Present

Minutes

Albert gave us an update from the SeamlessAccess comms Working Group (Monday 2024-10-28). It appears that the Advanced mode of integration is becoming less attractive to SPs, and there is a lot of interest in moving to the Standard or Limited integration. And with this move, SPs will also have to move from the SP-managed button. Therefore there is more urgency in getting the metadata mechanism correct.

InCommon's current plan is to provide a checkbox whether to include the InCommon profile data. However, publishers will want to have detailed control over the filtering rules (adding IdPs, primarily) so the "federation profile" will not be a full solution.

LibLynx appears to be one of the SPs (publisher platform) which is keen to explore the move. They have registrations in multiple federations including InCommon and UK federation so any federation-mediated solution will need to be widely usable.

Some unresolved questions:

  • Assuming a federation-mediated solution, how would fedops communicate the requirements to the SPs?
  • How would SPs build the blob? Will there be an online tool for generating the BASE64-encoded blob or do we expect the SP operators to create it themselves?
  • Where would the encoded blob get validated? Ultimately that's at the metadata consumer (SeamlessAccess), and the metadata intermediaries can just pass the blob straight through.
  • All the issues about logical combination rules would need to be addressed
  • how SPs will update their filtering rules (either at fedop or in SeamlessAccess directly)

The Working Group's interim report needs this content:

  • define REFEDS remit and what's on SeamlessAccess
  • just the metadata solution not the button.
  • EA definition and encoding
  • Profile only for one instance of EA. Says nothing on multiple instances.
  • write considerations for fedops on use of metadata
  • SeamlessAccess need to define feature, how to parse it, how to support it
  • SeamlessAccess owns the ongoing development
  • REFEDS can do consultation and do quality control (both trustinfo spec and transport) but would not want to do lots of consultation
  • As we've seen previously, REFEDS can't enforce adoption or ensiure policy is followed, that's for organisations with operational responsibilities


  • No labels