You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Next »

As part of the work for phase 1 of the SIRTFI implementation plan (https://wiki.refeds.org/display/GROUPS/SIRTFI), SIRTFI is proposing a security contact metadata extension, with the intent that it would be adopted by REFEDS member federations in order to allow handling of security incidents between federation partners.  
InCommon has been using a similar metadata schema extension outlined below for several years and it has proven useful for IdP and SP operators. A recent presentation by Jim Basney at the WISE workshop gives more detail. The implementation within InCommon metadata is defined in this XSD, maintained by Ian Young:  https://github.com/ukf/ukf-meta/blob/master/xml/incommon-metadata.xsd.  

The proposed Sirtfi representation, including the revised REFEDS-namespaced URL for the contactType, is below:
Security Contact Metadata Extension
<EntityDescriptor ... >
... 
<ContactPerson xmlns:icmd="http://id.incommon.org/metadata" contactType="other" icmd:contactType="http://refeds.org/metadata/contactType/security">
    <GivenName>Security Response Team</GivenName>
    <EmailAddress>mailto:security@institution.edu</EmailAddress>
  </ContactPerson>
...
</EntityDescriptor>

 

 

 

 

 

  • No labels