Internet Engineering Task Force (IETF)                         V. Giralt
Request for Comments: 6338                                  Univ. Malaga
Category: Informational                                        R. McDuff
ISSN: 2070-1721                                         Univ. Queensland
                                                             August 2011
Internet Engineering Task Force (IETF)                         V. Giralt
Request for Comments: 6338                                  Univ. Malaga
Category: Informational                                        R. McDuff
ISSN: 2070-1721                                         Univ. Queensland
                                                             August 2011

Definition of a Uniform Resource Name (URN) Namespace for the Schema for Academia (SCHAC)




This document describes a Uniform Resource Name (URN) namespace for the Schema for Academia (SCHAC).


The namespace described in this document is for naming persistent resources defined by the SCHAC participants internationally, their working groups, and other designated subordinates. The main use of this namespace will be for the creation of controlled vocabulary values for attributes in the SCHAC schema. These values will be associated with particular instances of persons or objects belonging to any of the SCHAC object classes.


Status of This Memo


This document is not an Internet Standards Track specification; it is published for informational purposes.


This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Not all documents approved by the IESG are a candidate for any level of Internet Standard; see Section 2 of RFC 5741.

本文件是互联网工程任务组(IETF)的产品。它代表了IETF社区的共识。它已经接受了公众审查,并已被互联网工程指导小组(IESG)批准出版。并非IESG批准的所有文件都适用于任何级别的互联网标准;见RFC 5741第2节。

Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at


Copyright Notice


Copyright (c) 2011 IETF Trust and the persons identified as the document authors. All rights reserved.

版权所有(c)2011 IETF信托基金和确定为文件作者的人员。版权所有。

This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents ( in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.

本文件受BCP 78和IETF信托有关IETF文件的法律规定的约束(自本文件出版之日起生效。请仔细阅读这些文件,因为它们描述了您对本文件的权利和限制。从本文件中提取的代码组件必须包括信托法律条款第4.e节中所述的简化BSD许可证文本,并提供简化BSD许可证中所述的无担保。

1. Introduction
1. 介绍

The Schema for Academia (SCHAC) international activity was born inside the Task Force on European Middleware Coordination and Collaboration (TF-EMC2) of the Trans-European Research and Education Networking Association (TERENA) [6]. The initial aim of SCHAC was to harmonize the disjoint person schemas of the participating countries in order to have a common way for expressing data about persons, exchanged between educational organizations. SCHAC, as are other person schemas, is designed to ease the sharing of information about a given individual between parties, mostly, but not limited to, educational and research institutions. The main aims of this sharing are to provide resources to individuals and to allow said individuals to move, virtually and physically, between such institutions. Thus, the SCHAC schema was defined with input from all participants' national person schemas [7].


SCHAC does not supplant other person schemas such as organizationalPerson [8], inetOrgPerson [9], or eduPerson [10]; it extends those where needed for the purposes of Higher Education outside the United States. This characteristic has made SCHAC, originally a European effort, useful for groups outside Europe.


2. Requirements Language
2. 需求语言

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [1].

本文件中的关键词“必须”、“不得”、“要求”、“应”、“不应”、“应”、“不应”、“建议”、“可”和“可选”应按照RFC 2119[1]中所述进行解释。

3. Specification Template
3. 规范模板

Namespace ID:




Registration Information:


Registration Version Number 1


Registration Date: 2011-06-22


Registrant of the namespace:


European Committee for Academic Middleware (ECAM) Trans-European Research and Education Networking Association (TERENA) Singel Amsterdam The Netherlands


Designated contacts:


Contact: Licia Florio Affiliation: TERENA Singel 468 D Amsterdam, 1017 AW The Netherlands

联系人:Licia Florio附属机构:荷兰首都阿姆斯特丹第468 D街TERENA Singel

      Phone: +31(0)20 5304488
      Phone: +31(0)20 5304488

Contact: Victoriano Giralt Affiliation: University of Malaga Central ICT Services Blvd. Louis Pasteur, 33 Campus de Teatinos 29071 Malaga Spain

联系:Victoriano Giralt附属:马拉加大学中央ICT服务BLVD。路易斯巴斯德,西班牙马拉加市蒂蒂诺斯校区33号,邮编29071

      Phone: +34 95 213 1415
      Phone: +34 95 213 1415

Syntactic structure:


