Update: this change request is now closed. The REFEDS SC agreed that the changes should be made to ensure the Security Contact Metadata Extension Schema makes no reference to Sirtfi.
In April 2016 we carried out a consultation on Managing Metadata Extensions for REFEDS. In this, we made some recommendations on a Security Contact Metadata Extension Schema.
The consultation resulted in no feedback.
We've been made aware that the supporting text within the consultation can be read as if Sirtfi is a requirement for having a security contact in metadata, which was not the intention. We propose making the following change:
Current text: "An individual or generic contact who has agreed to adopt the Sirtfi Framework on behalf of the entity."
New text: " An appropriate security contact, such as an individual or generic contact who has agreed to adopt the Sirtfi Framework on behalf of the entity or those with existing security responsibility within an organisation."
At the moment we do not propose undertaking a full consultation on this, but if we receive any objections to this proposal we will undertake such a consultation for full transparency. As such, we'd like to invite people to raise any objections to such a proposal by 2nd January 2017. Objections should be sent directly to Nicole Harris or to the REFEDS consultation list (consultations@lists.refeds.org) or added below.
Please also feel free to show support for this change or suggest alternative wording.
| Issue | Comments | Submitter | Date |
|---|---|---|---|
| Sirtfi reference | It might be best to remove any mention of Sirtfi from the language of the REFEDS security contact, just to make it totally clear that Sirtfi depends on the REFEDS security contact, but explicitly NOT the other way around. | Nick Roy (+1 Leif J, Ian Young) | 12/12/16 |
| Sirtfi reference | Suggest word change to: "An appropriate security contact, such as an individual or generic contact, with existing security responsibility within an organization. Entities participating in the Sirtfi Framework MUST populate this schema element in metadata." | Eric Goodman | 12/12/16 |
| Sirtfi reference | "An appropriate security contact, such as an individual or generic contact of those with existing security responsibility within an organization or who has agreed to adopt the Sirtfi Framework on behalf of the entity." | Pål Axelsson | 13/12/16 |