The REFEDS Assurance WG was established in 2016 to address the needs in Research & Education (R&E) of defining a minimal degree of identity and authentication assurance. After successful community consultations, the first version of the REFEDS Assurance Suite was published in 2017 and 2018, being comprised of the REFEDS Assurance Framework (RAF), the REFEDS Single Factor Authentication Profile (SFA) and the REFEDS Multi Factor Authentication Profile (MFA).
Although the REFEDS Assurance Suite specification is, in itself, considered as complete, there are various aspects which still remain unaddressed. An informal report (Work in Progress) addressing these aspects has been drafted which is accessible here:
The goal as of 2021 of this working group is to
- revisit and modernize the specifications (formal review)
- ensure test facilities are in place to enable adoption
To participate in the group please sign up to the mailing list. There is also a slack channel in the eduGAIN space (https://edugain.org/slack #assurance)
Regular WG Calls
Regular biweekly Assurance WG Calls will continue in 2021. They start as of January 14, 2020 at 16 CET, UTC+1 (even calendar weeks).
Meeting notes are captured in gdoc.
Ideas for work items for the group:
- Engage with eduGAIN service task for assurance test capabilities within eduGAIN Attribute Release Check (https://release-check.edugain.org/)
- At the same time NIH is also building a testing tool
- Investigate NIST 800-63 ver. 3 requirements on Identity Assurance (IAL) and decide about providing a second version of REFEDS RAF
- Revisit MFA Profile
- Finalize logos for Assurance, R&S, CoCo specifications
The following terms apply to all REFEDS Working Groups:
- When a working group is agreed, REFEDS Participants will be asked if they wish to participate. Working Groups tend to be small, so consensus can be achieved quickly between participants.
- A chair for the group is chosen from the REFEDS Participants.
- GEANT association provides facilities for the working group, including meeting support, wiki space, mailing lists and, where appropriate, funding.
- An appropriate output from the group is produced. Currently, this is typically a draft white paper or a wiki page.
- When the Working Group is in agreement, the chair shares the outputs with the wider REFEDS community with an open period for discussion and comment. This is typically a period of 4 weeks, but may be longer if appropriate.
- After this period of time, the REFEDS Steering Committee signs off on the work item. Work is either written up as a formal white paper, left on the wiki but promoted as finished work or occasionally submitted as an Internet Draft.
- published in Assurance space
Previous Public Consultations
- second public consultation (May-June 2018)
- first public consultation in (April-June 2017)
- REFEDS Assurance Framework (pdf)
- Comments received and working group resolutions
- REFEDS Assurance Framework (WG proposal)
- REFEDS Single-factor authentication profile (WG proposal)
- Pilot on RAF, SFA and MFA (spring 2018)
Working group calls
Current meeting notes (since 2020) are captured here: https://docs.google.com/document/d/1tzhhGcMYd1DlwewPwwjeFg8MdcSWX26tPxeY7zwPNRw/edit?usp=sharing
- Webinar on REFEDS Assurance Suite 13 December 2018 (stream, slides)
- Presentation on Internet2 2018 Technology Exchange 16 Oct 2018
- Presentation in AARC All-hands meeting 11 Apr 2018
- Presentation in AARC Infoshare 24 May 2017
- Presentation in InCommon assurance call 4 Jan 2017
- AARC LoA task documents
- IGTF Levels of Authentication Assurance
- Baseline Expectations for Trust in Federation
- InCommon Multi-Factor Authentication WG final report