The Namespace Specific Strings (NSSs) of all URNs assigned by SCHAC will conform to the syntax defined in Section 2.2 of RFC 2141, "URN Syntax" [11]. In addition, all SCHAC URN NSSs will consist of a left-to-right series of tokens delimited by colons. The left-to-right sequence of colon-delimited tokens corresponds to descending nodes in a tree. To the right of the lowest naming authority node, there may be zero, one, or more levels of hierarchical naming nodes terminating in a rightmost leaf node. See the "Identifier assignment" section below for more on the semantics of NSSs. This syntax convention is captured in the following normative ABNF rules for SCHAC NSSs (see RFC 5234 [2]):

SCAC分配的所有URN的命名空间特定字符串(NSS)将符合RFC 2141第2.2节“URN语法”[11]中定义的语法。此外,所有SCAC URN NSS将由一系列由左至右用冒号分隔的标记组成。从左到右的冒号分隔标记序列对应于树中的降序节点。在最低命名机构节点的右侧,可能有零级、一级或多级分层命名节点终止于最右侧的叶节点。有关NSS语义的更多信息,请参见下面的“标识符分配”部分。该语法约定包含在以下针对SCHC NSSs的规范性ABNF规则中(参见RFC 5234[2]):

           SCHAC-NSS    =   1*subStChar *( ":" 1*subStChar )
           SCHAC-NSS    =   1*subStChar *( ":" 1*subStChar )

subStChar = trans / "%" HEXDIG HEXDIG

subschar=trans/“%”HEXDIG HEXDIG

           trans        =   ALPHA / DIGIT / other / reserved
           trans        =   ALPHA / DIGIT / other / reserved
           other        =   "(" / ")" / "+" / "," / "-" / "." /
                            "=" / "@" / ";" / "$" /
                            "_" / "!" / "*" / "'"
           other        =   "(" / ")" / "+" / "," / "-" / "." /
                            "=" / "@" / ";" / "$" /
                            "_" / "!" / "*" / "'"
           reserved     =   "/" / "?" / "#"
           reserved     =   "/" / "?" / "#"

The exclusion of the colon from the list of "other" characters means that the colon can only occur as a delimiter between string tokens. Note that this ABNF rule set guarantees that any valid SCHAC NSS is also a valid RFC 2141 NSS.

从“其他”字符列表中排除冒号意味着冒号只能作为字符串标记之间的分隔符出现。请注意,此ABNF规则集保证任何有效的SCHC NSS也是有效的RFC 2141 NSS。

Relevant ancillary documentation:




Identifier uniqueness:


It is the responsibility of TERENA to guarantee uniqueness of the names of immediately subordinate naming authorities. Each lower-level naming authority in turn inherits the responsibility of guaranteeing uniqueness of names in its branch of the naming tree.


Identifier persistence:


TERENA bears ultimate responsibility for maintaining the usability of SCHAC URNs over time. This responsibility MAY be delegated to subordinate naming authorities per the discussion in the section below on identifier assignment. That section provides a mechanism for the delegation to be revoked in the case where a subordinate naming authority ceases to function.


Identifier assignment:


TERENA will create an initial series of immediately subordinate naming authorities, and will define a process for adding to that list of authorities. Such a list, and the policy for adding to it, will be published at the root registry page. Each country with a representative in SCHAC will be invited to designate a naming authority. Country-specific namespaces based on the country Internet Top-Level Domain (TLD) [12] will then be assigned to the designated authority. The subordinated namespaces int and eu will remain under TERENA authority, controlled by the SCHAC activity members, for entities of global, international, or European interest. There is also the possibility of granting subordinate namespaces to multi-country organizations; in this case, the organizational Internet Fully Qualified Domain Name (FQDN) will be used as the prefix.


As an example, a European-level interest entity would be any value related to information used in the Higher Education European Space, or the so-called Bologna process. Such entities will belong in the eu subordinate namespace.


Global international entities could encompass values related to the Grid community or values useful both for some European and for some Australian universities. Such entities would belong in the int subordinate namespace.


Examples of multi-country organizations include TERENA itself or an association like the Educational Policy Institute (EPI) ( that has members from Australia, Canada, and the US.


URNs intended for values of SCHAC attributes will include the attribute name immediately after the NSS prefix, before any geographical namespace delegation, such that any string can convey information about the attribute for which it is a value. For example, values for schacUserStatus will be of the form:


                urn:schac:userStatus:au or
                urn:schac:userStatus:au or

If at all possible, automated registry publication mechanisms will be provided, based on the work on distributed URN registries done by the TF-EMC2 task force members.


