values, such as |
| | | "friend", |
| | | "neighbor" and |
| | | "spouse". |
| | | |
| CATEGORIES | | Contains not |
| | | necessarily |
| | | unified tags. |
| | | |
| NOTE | | Any text. |
Greevenbosch Expires May 17, 2013 [Page 13]
Internet-Draft SCIM/vCard mapping November 2012
| PRODID | | ID for producer of |
| | | vCard. |
| | | |
| REV | | Purpose: to |
| | | specify revision |
| | | information about |
| | | the current vCard. |
| | | |
| SOUND | | |
| | | |
| UID | externalId | Conversion scheme |
| | | between vCard and |
| | | SCIM IDs is |
| | | needed. |
| | | |
| CLIENTPIDMAP | | Link between local |
| | | PID and global |
| | | URI. |
| | | |
| URL | profileUrl | |
| | | |
| VERSION | | Version of vCard |
| | | specification. |
| | | |
| KEY | x509Certificates? | Care is required: |
| | | keys may not have |
| | | the same usage. |
| | | |
| FBURL | | Purpose: to |
| | | specify the URI |
| | | for the busy time |
| | | associated with |
| | | the object that |
| | | the vCard |
| | | represents. |
| | | |
| CALADRURI | | Purpose: to |
| | | specify the |
| | | calendar user |
| | | address to which a |
| | | scheduling request |
| | | should be sent for |
| | | the object |
| | | represented by the |
| | | vCard. |
| | | |
Greevenbosch Expires May 17, 2013 [Page 14]
Internet-Draft SCIM/vCard mapping November 2012
| CALURI | | Purpose: to |
| | | specify the URI |
| | | for a calendar |
| | | associated with |
| | | the object |
| | | represented by the |
| | | vCard. |
| | | |
| BIRTHPLACE | | Defined in |
| | | [RFC6474]. |
| | | |
| DEATHDATE | | Defined in |
| | | [RFC6474]. |
| | | |
| DEATHPLACE | | Defined in |
| | | [RFC6474]. |
| | | |
| EXPERTISE | | Defined in |
| | | [RFC6715]. |
| | | |
| HOBBY | | Defined in |
| | | [RFC6715]. |
| | | |
| INTEREST | | Defined in |
| | | [RFC6715]. |
| | | |
| ORG-DIRECTORY | | Defined in |
| | | [RFC6715]. |
+--------------------+-------------------------+--------------------+
Table 2: vCard to SCIM mapping
Greevenbosch Expires May 17, 2013 [Page 15]
Internet-Draft SCIM/vCard mapping November 2012
5. Mapping between SCIM and vCard IDs
A SCIM specific prefix could be used to indicate the conversion from
SCIM IDs to vCard UIDs. A "Service Provider" specific part would
need to be included in the vCard UID, as the SCIM ID is unique within
the Service Provider's space only. The following format is proposed:
UID:scim:[serviceProviderID]:123456789
Conversion from vCard to SCIM may be done similarly, i.e. by adding a
prefix to the vCard UID. The SCIM schema document mentions for the
SCIM ID: "This identifier MUST be unique across the Service
Provider's entire set of Resources", so as long as the vCard UID
indeed is globally unique, and the service provider uses the prefix
for vCard acquired resources only, the rule should hold.
Notice that the above mechanism allows looping. For example,
converting SCIM -> vCard -> SCIM would lead to another SCIM ID in the
second representation as in the first. This indeed reflects the
possible loss of information in the conversion process. Of course
this kind of tandem conversion should be avoided as much as possible.
Because of the format of the vCard UID after conversion from SCIM,
the SCIM service provider can detect above mentioned tandem coding,
as well as the original vCard ID. The actions the service provider
may take upon such detection may for example include using the
original SCIM data instead, or using smarter mapping by analysing the
original and the new import. This kind of mechanisms is left out of
scope of this document.
