- are SFA and MFA incremental?
- REFEDS MFA is mostly an interoperability profile with little qualitative requirements to the MFA but SFA has also qualitative requirements for the tokens (currently passwords)
- therefore SFA and MFA are not comparable and cannot be defined to be incremental
- this means also that Cappuccino and Espresso are not incremental
- floor value for ID vetting
- Pål suggests to have a new ID proofing value to indicate self-asserted ID with e-mail handshake and Captcha. The value would be useful for homeless IdPs
- the value would be weaker than verified and assumed in the hierarchy and table
- Pål will write a draft of the text
- extend ePA-1m to cover eduPersonPrimaryAffiliation as well
- ePPA added for consistency
- section 5 3 on conformance criteria: Federation metadata is accurate, complete and includes [...] MDUI information? What MDUI information exactly?
- refined the criteria: at least one of the following contacts: admin, technical, support, security.
- MDUI:No MDUI information requires for RAF as it serves usability whereas RAF focuses on assurance
- goal is still to expose all 4 documents to a public consultation together: RAF, SFA, BCP for AD and BCP for OpenLDAP