Existing MetaData
From IdCommons
Introduction
Metadata is the information used to describe schemas and elements, such as attributes, of schemas. Most identity systems that have extensible schema implement a few types of metadata. Some of these are mandatory, without which the schema cannot be understood by the identity system. There is also metadata on identity schema which is not implemented by identity systems themselves, but is descriptive and is useful for architects and schema designers.
Identity Systems with metadata of interest include:
- Information Card - see Claim Catalog
- OpenID - see OpenID AX (metadata)
- SAML 2.0 attributes and assertions
- LDAPv3
- SPML v2.0
- XRI/XDI
- FOAF
- Higgins HOWL
Related documents:
- http://oldidschemas.idcommons.net/moin.cgi/MetaData?action=AttachFile&do=get&target=schema-metadata-existing-specs-1_0-00.html - from Sept 2007
1. Combined informal metadata table
This table merges the mandatory and optional metadata of each identity system, as well as metadata that is identity system independent.
1.1. Metadata of schema elements
| Element | RDF Property | Used By | Purpose | Syntax | Comment | Proposer |
|---|---|---|---|---|---|---|
| application domain of applicability | TBD | N/A | App Development | URI | for schemas which are intended for use within a particular application domain, e.g. "PKI". | Mark Wahl |
| canonical XRI | TBD | XRI/XDI | See above | XRI | Of the set of XRI synonyms for an XDI dictionary entry, this is the recommended primary foreign key (typically a persistent XRI without human semantics) | Drummond Reed |
| deprecation | TBD | LDAP | Id System Operations | boolean or date-of-deprecation | Allow a schema owner to mark that a schema element is deprecated and new instances should not use that schema | Mark Wahl |
| document link | TBD | N/A | App Development | language, media type and URI | links to a document in a format such as HTML or PDF that describes the schema in human-readable terms | MarkWahl |
| ldap name | TBD | LDAP, SPMLv2/DSML | Id System Operations | letters, digits, hyphen,period | Provide identifier for attribute or object class: Each LDAP attribute or object class needs a type name or OID | MarkWahl |
| metadata URI | TBD | N/A | Schema mapping | URIs, but might need more - see next line | list of resolvable URIs at which there are documents containing this metadata for a particular schema element | MarkWahl |
| metadata document type | TBD | N/A | Schema mapping | TBD | specification of the media type and schema of the documents at the end of each of the metadata URI (e.g. what RDF dialect is being used - H-OWL, RDFX, Schemat, etc) | MarkWahl |
| organizational domain of applicability | TBD | N/A | App Development | URI | for schemas which are created and intended for use only with a single organization | MarkWahl |
| trademark | TBD | FOAF | App Development | text | e.g. on the foaf:myersBriggs attribute may wish to mention that Myers Briggs Type Indicator and MBTI are registered trademarks of X, and Y has exclusive rights to the trademark in the UK. | MarkWahl |
| XRI | TBD | XRI/XDI | Identification, addressing, & metadata discovery | XRI | In an XDI dictionary, each entry has one or more XRI synonyms | DrummondReed |
1.2. Metadata of attribute types
| Element | RDF Property | Used By | Purpose | Syntax | Comment | Proposer |
|---|---|---|---|---|---|---|
| acquisition | http://schema.openid.net/metadata#acquisition | OpenID AX | deployment | URLs | acquisition (where to get) | DickHardt |
| assertion ID | TBD | SAML 2.0 | Id System Operations | XML ID | MarkWahl | |
| attribute URI | TBD | OpenID AX | Id System Operations | URI | identifier for the attribute | MarkWahl |
| attribute name format | TBD | SAML 2.0 | Id System Operations | URI | classification of attribute name, for example urn:oasis:names:tc:SAML:2.0:attrname-format:uri | MarkWahl |
| attribute name | TBD | SAML 2.0 | Id System Operations | see SAML 2.0 | name of the attribute | MarkWahl |