Greevenbosch Expires May 17, 2013 [Page 16]
Internet-Draft SCIM/vCard mapping November 2012
6. Open issues
The following is a list of open issues:
o Exact mapping from vCard UIDs to SCIM IDs.
o Text in [I-D.scim-core-schema] defines only plural "emails",
"phoneNumbers", "ims", "photos", "addresses", "groups",
"entitlements" and "roles" elements. However, the XML examples
show that these plural element contain the associated singular
elements. This is not the case for the JSON representation.
o It is unclear on whether the SCIM ID can include alphanumeric
characters or is restricted to numeric characters only. The
examples in [I-D.scim-core-schema] seem to indicate that they
consist of hexadecimal numbers, with dashes at appropriate places.
If this is the case, then during the conversion from vCard UIDs to
SCIM IDs would include conversion of alphanumeric characters to
hexadecimal values.
Greevenbosch Expires May 17, 2013 [Page 17]
Internet-Draft SCIM/vCard mapping November 2012
7. IANA Considerations
A "manager" TYPE for the RELATED vCard property may need
registration.
Greevenbosch Expires May 17, 2013 [Page 18]
Internet-Draft SCIM/vCard mapping November 2012
8. Security Considerations
The mapping between vCard and SCIM may be useful for easily
transferring data for one system towards another. However, it also
has privacy implications. Therefore, it is important that user
consensus is acquired where applicable.
For this document, some decisions were made concerning mapping
between attributes and properties with similar, but not equal,
semantics. This was done in a best effort manner. However one
should realise that during the mapping process some accuracy from the
original data may be lost.
Tandem conversion between SCIM and vCard SHOULD be avoided as much as
possible.
Greevenbosch Expires May 17, 2013 [Page 19]
Internet-Draft SCIM/vCard mapping November 2012
9. Acknowledgements
Thanks to Kepeng Li for providing feedback and suggestions. Thanks
to Paul Madsen and Phil Hunt for providing similar mapping drafts
[draft-scim-saml2-binding] and [I-D.hunt-scim-directory], which have
served as inspiration for this document. Michael Angstadt and Dany
Cauchie provided valuable review comments.
Greevenbosch Expires May 17, 2013 [Page 20]
Internet-Draft SCIM/vCard mapping November 2012
10. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC5646] Phillips, A. and M. Davis, "Tags for Identifying
Languages", BCP 47, RFC 5646, September 2009.
[RFC6350] Perreault, S., "vCard Format Specification", RFC 6350,
August 2011.
[RFC6473] Saint-Andre, P., "vCard KIND:application", RFC 6473,
December 2011.
[RFC6474] Li, K. and B. Leiba, "vCard Format Extensions: Place of
Birth, Place and Date of Death", RFC 6474, December 2011.
[RFC6715] Cauchie, D., Leiba, B., and K. Li, "vCard Format
Extensions: Representing vCard Extensions Defined by the
Open Mobile Alliance (OMA) Converged Address Book (CAB)
Group", RFC 6715, August 2012.
[I-D.scim-core-schema]
Mortimore, C., Harding, P., Madsen, P., and T. Drake,
"System for Cross-Domain Identity Management: Core
Schema", draft-ietf-scim-core-schema-00 (work in
progress), August 2012.
[I-D.hunt-scim-directory]
Hunt, P., "SCIM Directory Services",
draft-hunt-scim-directory-00 (work in progress),
September 2012.
[draft-scim-saml2-binding]
Madsen, P., "SAML 2.0 Binding for SCIM",
draft-scim-saml2-binding-02 (work in progress),
April 2011.
Greevenbosch Expires May 17, 2013 [Page 21]
Internet-Draft SCIM/vCard mapping November 2012
Author's Address
Bert Greevenbosch
Huawei Technologies Co., Ltd.
Huawei Industrial Base
Bantian, Longgang District
Shenzhen 518129
P.R. China
Phone: +86-755-28978088
Email: bert.greevenbosch@huawei.com
Greevenbosch Expires May 17, 2013 [Page 22]
| PAFTECH AB 2003-2026 | 2026-04-24 01:30:26 |