...
- OIDC Federations: dynamic, not static discovery
- Policies
- Metadata self-contained, transport and origin independent
--> chain of trust
--> metadata statement
--> Federation "depth" --> tree basically, op and rp can belong to several federations or none - First federations planning to use proxies for OIDC, like Haka
- OIDC for web and smartphone, non-web?
- Work going on at InCommon
- AARC is moving faster forward than REFEDS
- let Maarten and Roland know if you have a use case
EduKEEP
Life long learning -> one id
federations in central way
Issues:
- old id is distroyed when leaving organisation
- multiple ids possible
- no support for services when you leave an organisation/community
- multiple concurrent affiliations
--> user-centric approach
--> split authentication and authorisation
--> persistent digital identity
--> longevity
--> inclusiveness
Action Items