IAM in Service Catalog
represents the UW NetID namespace. Under this stem is a stem for each UW
NetID (including personal and shared types, and mailing-list ids, but not
temp or reserved types):
is a stem manageable by the person owning the personal UW NetID rlmorgan.
Groups can be created under that stem as the owner of that UW NetID
desires (probably with various administrative limits on number of groups,
number of members, etc).
The stem based on a shared UW NetID, eg:
would be manageable by the owners of that shared UW NetID, or their
delegates. Capability to manage groups using that stem would be seeded
from the current owner/user data for the shared UW NetID (they wouldn't
necessarily stay in sync afterwards, though perhaps that should be an
4.4.1 1 Syntax of group namespace under u:
No further profile.
4.5 5 Other top-level stems
Note that course groups are not currently named in a global fashion since
their only venue of use, in mod_uwa, distinguishes course objects from
group objects. Propose that course groups be named in a consistent
fashion with other groups, hence a top-level stem:
A top-level stem representing affiliations (eg faculty, staff, student)
may also be useful.
For general purposes, if the UWNetID-based namespace proves inadequate or
problematic, additional top-level stems could be created, eg
which might indicate groups with an origin external to the UW.
4.6 6 URIs
For use in URI contexts there would be a direct mapping of names in the
group namespace to a URI namespace:
would be another name for the u:rlmorgan:foo group. It would be appealing
if searches on such a URI string in popular search engines resulted in a
management page describing the group.
5. Open issues and questions
Q: Won't an organization like HFS be upset that it can't name its
groups using "hfs", since the "hfs" netid is taken by a person?
A: Could be. HFS has a shared netid "hfsinfo", for its main email
address. u:hfsinfo: might serve their purposes for a group stem, or a
shared netid such as "uwhfs" could be created for this purpose. If
there is enough pushback, a new top-level namespace could be created,
though only after considering the implications.
Q: Couldn't there be confusion about what a stem represents?
Eg if H Smith owns the UW NetID "hfs" and creates uw:u:hfs:dorms:foo
couldn't that be confused with a real dorms group?
A: Sure, could be, just as the owner of "hfs" may get email intended for
the HFS organization. Good group-information pages are needed to make
it clear who manages groups for which purposes. Such pages could
restrict searches to organizational groups, for example, based on data
that we have about netid ownership, or visually distinguish (by color,
for example) personal groups from org groups.
Q: Can a stem be a group also?
A: Sure, if we want it to be. A stem is only meaningful in the
(eventual) group management system, to control operations on groups with
names based on that stem.
Q: Why colons as separators?
A: If the group infrastructure is successful (as it has been in many of
our peer institutions) there will be lots of groups, potentially many
more than UW NetIDs or washington.edu hostnames. Group names can be
used in many contexts, and colons are generally acceptable in many
contexts. Colons are used as separators in URNs, as one example.