Institutions and communities affiliated with SCHAC participants may request that they be granted subordinate naming authority status. Uniqueness of these namespaces under country authority will be based on the requestor's Internet FQDN. This subordination procedure SHOULD be carried along the delegation chain; i.e., if at all possible, all entities that receive a delegated namespace MUST have a valid FQDN and MUST publish an Internet accessible URN value registry, based on the URN registry mechanisms designed by the TF-EMC2 task force members.

SCAC参与者的附属机构和社区可要求授予其下属命名机构身份。国家/地区授权下这些名称空间的唯一性将基于请求者的Internet FQDN。这种从属程序应该沿着委托链进行;i、 例如,如果可能,所有接收委派命名空间的实体必须具有有效的FQDN,并且必须根据TF-EMC2工作组成员设计的URN注册表机制发布可通过互联网访问的URN值注册表。

On at least an annual basis, TERENA will contact the liaisons or directors of each immediately subordinate naming authority. If there is no response, or if the respondent indicates that they wish to relinquish naming authority, the authority over that branch of the tree reverts to TERENA. This process will be enforced recursively by each naming authority on its subordinates. This process guarantees that responsibility for each branch of the tree will lapse for less than one year, at worst, before being reclaimed by a superior authority.


Lexical equivalence of two SCHAC Namespace Specific Strings (NSSs) is defined below as an exact, case-sensitive string match. TERENA will assign names of immediately subordinate naming authorities in lowercase only. This forestalls the registration of two SCHAC-subordinate naming authorities whose names differ only in case. Attribute names will use the same mixed-case format as in the schema definition.


Identifier resolution:


The namespace is not currently listed with a Resolution Discovery System (RDS), but nothing about the namespace prohibits the future definition of appropriate resolution methods or listing with an RDS.


TERENA will maintain a registry of all SCHAC-assigned URN values, both final and for delegation, on its web site:


Delegation entries will have a pointer to the registry of the subordinate naming authority. This SHOULD recurse down the delegation tree, but registries for several delegated namespaces MAY be maintained by a single naming authority.


All registries MUST publish their URNs over https links [3]. The https links MUST be secured by sites offering credentials signed by a SCHAC-community recognized Certification Authority (CA) using the latest secure methods for accessing a web site (which at present is the latest version of Transport Layer Security (TLS) [4]). Registries SHOULD consider the user interface implications of their choice of CA, taking into account issues like browser alerts and blind trust.


Lexical equivalence:


Lexical equivalence of two SCHAC Namespace Specific Strings (NSSs) is defined as an exact, case-sensitive string match.


Conformance with URN syntax:


All SCHAC NSSs fully conform to RFC 2141 syntax rules for NSSs.

所有SCHC NSS完全符合NSS的RFC 2141语法规则。

Validation mechanism:


As specified in the "Identifier resolution" section above, TERENA will maintain an index of all SCHAC-assigned URNs on its web site: Presence in that registry or in any subordinate registry implies that a given URN is valid. Delegated naming authorities MUST guarantee that values are valid in their assigned spaces.

如上文“标识符解析”部分所述,TERENA将在其网站上维护所有SCAC分配的URN的索引: 在该注册表或任何下级注册表中的存在意味着给定的URN是有效的。委派的命名权限必须保证值在其指定的空间中有效。





4. Examples
4. 例子

The following examples are not guaranteed to be real. They are listed for pedagogical reasons only.


5. Security Considerations
5. 安全考虑

There are no additional security considerations beyond those normally associated with the use and resolution of URNs in general.


In order to guarantee the validity and origin of SCHAC-NSS URN values, they MUST be published over https links [3]. The https links MUST be secured by sites offering credentials signed by a SCHAC-community recognized Certification Authority (CA) using the latest secure methods for accessing a web site (which at present is the latest version of TLS [4]).

为了保证SCAC-NSS URN值的有效性和来源,它们必须通过https链接发布[3]。https链接必须由提供由SCAC社区认可的证书颁发机构(CA)签署的凭据的网站进行保护,这些证书使用最新的安全方法访问网站(目前是TLS的最新版本[4])。

6. Namespace Considerations
6. 命名空间注意事项

Registration of a Namespace Identifier (NID) specific to SCHAC is reasonable given the following considerations:


SCHAC would like to assign URNs to some very fine-grained objects. This does not seem to be the primary intended use of the namespace (RFC 3120) [13], or the more tightly controlled Organization for the Advancement of Structured Information Standards (OASIS) [14] namespace (RFC 3121) [15].

