Overview

Formalise SeamlessAccess trustinfo metadata as a REFEDS specification

Trustinfo metadata has been developed by the SeamlessAccess team. A working document exists and code is in development (perhaps even deployed) in SeamlessAccess. This work item is to take the specification through the REFEDS standardization process, which should facilitate uptake by federation operators.

A group mailing list can be found at: https://lists.refeds.org/sympa/info/trustinfo.

Terms

The following terms apply to all REFEDS Working Groups:

  1. When a working group is agreed, REFEDS Participants will be asked if they wish to participate. Working Groups tend to be small, so consensus can be achieved quickly between participants.
  2. A chair for the group is chosen from the REFEDS Participants.
  3. GÉANT provides facilities for the working group, including meeting support, wiki space, mailing lists and, where appropriate, funding.
  4. An appropriate output from the group is produced. Currently, this is typically a draft white paper or a wiki page.
  5. When the Working Group is in agreement, the chair shares the outputs with the wider REFEDS community with an open period for discussion and comment. This is typically a period of 4 weeks, but may be longer if appropriate.
  6. After this period of time, the REFEDS Steering Committee signs off on the work item. Work is either written up as a formal white paper, left on the wiki but promoted as finished work or occasionally submitted as an Internet Draft.

Chair

Alex Stuart (JISC)

Work Items

Outline expected outputs here. 

Calls

All calls should be noted on the wiki and minuted appropriately. 

Resources

Working Group Slack: edugain.slack.com #refeds-trustinfo

Mailing List: https://lists.refeds.org/sympa/info/trustinfo

Draft trustinfo specification from SeamlessAccess (google doc)

Draft Entity Selection Protocol specification from this REFEDS WG (google doc)


  • No labels

2 Comments

  1. What is the problem the SeamlessAccess Trustinfo want to solve? Where is it descibed?

    1. Hello János, sorry for the delay. We described the reason we set up the working group at https://refeds.org/a/2975. Here's an excerpt:

      Federation operators have rules for entity registration to ensure a good user experience within that federation. These rules are typically published in a Metadata Registration Practice Statement. When we look at a wider ecosystem where multiple federation operators register SPs and IdPs, we need prioritization and selection rules. The rule that many people know about is the metadata combination rule in eduGAIN metadata aggregation, which enforces unique entityIDs.

      However, unique entityIDs are not sufficient to provide a good user experience in an ecosystem. Accurate and complete metadata (such as DisplayName and logos) will help people select the appropriate IdP when logging in, although this still requires an individual to make the correct choice at login time. What if there was also a mechanism in metadata for an SP to describe which IdPs it would prefer to interoperate with? That’s what the REFEDS trustinfo metadata Working Group is exploring.

      We’re building on earlier work from SeamlessAccess to develop a specification that can allow SPs to identify a set of IdPs, either by entityID or generically by registrationAuthority or entity attribute. They coined the term “trustinfo” although we’re realising it’s actually an entity selection protocol.