Versions Compared

Old Version 8

changes.mady.by.user Andrew Cormack

Saved on

compared with

New Version 9

changes.mady.by.user Nicole Roy

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...


Line Number / ReferenceProposed Change or QueryProposer / AffiliationAction / Decision (please leave blank)
125"continual trust improvements" this phrase is not very clear to me. What is a "trust improvement"?Hannah Short/CERN
229the majority of the requirements are SAML independent, is there any reason to tie this to SAML? It might be more useful for future OIDC fed efforts if it were genericHannah Short/CERN



337/51/64should these contacts also cover security issues as well as operational?Hannah Short/CERN
439/53I suppose it's intentional that Sirtfi is not mentioned? Is it intended that the "security practices" be the ones from Sirtfi? It may be worth clarifying somehow, though I appreciate the value of keeping the docs independentHannah Short/CERN
5additional requirementProposed addition: "Any Federation services must support the exchange / storage and processing of personal information compliant with GDPR”Andreas Matheus, Secure Dimensions
6NARe: the comment on line 5 of this consultation table- many jurisdictions in which R&E federations operate are not subject to GDPR. I'd suggest something much more general such as "respect the privacy rights of individuals".Nic Roy, InCommon
710Typo of "interfederatons" for "interfederations"Andrew Cormack/Jisc
7830Maybe clearer to explicitly add, "Those organisations are referred to as XXX Operators."Andrew Cormack/Jisc
8937[IdP3] feels like "You publish contact information and respond in a timely fashion to operational issues", rather than "Your IdP must have contact information..."?Andrew Cormack/Jisc
91051

[SP3] feels like "You publish contact information and respond in a timely fashion to operational issues", rather than "Your Service must have contact information..."?

Andrew Cormack/Jisc
101158typo of "respects" for "respect".Andrew Cormack/Jisc
111258/9"unless governed by an applicable contract" seems odd, better maybe "requirements may be set out in an applicable contract"?Andrew Cormack/Jisc
121362typo "be" for "are"Andrew Cormack/Jisc
131464[FO2] feels like "You publish contact information and respond in a timely fashion to operational issues", rather than "Your Service must have contact information..."?Andrew Cormack/Jisc

...