| authority | http://schema.openid.net/metadata#authority | OpenID AX | deployment | URLs | authority (who can state) | DickHardt |
| blob value restrictions | TBD | N/A | Id System Operations | TBD, perhaps a media type | Further restrictions that a non-string value can have, such as a media type of image | MarkWahl |
| cacheTTL | TBD | CARML | Deployment | days, hours, minutes, seconds | Oracle IGF | |
| cardinality within an entry | TBD | LDAP, Higgins, OpenID | Id System Operations | positive integer | Number of possible values an attribute can have. LDAP has single vs multi-valued, others might have a specific maximum number of values | DavidRecordon and PaulTrevithick |
| cluster | TBD | N/A | Display | TBD, perhaps a string keyword | Cluster related attributes (e.g. 'home' address and phone number attributes should be kept distinct from 'work' address and phone number attributes). | MarkWahl |
| comment | http://www.w3.org/2000/01/rdf-schema#comment | all | Schema mapping | language-tagged strings | human friendly comment | DavidRecordon and PaulTrevithick |
| decoder | TBD | FOAF | App Development | TBD, perhaps URI | e.g. a foaf:geekCode can be converted to text by a Geek-Code-decoding application http://www.ebb.org/ungeek/ | MarkWahl |
| display data | http://www.eclipse.org/higgins/ontologies/2006/higgins#displayData | Higgins | Display | Resource URI | PaulTrevithick | |
| display order predecessor | TBD | N/A | Display | TBD | Specify the display order for attributes in a cluster (e.g. that in a name, the givenname comes before the middleInitial, and the middleInitial comes before the surname) | MarkWahl |
| display order successor | TBD | N/A | Display | TBD | Specify the display order for attributes in a cluster (e.g. that in a name, the givenname comes before the middleInitial, and the middleInitial comes before the surname) | MarkWahl |
| domain | http://www.w3.org/2000/01/rdf-schema#domain | FOAF | App Development | URI of OWL class | e.g. a foaf:accountName has domain foaf:OnlineAccount | MarkWahl |
| embedded | TBD | N/A | Display | TBD link to attribute | a givenName value may be embedded in a commonName value | MarkWahl |
| encoding | TBD | LDAP, vCard | Id System Operations | keyword such as "b" or "base64", or URI | even if the syntax is "String", is it because there is a transfer encoding, such as Base64 | MarkWahl |
| equality matching rule | TBD | LDAP | Id System Operations | LDAP uses an OID to reference a function | How to compare two values for equality? | MarkWahl |
| equivalent attribute | http://www.w3.org/2002/07/owl#equivalentClass | Higgins | Schema design | PaulTrevithick | ||
| example | http://schema.openid.net/metadata#example | OpenID AX | Application development | any value | human friendly example value | DickHardt |
| friendly name | TBD | SAML 2.0 | Id System Operations | string | friendly name of the attribute | MarkWahl |
| label | http://www.w3.org/2000/01/rdf-schema#label | all | Display | language-tagged strings | Internationalized human friendly display string/label | DavidRecordon and PaulTrevithick |
| legal use ref | TBD | CARML | Deployment | URL | representing legal documentation for how the information will be used. | Oracle IGF |
| locale | TBD | LDAP, vCard | Display | locale name | for attributes that are tied to a particular locale | MarkWahl |
| may propogate | TBD | CARML | Deployment | boolean+parties list | Oracle IGF | |
| modifiable | TBD | CARML | Deployment | boolean | Oracle IGF | |
| owl type | TBD | FOAF | App Development | URI of OWL element | e.g. a foaf:aimChatID is an OWL InverseFunctionalProperty (uniquely identifying property) | MarkWahl |
| parameters | TBD | LDAP, vCard | Id System Operations | TBD | what parameters an attribute can have, e.g. userCertificate can have ";binary"; description can have lang; vCard photo can have any IANA registered image format | MarkWahl |
