1.1.1 | eduGAIN policy review | Involved (lead) | Timeframe | Comments |
1.1.1.1 | Working group on eduGAIN constitution review | Nicole, Brook, Justin, Peter S, Alessandra, Marina, Chris P (advising), Tomasz | July - December 2016 | Complete |
1.1.1.2 | Community consultation and vote on eduGAIN constitution | Brook and Nicole | December 2016 - February 2017 | Complete
https://technical.edugain.org/doc/eduGAIN-Constitution-v3ter-web.pdf |
1.1.1.3 | Create a SAML Technology Profile that combines the current Metadata and WebSSO profiles. Consider making this mandatory (although not all the pieces within it REQUIRED or MUST) | Nicole, Brook, Justin, Peter S, Alessandra, Marina, Chris P (advising), Tomasz | February - July 2017
delayed
| Initial consultation complete. Final edit and voting to complete.
2018 eduGAIN SAML Profile Consultation
IMPACTS:
- need to update the current validator.
- need to restructure the joining the checklist.
Complete
|
1.1.1.4 | Review the requirements in the existing eduGAIN metadata profile and add areas that are missing | Nicole, Brook, Justin, Peter S, Alessandra, Marina, Chris P (advising), Tomasz | February - July 2017 | Complete |
1.1.1.5 | Add in details to the eduGAIN SAML Technology Profile that are SAML specific requirements but have currently not been covered or removed from constitution (certificates, metadata url, MRPS) | Nicole, Brook, Justin, Peter S, Alessandra, Marina, Chris P (advising), Tomasz | As part of 1.1.1.3 | Complete |
1.1.1.6 | Manage issues associated with current SAML2int problems, liaise with Kantara and define WebSSO requirements for edugain
| Brook | Dependency unknown - awaiting community to move | Overtaken by work at InCommon and Kantara work |
1.1.1.7 | Introduce MRPS developed by REFEDS as standard template | Nicole and Brook | unknown | Proposal Proposal socialised at various meetings. Dependency on requirements set in the SAML Profile. Work has become to implement via:
|
1.1.1.8 | Deprecate current Attribute Profile and work on a best current practice (BCP) document to replace this. BCPs to be R&S, CoCo, MFA and Sirtfi. | Nicole | Jan - Jul 2018 | Proposal socialised at various meetings. What does it mean to have a BCP? - Documented on the eduGAIN website.
- These will be monitored and shown as warning in validators (including history).
- Warnings will be followed up by edugain-support.
- We will advertise and promote the BCP.
Do we need a incident response template for federations? Add security contacts for federations. |
1.1.1.9 | Position Code of Conduct and R&S as a best practice document and not a profile | Tomasz and Brook | Jan - Jul 2018 | Complete |
1.1.1.10 | Write eduGAIN Operational Practice Statement | Tomasz | Sept - Dec 2017 | eduGAIN Operations - SAML eduGAIN Operational Practice Statement (DRAFT) |
1.1.1.11 | Write eduGAIN Metadata Aggregation Practice Statement | Tomasz | Sept - Dec 2017 | Metadata Aggregation Practice Statement |
1.1.2 | Review text of GDRPGDPR | | M4-M6 | Complete |
| Review Federation interpretations of impact on their local and eduGAIN systems | | M6-M8 | Complete |
---|
| Develop statements and recommendations for stakeholders | | M8-12 | Complete |
---|
| M9.2 Assessment of DP Legislation Implications | | M8 (EC Milestone) | Complete |
---|
1.3 | CoCo V2 | Mikael | Ongoing | Dependencies - GDPR, Privacy Shield. Cross-ref with REFEDs |
| International CoCo Development | Mikael | Ongoing | Dependencies - GDPR, Privacy Shield. Cross-ref with REFEDs |