Discussion items


Draft minutes

Miro -  doing audits of IdP and SPs during the past 5 years . at this moment we have several feedbacks from the SPs and IdPs in which they rely on this.

(one of the benefits of H&S architecture)

EIDAS(?) audit check

effort required is 4 'man months' per year

Davide - as a full mesh we check IdPs and SPs - some interactive checks . mainly for IdPs. have thought about SPs

Alex - UKAMF places a lot of trustworthiness in metadata correctness. First aspect is ISO27001 certification for audit-able processes. the other aspect is

metadata checking tools (eg from Ian Young)

Tom - asking Alex - curious when reading...what is UKs boundary to the trust concept.

Davide - also a comment 'a lot of trust built up on existing trust relationships within an NREN'

Nicole - metadata registration practices are another view of trust

FP02 - Miro, words sound a bit general but okay

FP03 - Alex making a different point. on WIKI - UK rules and filtering.... secure/trustworthy transactions but also focussed on interoperability.

interoperable is a missing word here?  add to secure and trustworthy?

Davide - add it as a new expectation

Tom - maybe a new term related to reachability.  may not guarantee reachability -

Nicole, some federations require other with payment/subscriptions. 

Alan - IdPs and SPs have the power/right to choose their relying parties

Tom - okay, lets be careful of word guarantee.

  • No labels