Provide guidance on SPIFFE ID naming schemes for different use cases

[sanderson042]

@sigtrap suggested to me that it would be useful to have documentation on spiffe.io that describes suggested SPIFFE ID naming schemes based different use cases. By naming scheme, I mean a logical way to manually or programmatically choose the trust-domain-name and optional path in a SPIFFE ID (spiffe://trust-domain-name/path) so each SPIFFE ID is unique and descriptive and so the naming scheme scales. For example, the SPIFFE ID naming scheme would likely be different for a simple single-cluster Kubernetes setup versus a large multi-cluster setup.

@sigtrap and myself plan to collaborate on this documentation and submit a PR. We realize that many of the SPIFFE maintainers and others would be interested in shaping this documentation, so that is a welcome part of the discussion on this GitHub issue and during the PR review process.

An appropriate place for this new page could be https://spiffe.io/docs/latest/planning/ As part of adding this new page, existing spiffe.io docs that mention SPIFFE IDs, like SPIFFE Concepts, should be updated to link to the new page.

[mchurichi]

Hey @sanderson042. Are @sigtrap and you still up for this? Anything I can help with?

[sanderson042]

Hi @mchurichi - I don't think Ken is with us at HPE anymore. He was the mastermind on this idea and I don't have the cycles to work on it by myself. I think this could be just closed, or marked enhancement, or if you want to write something I can edit it.

[mchurichi]

@sanderson042 Alright, I think this is still something useful to have. Let's leave this issue open for now in case someone else is willing to contribute.