OASIS Charter Submission Discuss

 View Only

Call for Comment: proposed Charter for Supply Chain Information Model (SCIM) (acronym comment)

  • 1.  Call for Comment: proposed Charter for Supply Chain Information Model (SCIM) (acronym comment)

    Posted 04-09-2024 02:25
    Dear proposers:  This is a comment from me in my capacity as OASIS staff, and particularly as its general counsel.

    We're grateful for your work to frame this extremely interesting project.
    Staff may post or offer other comments on this charter regarding potential substantive suggestions during the review period, as a matter of suggestions, technical questions or personal views.  This one, however, is presented separately, because it relates directly to the proposed TC's name, and trademark and liaison issues.

    I recommend against using the acronym "SCIM," and suggest that some variation should be adopted.   It's already in use in our industry for a different well-known, fairly widely-used standard.  

    OASIS has been involved for a long time in the identity management (IdM) domain, going back at least to SAML and DSML (2002).   Most IdM experts in our field already know the acronym "SCIM" as the name of a fairly well-known IETF standard for identity provisioning.  IETF's SCIM, originally the Simple Cloud Identity Management spec, was developed around 2010 as a RESTful and JSON-based alternative to the XML-based SPML and DSML specs from OASIS to implement LDAP directory provisioning services.  (This was part of a larger migration of other IdM specs to RESTful architecture and JSON, including OAuth 2 and Open ID Connect.)

    After "cloud" was no longer the hot buzzword of the year, IETF kept the acronym, but retconned it to mean "System for Cross-domain Identity Management" spec.  The most recent version of SCIM (~2015) is published as IETF RFCs 7642, 7643 and 7644.  I believe it's in active, common industry use. [fn1]

    Whether or not a major standards host *registers* its trademarks for its specification names, it has a strong chance of claiming common law trademark in published spec names.  We would not normally recommend using the same short name as another SDO's output.

    Aside from legal considerations, if one SDO uses another's well-known acronym, that also presents some risk of seeming unaware of the technical landscape and the major outputs of other peer SDOs.  

    Please note, this comment has no bearing on what *words* the new proposed committee's acronym represents.  It only asserts the inadvisability of using the four letters S-C-I-M, in that order, as your identifier.

    Thanks for your attention.  Respectfully submitted, JBC

    James Bryce Clark, General Counsel, OASIS Open, setting the standard for open collaboration