IAM in Service Catalog
For open issues / questions / concerns see Groups Service Open Issues.
1 A "netid"-type name
This plan promotes group names that are more or less in the style of UW NetIDs, email addresses, and web URLs. That is, they are relatively short; typically meaningful to humans but not full English words; and normally writable as ASCII strings without white space. Such identifiers are intended to fit in easily where these other identifiers typically are found. Note, however, that the proposed identifiers are not UW NetIDs, email addresses, or URLs/URIs, though there could be mappings to/from those forms in some cases.
2 Namespaces, stems
This plan takes the general approach of supporting hierarchical group name assignment with ownership and delegation, but permitting the tree to be as shallow or as deep as the institution desires, with a bias towards ease of assignment.
In many cases a group name is used in a context where it is understood to be a group name in the UW infrastructure space (e.g., the "require group foo" context in UW web access control), so a short form is available for these contexts. For more general contexts, a URI form is also defined so that each group has a globally unique name.
2 3 Syntax
A group name is a sequence of name components, by convention written left-to-right from highest-level to lowest-level naming authority. Name components are written separated by a delimiter character.
Character set: Name components are limited to 7-bit ASCII alphanumeric plus a few punctuation chars: "-", "_". (Probably should look at various charset specs such as URLs for guidance.)
Case: Names can potentially be mixed-case but by convention are normally lower-case only. Matching is bit-for-bit, i.e. case-sensitive.
Delimiter: The standard delimiter between components is colonthe full stop, ":.".
3 Maximum length: 64 characters, including delimiters.
4 UW top-level stems
C&C (acting as institutional group naming authority) controls the top-level stem space. Top-level stems can be created as needed, based on discussion with stakeholders and establishment of clear definition and requirements. Like any stem, a top-level stem must have a well-defined naming authority to manage it.
Syntax of names under each stem can be further profiled.
4 5 UW NetID stem
A top-level stem:
represents the UW NetID namespace. Under this stem is a stem for each UW NetID (including personal and shared types, and mailing-list ids, but not temp or other reserved types). For example,
is a stem manageable by the person owning the personal UW NetID rlmorgan. Groups can be created under that stem as the owner of that UW NetID desires (potentially with various administrative limits on number of groups, number of members, etc).
The stem based on a shared UW NetID, eg:
is manageable by the owners of that shared UW NetID, or their delegates. Capability to manage groups using that stem is handled consistently with management of access to other resources available to that shared UW NetID.
45.1 Syntax of group namespace under u:in the UW NetID stem
No further profile.
5 Other top-level stems
Course groups are not currently named in a global fashion since their only venue of use, in mod_uwa, distinguishes course objects from group objects. Propose that course groups be named in a consistent fashion with other groups, hence a 6 Academic course group stem
Academic course groups use a top-level stem:
6.1 Syntax of group namespace in the academic course stem
\[ follow existing UWWI approach ... \]
7 Other possible top-level stems
A top-level stem representing affiliations (eg faculty, staff, student) may also be useful, e.g.
If the UWNetID-based namespace proves inadequate or problematic, additional top-level stems could be created. For example:
which might indicate groups with an origin external to the UW.
6 8 Representation of names as URIs
For use in URI contexts URI namespace is allocated:
would be another name for the u:.rlmorgan:.foo group. It would be appealing if searches on such a URI string in popular search engines resulted in a management page describing the group.