...
Title | One last attempt at harmonizing identifier use |
---|---|
Description | The existing identifier complexity is maddening. Possibly push for adoption of the Subject-ID spec everywhere an identifier is needed, to reduce complexity for all involved going forward. Replaces eduPersonTargetedID, SAML 2.0 persistent NameID, eduPersonUniqueID and (partially) eduPersonPrincipalName. Might help align with private/public identifiers in OIDC.
Content-wise this could say something: For SPs, signal/use subject-id if you require a shared/public identifier, if not available also accept ePUID (if not available also accept ePPN?). Signal/Use pairwise-id if you don't require correlation between multiple SPs, if not available also accept persistent NameIDs (in the Assertion's Subject), if not available also accept eduPersonTargetedId. For IDPs, have them all available, but release in the given precedence if multiple ones are signalled by the SP. I.e., provide strong guidance on what to use when (achieve consistency, lessen complexity mid-term), but help with interop today (and possibly improve privacy and data protection compliance) by giving precendece lists for alternative attributes. |
Proposer | peter@aco.net |
Resource requirements | Lots of shepherding, discussions with R&S and CoCo deployers, eduGAIN Steering, etc. |
+1's | Nick Roy, InCommon |
Title | OIDCre federation policies |
---|---|
Description | OIDCre federations are moving into pilot phases and discussions on how to run hybrid SAML/OIDC federations are happening now. Rather than having to go back and try and normalize the policies for OIDCre federations, let's take a look at what we think the policy space should look like and create the necessary templates |
Proposer | TIIME 2018, roland@sunet.se |
Resource requirements | ? |
+1's | Nick Roy, InCommon |
Title | Federation 2.0 |
---|---|
Description | With OIDC federation and MDQ/per-entity upcoming, it's time to look deeply into how to operate R&E Federations in a hybrid SAML/OIDC manner. What are the Sources of Authority and what actors/orgs should assume which roles and perform which tasks to support this global trust infrastructure. Federations have been in existence now for 15-ish years. Let's step back and take a look at whether the current model is the right model for going forward. How should R&E federations evolve? Highly related to the OIDCre Federation Policies topic. |
Proposer | Tom Barton |
Resource requirements | ? |
+1's | Nick Roy, InCommon |
Title | Evolution of SIRTFI |
---|---|
Description | The working group likely needs to focus on adoption of the existing SIRTFI. This work proposes to discuss how to evolve SIRTFI to include more MUSTS and otherwise react to an ever-changing security landscape. |
Proposer | TIIME 2018 |
Resource requirements | ? |
+1's |
...
Title | VO friendly eduGAIN |
---|---|
Description | REFEDS may have a role in providing broader community input into eduGAIN policies and services. eduGAIN needs more education and explanation of what's possible within federations that are a part of eduGAIN - simply saying "they are a member" does not mean that all federations integrate with eduGAIN in the same manner. There may be some integration between this and the service catalog work, as that kind of information on what's possible may involve more detailed metadata information in the eduGAIN feed. |
Proposer | TIIME 2018 |
Resource requirements | ? |
+1's | James Alan Basney scott.koranda@ligo.org mark.williams@jisc.ac.uk Nick Roy, InCommon |
Title | The .int federation |
---|---|
Description | The upcoming FIM4R paper talks about a boundary-less international federation. This group would talk about how to make that happen |
Proposer | TIIME 2018 |
Resource requirements | ? |
+1's |
...