Open Questions

Status: draft. These questions are intentionally non-secret and implementation-neutral.

Canon Questions

Should Realm stay a Scope specialization, or does it need its own canonical concept because of issuer and federation semantics?
Should Customer Account become a canonical concept, or should customer account records remain downstream commercial modeling?
Should Team be modeled as a Group, Organization Unit, Community, or a separate specialization?
Should Legal Entity be a specialization of Organization or a relationship between an Organization and a legal system?
What fields are mandatory for every Relationship versus only for sensitive relationships such as delegation, representation, and synonymity?

Which confidence vocabulary should be used for weak matches?
What is the minimum evidence model for strong account links?
How should revocation or expiry of a synonymity assertion affect downstream caches?
How should privacy-limited links be represented so accidental broadening is visible during review?

Which source notes should be backfilled first: SCIM and LDAP for record semantics, OIDC and SAML for subject semantics, or OpenFGA and Cedar for authorization projections?
How much product-specific detail belongs in source notes versus downstream recommendations?
What citation format should the repo use once source notes are populated?