Versions Compared

Old Version 25

changes.mady.by.user Alan Buxey

Saved on

compared with

New Version 26

changes.mady.by.user Alan Buxey

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Title
Description

Browser changes and FedCM

Background:

FedCM ("A privacy preserving federated identity Web API" - quote from GitHub) is several browser vendors go at ensuring users can still use buttons for "Sign in with <third party IdP vendor>..." even as the privacy preserving practices around third party cookies etc. are rolled out - privacy practises that would inevitably break the current login pattern. This baseline will enable us to continue offering our R&E community federated access as long as we take part in its development, and adapt our communities critical software stacks.


Input/Requirements:

  • The hackathon experience
  • Participation from critical software stacks
  • Participants to attend W3C to advocate for resolving any issues raised by R&E stacks


Output:

  • Create a TL;DR, a recorded presentation (Geant), and include an initial resource center and find maintainers of the resource center. - Albert Wu Albert Wu Leif Johansson 
  • A cadence of communications activities around FedCM in particular and browser changes in general focused on federation communities eg eduGAIN, CACTI/Internet2, etc. 
  • Recommendations for how software developers /software stacks and federation operators implement and respond to Fed CM. – Leif J
  • Common communication language for larger scale motivation of resources. - Chris P


TL;DR:

<technical shorts>

<proposed flow chart through API at this stage, can be updated as it is adapted>


Call to action:

This new approach to protect end user privacy that browsers are proposing appears to have significant impact to R&E federation access practices. If you have software, have your developers reviewed https://fedidcg.github.io/FedCM/? Are they aware of a hackathon planned in Feb to test R&E tools and provide the W3C with feedback? Have you considered business continuity effects for your systems, especially if your suppliers do not address the new browser controls? A REFEDS working group is proposed for 2023 workplan 2023 Work Plan Preparation.


Resources:

Proposer

Zacharias Törnblom, Judith Bush

Resource requirementsNeed technical experience as well as CSuite outreach
+1's

Chris Phillips Leif Johansson Leif Johansson Nicole Roy Alex Stuart Alan Buxey 


Title
Description

OpenID Connect Federation Operations including some work on how we deploy the OIDC Fed spec in a way to make it interoperable between different federations (a la eduGAIN).

ProposerNicole Roy 
Resource requirements

Technical experience, OIDC for Federations knowledge, need some FedOps staff to help think this through

+1's

Judith Bush Anass CHABLI Alex Stuart Pål Axelsson 

...