- Name: Policy on the definition of a PennName
- Number: 2005mmdd-pennnames-definition
- Authors: M. Sirota, M. Muth (ISC Networking)
- Status: [ ] proposed [ ] under review [X] approved [
] rejected [ ] obsolete
- Date proposed: 2005-03-15
- Date revised: N/A
- Date approved: 2005-11-28
- Effective date: 2005-12-06
- Authority and Responsibility
Information Systems and Computing's Networking organization
is the organization at the University of Pennsylvania that has custodial
responsibilty and accountability for the PennNames service which is
integral to the operation of the Penn-wide user namespace.
- Executive Summary
This policy specifies the characteristics of a legal
PennName, including the length, alphabet, and structure.
The purpose of this policy is to specify the characteristics
of a legal PennName, including the length, alphabet, and structure.
- Risk of Non-compliance
If PennNames are not handled in compliance with this policy,
unauthorized access to systems, applications, and/or data may occur and
access to University-wide services may fail or be impaired.
- The set of all unique usernames that could be assigned on
- A PennName is a username which is unique to each
individual at Penn. It may be used on multiple systems at Penn for that
individual's accounts. Association between an individual and the
PennName is maintained using the PennNames service (see References,
below). A PennName may also be a reserved name which is not
explicitly tied to a particular individual. These are often used for
mailing lists, aliases, or accounts not tied to a particular person
- PennNames is a service to support migration to and
maintenance of a common University namespace. It consists of a
database, a set of system administrator tools, and basic policies.
- PennName sponsor
- This is a school, center or service that uses
PennNames to register its use of a PennName for a service or system. A
particular PennName may have multiple sponsors if an individual has (or
had) access to multiple systems or services at Penn (see References,
below), or if multiple systems have role accounts or mailing lists by
the same name.
This policy applies to any PennNames-compliant system (see
- Statement of policy
A PennName has the following characteristics:
- A PennName has a minimum of two characters.
- A PennName has a maximum of eight
- A PennName may contain the lowercase letters
a through z.
- A PennName may contain numerics 0
- No other characters are permitted.
- The first character must be an alpha.
- Recommendations and Best Practices
- It is wise to avoid polluting the namespace with
unneeded names, because the set of legal PennNames is finite and the
population is constantly growing, and so many new individuals find that
"all the good ones are taken". Where appropriate for role accounts and
mailing lists, systems should choose existing reserved names or names
that do not fall within the set of legal PennNames, such as those with
- Systems should be designed for the possibility that
the characteristics of legal PennNames may change in the future to
expand the set of available names, such as by increasing the maximum
length or adding more characters to the alphabet.
- Verification: Verification of this policy
will occur during the course of troubleshooting.
- Notification: Notification of compliance
issues will be made to PennNames sponsors, associated LSPs and computing
- Remedy: Existing conflicts created prior to
this policy should be resolved as soon as possible. A server or service
with many names out of compliance may be deemed non-PennNames compliant
and therefore experience loss or limited access to University-wide
- Financial Implications: The PennName sponsors
and ISC bear the staff time costs associated with PennName compliance.
- Responsibility: Responsibility for complying
with this policy lies with PennName sponsors and ISC.
- Time Frame: This policy is a formal statement
of working policy that has been in place since 1997 (see References,
- Enforcement: Failure to comply with policy
may lead to a system or service being declared non-PennNames compliant,
with attendant risk of loss of service.
Appeals should be escalated within the affected organizations, for
resolution by the respective IT Directors. If the conflict cannot be
resolved, the IT Directors should present their cases in writing to the
Network Policy Committee (NPC). The NPC will recommend a resolution. If
either of the parties reject the NPC's recommendation, they should take
the issue up with the heads of their respective schools or centers. The
Vice President of Information Systems & Computing should be
consulted if further resolution is required.