This list of Frequently Asked Questions is provided to complement the information contained in the Sirtfi Trust Framework Document.
General Questions
Q: What are the benefits of joining the Sirtfi trust network?
A: A brochure detailing the benefits of Sirtfi is in progress [TBC] for overlapping content see: http://www.slideshare.net/HannahShort1/what-will-sirtfi-change-for-fim4r-55884279
Q: How do I join the Sirtfi trust network?
A: Full instructions on how to express compliance with the framework can be found… [TBC]
Q: Who can I ask for help?
A: Your Federation Operator will be able to guide you or, if required, redirect you to appropriate individuals within REFEDS.
Q: What happens if an organisation fails to comply with the Sirtfi trust framework in the event of a federated incident?
A: The Sirtfi compliance element will be removed from the organisation's metadata... [TBC]
Q: Are there any requirements for data protection?
A: No data protection requirements are stipulated within the Sirtfi framework. An organisation should analyse their own risk profile in terms of personal data and take corresponding precautions.
Q: Are there any requirements for assurance of users' identity? For example, is there a security requirement for all accounts be linked to identifiable individuals?
A: This requirement contributes to the definition of the Level of Assurance (LoA) of an IdP. Requirements for LoA have not been included in the Sirtfi trust framework although there is a certain overlap. There is ongoing work in the AARC project to provide guidelines on a baselinelevel of assurance https://aarc-project.eu/workpackages/policy-harmonisation/ General questions are listed on the public facing site: https://refeds.org/sirtfi/sirtfi-faqs
...
Questions on Sirtfi Assertions
...