Versions Compared

Old Version 50

changes.mady.by.user Nicole Harris

Saved on

compared with

New Version 51

changes.mady.by.user Nicole Harris

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Title

Focus on R&S adoption

DescriptionWhat is needed to jump start R&S programs in more national Feds? Produce recommendations, possibly including training, template processes and communication materials, live exchanges between Feds with established practices and others getting ready to dig into it.
ProposerAnn West (communicated by Tom Barton, as version history will attest)
Resource requirementsWorking Group with representation from a couple of national Feds already doing R&S with a couple not quite there yet. Maybe 6 conference calls and list support. Could lead to a further event programming activity.
+1'sScott Koranda, Wendy Petersen (CAF), Ann West (wink), Andrew Cormack, Maarten Kremers
ConsensusFrame as continuing work on Entity Categories.  Develop easy to consume legal opinion / cookbookHow do we assess success or failure? Tools for monitoring (see FedLab).
Title

Contacts in Metadata

Description

As interfederation increases in scope, so does the importance of contact information in metadata. The goal of this work group is to clarify and perhaps profile the use of contacts in metadata. Possible work items include:

  • Under what situations (if any) is contact information required?
  • What are the intended uses of specific contact types?
  • Clarify the use of the mailto: prefix.
  • Standardize the usage of GivenName and SurName elements in metadata.
  • Recommend new contact types as needed (e.g., a security contact)
  • Discourage the use of individual email addresses in favor of role-based email addresses (such as help_desk@example.org)
ProposerTom Scavo
Resource requirementsFederations have a long history of the use of contact information in metadata and so widespread agreement may be difficult to achieve but presumably the results of this working group will make it easier for entities to interfederate
+1'sScott Cantor
ConsensusLightweight review / survey of existing practice and report back for now.

...

Title

Federation at scale

DescriptionDetermine next steps towards dynamic resolution of entity metadata. The assumption is that this is how metadata will eventually be obtained at transaction time. This activity might focus on furthering the development and experimentation with protocols and implementations for so doing, or on how metadata comes to be sourced for dynamic resolution, or on identifying criteria by which to assess that a given dynamic resolution mechanism is working well. The purpose is to gain further experience and not necessarily to attempt anything definitive as yet.
ProposerTom Barton
Resource requirementsThis one might have some hard resource needs. Some development. An environment in which to try things out, somehow including IdP or SP instances with which to experiment.
+1'sLukas Hämmerle
ConsensusScope as continuation of MDQ work lead by Ian - encourage participation in pilot of this work (including edugain).
Title

Fresh Approaches to IdP Discovery

Description

REFEDS has long appreciated the importance of IdP discovery in the federated model (see: REFEDS Discovery Guide). The current discovery model is dependent upon an aggregate of IdP metadata but advances in the distribution of per-entity metadata suggest that an aggregate may not always be available at the SP. A new model of IdP discovery in a world of per-entity metadata may be needed. Various approaches are possible:

  • continued reliance on a comprehensive aggregate of IdP metadata

  • a google-like, server-side search mechanism (trading latency for load time)

  • domain mapping eduroam-style

  • a client-side application or plugin

The latter includes the OpenID account chooser but its relevance in this space is not well understood.


The goal of this working group is to evaluate the various alternatives to IdP discovery and to recommend one or more approaches that warrant further consideration.
ProposerScott Cantor and Tom Scavo
Resource requirementsNote the overlap between this proposal and the proposal entitled "Federation at scale" above
+1's 
ConsensusFold in to MDQ work.

...

Title

Best practices for Hub-and-Spoke federation

Description

Hub-and-Spoke federations operate a centralized authentication component as part of their Identity Federation. In Reseach and Education about 10 federations are currently running such a setup.

This activity gathers best practices form those running such federations. Possible topics may include:

  • Operational topic, e.g. scale and security
  • Enduser, IdP and SP support
  • Trust establisment, privacy preservation and policy
  • Business cases for running a central component
  • Augmenting federation with e.g. group management, attribute aggregation, stepup authentication, credential and protocol translation and autherization
  • Working with metadata
  • Available tools and technologies
  • Working with eduGAIN, Code of Conduct and attribute bundles
  • Combining Hub-and-Spoke and Mesh federation technology
ProposerNiels van Dijk
Resource requirementsSeveral conference calls, a wiki space, pehaps one or two f2f discussion meetings at existing venues
+1'sLaas Toom (EENet), José Manuel (SIR), Mads Freek (WAYF), Pieter van der Meulen (SURFnet)
ConsensusTake forwardProceed