REFEDS Assurance pilot telco
Wednesday 2nd May 2018 at 15:30 CEST/16:30 EEST/8:30 CDT
CERN’s Vidyo portal: https://www.nikhef.nl/grid/video/?m=rawg

Alan B
Michael S
Nicolas L
Daniel Y
Jim B
Pål A
Mikael L

Notes

  • for notice: RAF and SFA now submitted to REFEDS for public consultation
  • pilot IdPs and SPs
    • ELIXIR SP should now work for SFA/MFA too: https://perun.elixir-czech.cz/refeds-af-demo/
    • EGI Check-in SP still not part of eduGAIN so non-eduGAIN metadata exchange needed for testing with IdPs. Daniel and Jim are happy to exchange metadata to test their IdPs.
    • Chicago IdP plans to start by introducing the authentication contexts first and then ePAssurance values
    • CILogon SP doesn’t request any particular authentication context but consumes what the IdP asserts
  • new configurations and findings
    • Daniel to document how Chicago IdP tested the CILogon SP's authentication contexts
  • pilot final report
    • started working: https://wiki.refeds.org/display/GROUPS/RAF+pilot+final+report
    • Mikael to add that SimpleSAMLphp is indirectly covered by the ELIXIR Proxy IdP/SP proxy that further releases authentication context to the downstream SP.
    • Mikael to add an own section on the release of eduPersonAssurance attribute. Can the ePAssurance be included to the R&S attribute bundle? Can a recommendation be added to RAF that the CSP actually releases the ePAssurance attribute to a relying service?
    • the same applies with OIDC RPs; the RPs should request an appropriate scope (ePAssurance?) from the OP. Mikael to check with Niels the OIDCre working group's plans on scopes and eduPerson?
  • next call: 14 May  at 15:30 CEST/16:30 EEST/8:30 CDT

 

  • No labels