Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Background

These are some notes from the Zurich meeting for JRA3 on how we could better represent baseline level of assurance for federations and identity, and what it means to go above the baseline - what I am calling a "boosted" identity here for want of a better word.  The idea is to create something that is completely separate from the concept of hierarchical levels of assurance, but you can "boost" your IdP offering in different ways that are orthogonal and may be combined in different ways to meet the needs of different scenarios / environments.  I've played around with a lot of words for this but struggle to find any other way of describing that does not imply some sort of strict hierarchy.

Approach

Gliffy Diagram
nameassurance

Pieces of the Puzzle

To achieve the baseline requirements:

  • Federations using the baseline requirements of metadata registration and eduGAIN compliance via the validator (and other?). We need to do more work on documenting the things that eduGAIN "expects" a federation to be doing / not doing, but not currently in the profiles (e.g. not publishing .local etc). 
  • Identity Providers meeting the baseline of assurance - this is being worked on by Mikael and Daniela in the REFEDS assurance working group. 
  • Service Providers??

To achieve "boosted entity":

  • Support for Code of Conduct.
  • Support for Research and Scholarship.
  • Support for Sirtfi.
  • Support for MFA.