1. Title

    1. Name: Policy on the definition of a PennName
    2. Number: 2005mmdd-pennnames-definition
    3. Authors: M. Sirota, M. Muth (ISC Networking)
    4. Status: [ ] proposed [ ] under review [X] approved [ ] rejected [ ] obsolete
    5. Date proposed: 2005-03-15
    6. Date revised: N/A
    7. Date approved: 2005-11-28
    8. Effective date: 2005-12-06


  2. Authority and Responsibility

    Information Systems and Computing's Networking organization is the organization at the University of Pennsylvania that has custodial responsibilty and accountability for the PennNames service which is integral to the operation of the Penn-wide user namespace.

  3. Executive Summary

    This policy specifies the characteristics of a legal PennName, including the length, alphabet, and structure.

  4. Purpose

    The purpose of this policy is to specify the characteristics of a legal PennName, including the length, alphabet, and structure.

  5. Risk of Non-compliance

    If PennNames are not handled in compliance with this policy, unauthorized access to systems, applications, and/or data may occur and access to University-wide services may fail or be impaired.

  6. Definitions

    Namespace
    The set of all unique usernames that could be assigned on PennNames-compliant systems or services.
    PennName
    A PennName is a username which is unique to each individual at Penn. It may be used on multiple systems at Penn for that individual's accounts. Association between an individual and the individual's PennName is maintained using the PennNames service (see References, below). A PennName may also be a reserved name which is not explicitly tied to a particular individual. These are often used for mailing lists, aliases, or accounts not tied to a particular person ("role" accounts).
    PennNames
    PennNames is a service to support migration to and maintenance of a common University namespace. It consists of a database, a set of system administrator tools, and basic policies.
    PennName sponsor
    This is a school, center or service that uses PennNames to register its use of a PennName for a service or system. A particular PennName may have multiple sponsors if an individual has (or had) access to multiple systems or services at Penn (see References, below), or if multiple systems have role accounts or mailing lists by the same name.

  7. Scope

    This policy applies to any PennNames-compliant system (see References, below).

  8. Statement of policy

    A PennName has the following characteristics:

    1. Length
      1. A PennName has a minimum of two characters.
      2. A PennName has a maximum of eight characters.
    2. Alphabet
      1. A PennName may contain the lowercase letters a through z.
      2. A PennName may contain numerics 0 through 9.
      3. No other characters are permitted.
    3. Structure
      1. The first character must be an alpha.

  9. Recommendations and Best Practices

    1. It is wise to avoid polluting the namespace with unneeded names, because the set of legal PennNames is finite and the population is constantly growing, and so many new individuals find that "all the good ones are taken". Where appropriate for role accounts and mailing lists, systems should choose existing reserved names or names that do not fall within the set of legal PennNames, such as those with punctuation.
    2. Systems should be designed for the possibility that the characteristics of legal PennNames may change in the future to expand the set of available names, such as by increasing the maximum length or adding more characters to the alphabet.

  10. Compliance

    1. Verification: Verification of this policy will occur during the course of troubleshooting.
    2. Notification: Notification of compliance issues will be made to PennNames sponsors, associated LSPs and computing directors.
    3. Remedy: Existing conflicts created prior to this policy should be resolved as soon as possible. A server or service with many names out of compliance may be deemed non-PennNames compliant and therefore experience loss or limited access to University-wide services.
    4. Financial Implications: The PennName sponsors and ISC bear the staff time costs associated with PennName compliance.
    5. Responsibility: Responsibility for complying with this policy lies with PennName sponsors and ISC.
    6. Time Frame: This policy is a formal statement of working policy that has been in place since 1997 (see References, below).
    7. Enforcement: Failure to comply with policy may lead to a system or service being declared non-PennNames compliant, with attendant risk of loss of service.
    8. Appeals: Appeals should be escalated within the affected organizations, for resolution by the respective IT Directors. If the conflict cannot be resolved, the IT Directors should present their cases in writing to the Network Policy Committee (NPC). The NPC will recommend a resolution. If either of the parties reject the NPC's recommendation, they should take the issue up with the heads of their respective schools or centers. The Vice President of Information Systems & Computing should be consulted if further resolution is required.

  11. References

Valid HTML 4.01!