https://zoom.us/j/311952801
Agenda, Live Scribing and Meeting Notes: http://bit.ly/iolrNotes
To submit a checklist for another IdP, use File/Make a Copy on the page above, fill in the form and email to pete@digitalidentitylabs.com, hazelton@wisc.edu, or olshansky@isoc.org
The World Clock Meeting Planner - Details
Location | Local time | Time zone | UTC offset |
---|---|---|---|
San Francisco (USA - California) | 8:00 AM | PDT | UTC-7 |
New York (USA - New York) | 11:00 AM | EDT | UTC-4 |
London (United Kingdom - England) | 16:00 PM | BST | UTC+1 |
Join Zoom Meeting
https://zoom.us/j/311952801
- - - - - - - - - - - - - - - - - - - - - - - - - -
- See email thread, "Re: Funding an unaffiliated IdPs
iolr@lists.refeds.org (currently 47 subscribers)
To subscribe, visit https://lists.refeds.org/sympa/subscribe/iolr
Start from the InCommon IdP of Last Resort WG requirements
Self-assertion? Reputation-based? Tagging by fed. operator?
This is the wiki space for the IdPs of Last Resort (IoLR) Working Group. To participate in this group, please subscribe to the mailing list.
Service Providers (SPs) often find that the population they want to serve includes individuals who are not represented by campus-based or other institutional Identity Providers (IdPs). In other cases, the individual's organizational IdP can not (or will not) release attributes necessary for the operation of the SP. The two most commonly encountered accommodations for users in this situation both suffer from serious inadequacies. First, SPs can opt to issue credentials and run an authentication service for those users lacking an adequate federated solution. The drawback is that this forces the SP owners to take on the unwelcome role of issuers and managers of user credentials. It is not their core mission and it can easily become a substantial support burden. The second fallback is to accept external IdPs such as Google. This gets the SP owners out of the credential management business, but brings other issues. To take Google as an example, Google’s IdP-like service comes with several caveats: Their business model is premised on monetizing user and usage data; As a non-SAML solution, they don’t support the Enhanced Client or Proxy (ECP) Profile, a critical requirements for some key research services; They also reserve the right to throttle usage if it gets above what they consider an acceptable level of use.
A different approach is clearly needed. Ideally, individuals lacking a suitable IdP could be invited to register with a participating IdP that offered no-cost, easy self-registration processes. This REFEDS Working Group is charged with specifying how such a service should be structured and establishing processes for reviewing and approving IdPs that seek to be designated as "Un-Affiliated IdPs", or informally, "IdPs of Last Resort" that meet the Service Providers' requirements. For some additional background, see the 2015 Final Report of the InCommon Technical Advisory Working Group, IdPoLR.
The following terms apply to all REFEDS Working Groups:
Pete Birkinshaw, Digital Identity Ltd | http://www.digitalidentity.ltd.uk