REFEDS Assurance wg telco
CERN’s Vidyo portal: https://www.nikhef.nl/grid/video/?m=rawg
Monday 23 April 2018 at 15:30 CEST/8:30 CDT
Daniel
Michael
Pål
Tom
Mikael
Notes
- Feedback from RAF status update in AARC2 AHM in Athens
- after dropping authentication, can we still call it REFEDS Assurance Framework? (REFEDS Identity Assurance Framework, instead)?
- Decided to stick to RAF; the big picture needs to bedescribed in an umbrella document
- should RP be able to request a particular eduPersonAssurance value? Would be possible on OIDC using scopes.
- No current need, maybe later in the roadmap when we understand that need better
- SFA profile:
- https://docs.google.com/document/d/1ZjpzyYWZhqjbTeIzxX9Vug9Whqb9YEkK29e1FBjL5VM
- enforcing complexity requirements for 72 char passwords? Decided to drop the complexity rules.
- remove product names (FreeOTP) and examples, people should refer to 800-63B instead
- passwords and lookup secret length is now comparable because the latter is assumed to be random and the former is not
- next steps
- one week time for people to provide their final comments
- if several comments, process them on Wednesday 2nd May at 15:30 CEST
- then expose a clean version of RAF and SFA to a public consultation
- assumption is the public consultation ends after REFEDS meeting in Trondheim