SCHAC希望将URN分配给一些非常细粒度的对象。这似乎不是XML.org名称空间(RFC 3120)[13]或更严格控制的结构化信息标准促进组织(OASIS)[14]名称空间(RFC 3121)[15]的主要预期用途。

SCHAC seeks naming autonomy. SCHAC is not a member of OASIS, so becoming a subordinate naming authority under the OASIS URN space is not an option. There is the MACE (Middleware Architecture Committee for Education) (RFC 3613) [16] namespace, but the SCHAC development is done outside of the MACE activity scope; thus, the attributes and values do not belong in the MACE namespace. Using the MACE namespace requires that the SCHAC namespace be placed under one of the SCHAC participants' namespaces, which hinders its global scope.

SCHAC寻求命名自主。SCHC不是OASIS的成员,因此成为OASIS URN空间下的下属命名机构不是一个选项。存在MACE(教育中间件体系结构委员会)(RFC 3613)[16]名称空间,但SCAC开发在MACE活动范围之外进行;因此,属性和值不属于MACE名称空间。使用MACE名称空间需要将SCAC名称空间放在SCAC参与者的名称空间之一下,这会妨碍其全局范围。

SCHAC will want to assign URNs to non-XML objects as well. That is another reason that may not be an appropriate higher-level naming authority for SCHAC.


Some of the already defined SCHAC attribute values have been assigned URNs under the namespace. These values will enter a deprecation cycle, with a clear indication that they will be replaced by values under the new namespace once it is assigned. In any case, RFC 3406 [5] (which replaced RFC 2611) includes an explicit statement that two or more URNs may point to the same resource.

一些已定义的SCHC属性值已在urn:mace:terena.org命名空间下分配了urn。这些值将进入一个弃用周期,并明确表示一旦分配新名称空间,它们将被新名称空间下的值替换。在任何情况下,RFC 3406[5](取代了RFC 2611)都包含一条明确的语句,即两个或多个URN可能指向同一资源。

7. Community Considerations
7. 社区考虑

The assignment and use of identifiers within the namespace are open, and the related rule is established by the SCHAC activity members. Registration agencies (the next-level naming authorities) will be the National Research and Education Networks (NRENs) and established organizational cross-border organizations that participate in SCHAC.


It is expected that the majority of the European NRENs, their constituencies, participants in the Australian Access Federation, and some other international activities will make use of the SCHAC namespace.


After the establishment of the SCHAC namespace, TERENA will establish a registry service (analogously to other distributed pan-European services, such as eduroam, PerfSONAR, etc.) for the namespace clients. This registry will be available via the root page of the namespace: The policy for registrations will be defined in documents available at the root page of the registry.

在SCHAC名称空间建立之后,TERENA将为名称空间客户端建立一个注册表服务(类似于其他分布式泛欧服务,如eduroam、PerfSONAR等)。此注册表将通过命名空间的根页面提供: 注册策略将在注册表根页面上的可用文档中定义。

8. IANA Considerations
8. IANA考虑

In accordance with BCP 66 [5], IANA has registered the Formal URN Namespace 'schac' in the Registry of URN Namespaces, using the registration template presented in Section 2 of this document.

根据BCP 66[5],IANA已使用本文件第2节中提供的注册模板在URN名称空间注册表中注册了正式的URN名称空间“schac”。

9. Acknowledgments
9. 致谢

SCHAC is the result of the TERENA TF-EMC2 task force and many others that have contributed ideas to the development of the schema.

SCHAC是TERENA TF-EMC2特别工作组和许多其他人的成果,他们为模式的开发提供了想法。

This document was discussed on the URN-NID list, with the special help of Alfred Hoenes, who thoroughly reviewed the document, helped us correct errors, and suggested clarifications to the text.

在阿尔弗雷德·霍恩斯(Alfred Hoenes)的特别帮助下,本文件在URN-NID清单上进行了讨论。霍恩斯彻底审查了本文件,帮助我们纠正错误,并建议对文本进行澄清。

Peter Saint-Andre has also provided comments that have improved the overall document quality, for which we herein thank him. We'd also like to thank Chris Lonvick for helping us express our security concerns in a better way. Finally, we thank other reviewers that have helped us to give the final touches to the text.

