REFEDS assurance wg vc

Monday 6th February 2017 at 14:30-15:30 (UTC), 15:30-16:30 (CET), 8:30-9:30 (CST)
David G



  • main updates after last vc
    • Last meeting’s decisions integrated to the document
    • “Single” replaced by “good-entropy”
    • Profile names: cappuccino and espresso
    • Added examples on SAML Authentication Contexts to the appendix
  • open items
    • Will we rename the profile to “REFEDS assurance framework”?
      • Yes, to avoid overloading work "profile" let's call it REFEDS assurance framework
    • version number in $PREFIX$?
      • Drop versions completely from the URI.
      • If something is later changed in a document update, change the related value of the URI
    • Drop “(none)” rows?
      • Let's drop  the (none) rows from the tables, they don't add value
    • CSP’s conformance criteria: IdP’s privacy policy required?
      • Drop the requirement for an IdP's privacy policy link in its metadata. It has limited benefits but may hinder adoption because many organisations feel the privacy policy is an internal document that needs not to be published to the Internet
    • new profile Cappuccino+IAP/verified (“the most common scenario”)
      • ask people’s opinion in the public consultation.
  • REFEDS authentication context definitions
    • MFA
      • Maarten reported GEANT's work on the MFA profile. The profile appears to be nearly ready.
    • good-entropy
      • That profile needs still more work 
  • public consultation
    • The working group sees that the assurance framework document is now ready for public consultation
    • The chair will contact REFEDS secretariat regarding the practicalities
    • It was suggested to use the opportunity to announce the consultation in Vienna 


- next vc: after the consultation is over or earlier if needed


  • No labels