| pre-hash normalization function | TBD | N/A | Id System Operations | TBD, perhaps a URI to name a function | How to create a byte array by normalizing a value (e.g. by upcase, remove spaces) so that all values which match for equality have the same resulting byte array | MarkWahl |
| quality statement | TBD | CARML | Deployment | URL | pointer to a document about the quality of verifiability of information requested. | Oracle IGF |
| range | http://www.w3.org/2000/01/rdf-schema#range | FOAF | App Development | URI | e.g. a foaf:accountName has range http://www.w3.org/2000/01/rdf-schema#Literal | MarkWahl |
| references | TBD | Higgins | Schema mapping | TBD | References to other seantically equivalent attributes, e.g. rdfs sellAlso and OWL's equivalentClass | DavidRecordon and PaulTrevithick |
| required | TBD | Infocard | Id System Operations | boolean | TBD | MarkWahl |
| sample code | TBD | FOAF | App Development | probably URI | e.g. a foaf:mbox_sha1sum may have metadata with a link to a program code in C, Java, Ruby, PHP that generates this | MarkWahl |
| seeAlso | http://www.w3.org/2000/01/rdf-schema#seeAlso | OpenID AX | Application development | URLs | additional information | DickHardt |
| sensitivity | TBD | N/A | Display | TBD | attributes which are known to be sensitive and may not be suitable for display by default, such as "userPassword", "SSN", or elements that are personal private such as health status | Mark Wahl |
| stability | TBD | FOAF | App Development | unstable, testing and stable | Stability of the schema element | MarkWahl |
| string value restrictions | TBD | LDAP, Higgins, OpenID | Id System Operations | TBD, perhaps XML schema or BNF | Further restrictions that a (string) value can have, such as maximum length. (MaximumLength is desirable for OpenID) | DavidRecordon and PaulTrevithick |
| supertype | http://www.w3.org/2000/01/rdf-schema#subClassOf | LDAP, Higgins | Id System Operations | Attribute type identifier | Specify the supertype for a particular type (e.g., that "surname", "givenName" are subtypes of "name"). | MarkWahl |
| syntax | TBD | all | Id System Operations | various | The syntax of values of the attribute | DavidRecordon and PaulTrevithick |
| value ordering rule | TBD | LDAP | Display | LDAP uses an OID to reference a function | How to sort two values to put them in order | MarkWahl |
1.3. Metadata of schema elements other than attributes
| Element | RDF Property | Used By | Purpose | Syntax | Comment | Proposer |
|---|---|---|---|---|---|---|
| contributor, coverage, creator, date, description, format, identifier, language, publisher, relation, rights, source, subject, title, type | Schema-as-a-whole | N/A | Descriptive | various | Dublin Core Metadata Element Set 1.1 | MarkWahl |
| abstract, accessRights, accuralMethod, accrualPeriodicity, accrualPolicy, alternative, audience, available, bibliographicCitation, conformsTo, created, dateAccepted, dateCopyrighted, dateSubmitted, educationLevel, extent, hasFormat, hasPart, hasVersion, instructionalMethod, isFormatOf, isPartOf, isReferencedBy, isReplacedBy, isRequiredBy, issued, isVersionOf, license, mediator, medium, modified, provenance, references, replaces, requires, rightsHolder, spatial, tableOfContents, temporal, valid | Schema-as-a-whole | N/A | Descriptive | various | Dublin Core Additional Metadata Terms | MarkWahl |
| entry ordering rule and sort key | Objectclass | N/A | Display | TBD, perhaps a reference to an attribute and a URI to name a function | How to sort to entries to put them in order - what attribute is the sort key | MarkWahl |
| License style | Schema-as-a-whole | N/A | App Development | TBD, perhaps URI or keyword | link to the license that governs the schema (e.g. BCP 78) | MarkWahl |
| Superclass | Objectclass | LDAP | Id System Operations | Object class identifier | Specify the superclass for a particular object class (e.g. that "inetOrgPerson" inherits from "organizationalPerson"). | MarkWahl |
