Space for the OpenID Connect for Research and Education Working Group. To participate please join the mailing list
The following terms apply to all REFEDS Working Groups:
- When a working group is agreed, REFEDS Participants will be asked if they wish to participate. Working Groups tend to be small, so consensus can be achieved quickly between participants.
- A chair for the group is chosen from the REFEDS Participants.
- GEANT provides facilities for the working group, including meeting support, wiki space, mailing lists and, where appropriate, funding.
- An appropriate output from the group is produced. Currently, this is typically a draft white paper or a wiki page.
- When the Working Group is in agreement, the chair shares the outputs with the wider REFEDS community with an open period for discussion and comment. This is typically a period of 4 weeks, but may be longer if appropriate.
- After this period of time, the REFEDS Steering Committee signs off on the work item. Work is either written up as a formal white paper, left on the wiki but promoted as finished work or occasionally submitted as an Internet Draft.
Niels van Dijk (SURFnet).
Ideas for work items for the group:
OIDC profile for eduPerson attributes
OpenID Connect (OIDC) offers an Authentication protocol similar to SAML. Many of the participants in REFEDs use the well know eduPERSON and SCHAC schema to express attributes when using SAML
To effectively use OIDC in R&E it would be nice if some guidelines would exist how to deal with this difference.
This activity investigates the best way to deal with the differences between definitions in attributes and claims. Next to participants from REFEDs the activity will try to engage relevant parties including MACE-DIR, SCHAC and OIDC standardisation bodies
Planning spreadsheet: https://docs.google.com/spreadsheets/d/1YirGURSkivafVSZCykDuqQjKGKlUu4uHHNHTNB-n_Ic/edit.
Notes from EWTI: http://etherpad.ewti.eu:9001/p/g.bIyUOSNaD6Z1zFWX$mappingedupersonto.
Mailing list: https://lists.refeds.org/sympa/info/oidcre
GitHub space: https://github.com/refeds-oidcre
Scope, Activities and planning
- OIDC federation (from EWTI 2015).
- OTTO working group.
- OpenID Consent and Shib Demo - PDF for this session- scribing Google Doc (from ACAMP 2015).
- OpenID Connect - scribing Google Doc (from ACAMP 2015).
- JSON Web Token Claims Registry
- OIDC Core Specification
- AAF Rapid Connect - includes eduperson attributes in JWT
- InCommon OIDC Survey WG