REFEDS Assurance pilot telco
Wednesday 2nd May 2018 at 15:30 CEST/16:30 EEST/8:30 CDT
CERN’s Vidyo portal: https://www.nikhef.nl/grid/video/?m=rawg
- for notice: RAF and SFA now submitted to REFEDS for public consultation
- pilot IdPs and SPs
- ELIXIR SP should now work for SFA/MFA too: https://perun.elixir-czech.cz/refeds-af-demo/
- EGI Check-in SP still not part of eduGAIN so non-eduGAIN metadata exchange needed for testing with IdPs. Daniel and Jim are happy to exchange metadata to test their IdPs.
- Chicago IdP plans to start by introducing the authentication contexts first and then ePAssurance values
- CILogon SP doesn’t request any particular authentication context but consumes what the IdP asserts
- new configurations and findings
- Daniel to document how Chicago IdP tested the CILogon SP's authentication contexts
- pilot final report
- started working: https://wiki.refeds.org/display/GROUPS/RAF+pilot+final+report
- Mikael to add that SimpleSAMLphp is indirectly covered by the ELIXIR Proxy IdP/SP proxy that further releases authentication context to the downstream SP.
- Mikael to add an own section on the release of eduPersonAssurance attribute. Can the ePAssurance be included to the R&S attribute bundle? Can a recommendation be added to RAF that the CSP actually releases the ePAssurance attribute to a relying service?
- the same applies with OIDC RPs; the RPs should request an appropriate scope (ePAssurance?) from the OP. Mikael to check with Niels the OIDCre working group's plans on scopes and eduPerson?
- next call: 14 May at 15:30 CEST/16:30 EEST/8:30 CDT