| Superschema | Schema-as-a-whole | LDAP | Id System Operations | TBD, perhaps a URL in place of the LDAPEXT OID | Specify the schemas on which this schema depends (e.g. that a particular organization's schema is dependent on a standard schema) | MarkWahl |
| kind | Objectclass | LDAP | Id System Operations | ABSTRACT, AUXILIARY or STRUCTURAL | what kind of objectclass is this | MarkWahl |
| name form | Schema-as-a-whole | X.500 | Id System Operations | Name Form Description | when constructing entries, what object classes should be used | MarkWahl |
| Contact name | Schema-as-a-whole | N/A | App Development | who to contact for more information | MarkWahl | |
| Contact info | Schema-as-a-whole | N/A | App Development | URI, probably an email address | who to contact for more information | MarkWahl |
| in Range of | Objectclass | FOAF | App Development | URI of RDF predicate | e.g. a foaf:Person is in the range of foaf:knows | MarkWahl |
| in Domain of | Objectclass | FOAF | App Development | URI of RDF predicate | e.g. a foaf:Group is in the domain of foaf:member | MarkWahl |
| required attributes | Objectclass | LDAP and SPMLv2/DSML | Id System Operations | attribute type names | list of required attributes of object class | MarkWahl |
| optional attributes | Objectclass | LDAP and SPMLv2/DSML | Id System Operations | attribute type names | list of optional attributes of object class | MarkWahl |
2. Supporting tables
These tables are to help with building the above table and then turning it into one or more formal representations.
2.1. Mandatory-To-Implement metadata in each identity system
This table lists the metadata which is required to express a schema element in a particular identity system. If this metadata is not present for an attribute, then that attribute can't be represented correctly in a particular identity system. Being able to support these is necessary for identity schema mapping.
| ID System | Element | On schema element(s) | Syntax | Comment |
|---|---|---|---|---|
| OpenID AX | http://www.w3.org/1999/02/22-rdf-syntax-ns#type | Attribute | the XML Schema data type or a type defined as per Section 3.1 (Data Format Types) of OpenID AX Attribute Metadata | |
| OpenID AX | http://www.w3.org/2000/01/rdf-schema#label | Attribute | string with xml:lang | The label is a short description of the attribute type. |
| OpenID AX | http://www.w3.org/2000/01/rdf-schema#comment | Attribute | string with xml:lang | The rdfs:comment element is used to provide a long textual description of the attribute type |
| LDAP and SPMLv2/DSML | Name | Attribute and Objectclass | letters, digits, hyphen, period | Each LDAP attribute and object class needs a type name or OID |
| LDAP | Syntax | Attribute | OID of syntax | The identifier of the syntax of this attribute |
| LDAP and SPMLv2/DSML | Required attributes | Objectclass | list of attribute types | The required attributes of a particular object class |
| LDAP and SPMLv2/DSML | Optional attributes | Objectclass | list of attribute types | The optional attributes of a particular object class |
2.2. Metadata in RDF
This table lists the metadata from section 1 which already have representation as RDF predicates.
| Metadata name | Predicate | Object | Defined by |
|---|---|---|---|
| contributor, coverage, creator, date, description, format, identifier, language, publisher, relation, rights, source, subject, title, type | various | various | Dublin Core Metadata Element Set 1.1 |
| abstract, accessRights, accuralMethod, accrualPeriodicity, accrualPolicy, alternative, audience, available, bibliographicCitation, conformsTo, created, dateAccepted, dateCopyrighted, dateSubmitted, educationLevel, extent, hasFormat, hasPart, hasVersion, instructionalMethod, isFormatOf, isPartOf, isReferencedBy, isReplacedBy, isRequiredBy, issued, isVersionOf, license, mediator, medium, modified, provenance, references, replaces, requires, rightsHolder, spatial, tableOfContents, temporal, valid | various | various | Dublin Core Additional Metadata Terms |
| N/A | http://www.w3.org/1999/02/22-rdf-syntax-ns#type | OpenID AX |