彼得·圣安德烈(Peter Saint Andre)也提出了一些意见,这些意见提高了文件的整体质量,对此我们在此表示感谢。我们还要感谢Chris Lonvick帮助我们以更好的方式表达我们的安全顾虑。最后,我们感谢帮助我们对文本进行最后润色的其他评论员。

Special thanks should go to Dyonisius Visser from the TERENA technical team for taking the time and effort required to set up the root instance of the namespace registry.

应该特别感谢TERENA技术团队的Dyonisius Visser花费时间和精力来设置名称空间注册表的根实例。

10. References
10. 工具书类
10.1. Normative References
10.1. 规范性引用文件

[1] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.

[1] Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,1997年3月。

[2] Crocker, D., Ed., and P. Overell, "Augmented BNF for Syntax Specifications: ABNF", STD 68, RFC 5234, January 2008.

[2] Crocker,D.,Ed.,和P.Overell,“语法规范的扩充BNF:ABNF”,STD 68,RFC 5234,2008年1月。

[3] Rescorla, E., "HTTP Over TLS", RFC 2818, May 2000.

[3] Rescorla,E.,“TLS上的HTTP”,RFC 2818,2000年5月。

[4] Dierks, T. and E. Rescorla, "The Transport Layer Security (TLS) Protocol Version 1.2", RFC 5246, August 2008.

[4] Dierks,T.和E.Rescorla,“传输层安全(TLS)协议版本1.2”,RFC 5246,2008年8月。

[5] Daigle, L., van Gulik, D., Iannella, R., and P. Faltstrom, "Uniform Resource Names (URN) Namespace Definition Mechanisms", BCP 66, RFC 3406, October 2002.

[5] Daigle,L.,van Gulik,D.,Iannella,R.,和P.Faltstrom,“统一资源名(URN)命名空间定义机制”,BCP 66,RFC 3406,2002年10月。

10.2. Informative References
10.2. 资料性引用

[6] TERENA, "Trans-European Research and Education Networking Association", <>.

[6] TERENA,“跨欧洲研究和教育网络协会”<>.

[7] TERENA TF-EMC2, "SCHAC activity web site", <>.

[7] TERENA TF-EMC2,“SCHC活动网站”<>.

[8] Sciberras, A., Ed., "Lightweight Directory Access Protocol (LDAP): Schema for User Applications", RFC 4519, June 2006.

[8] Sciberas,A.,编辑,“轻量级目录访问协议(LDAP):用户应用程序模式”,RFC45192006年6月。

[9] Smith, M., "Definition of the inetOrgPerson LDAP Object Class", RFC 2798, April 2000.

[9] Smith,M.,“inetOrgPerson LDAP对象类的定义”,RFC 2798,2000年4月。

[10] MACE-Dir, "eduPerson Object Class Specification", December 2007, < internet2-mace-dir-eduperson-200712.html>.

[10] MACE Dir,“eduPerson对象类规范”,2007年12月< internet2-mace-dir-eduperson-200712.html>。

[11] Moats, R., "URN Syntax", RFC 2141, May 1997.

[11] 护城河,R.,“瓮语法”,RFC 21411997年5月。

[12] IANA, "Country TLDs", <>.

[12] IANA,“国家TLD”<>.

[13] Best, K. and N. Walsh, "A URN Namespace for", RFC 3120, June 2001.

[13] Best,K.和N.Walsh,“XML.org的URN名称空间”,RFC31202001年6月。

[14] OASIS, "Organization for the Advancement of Structured Information Standards: OASIS", <>.

[14] OASIS,“结构化信息标准促进组织:OASIS”<>.

[15] Best, K. and N. Walsh, "A URN Namespace for OASIS", RFC 3121, June 2001.

[15] 贝斯特,K.和N.沃尔什,“绿洲的瓮名称空间”,RFC31212001年6月。

[16] Morgan, R. and K. Hazelton, "Definition of a Uniform Resource Name (URN) Namespace for the Middleware Architecture Committee for Education (MACE)", RFC 3613, October 2003.

[16] Morgan,R.和K.Hazelton,“教育中间件体系结构委员会(MACE)统一资源名(URN)命名空间的定义”,RFC 3613,2003年10月。

Authors' Addresses


Victoriano Giralt, M.D. University of Malaga Avd. Cervantes, 2 Malaga, Malaga E-29071 Spain

Victoriano Giralt,马拉加大学医学院医学博士。塞万提斯,马拉加2号,马拉加E-29071西班牙

   Phone: +34-95-213-1415
   Phone: +34-95-213-1415

Dr. Rodney McDuff The University of Queensland

Rodney McDuff博士昆士兰大学