Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

1.1.1eduGAIN policy reviewInvolved (lead)TimeframeComments
1.1.1.1Working group on eduGAIN constitution reviewNicole, Brook, Justin, Peter S, Alessandra, Marina, Chris P (advising), TomaszJuly - December 2016Complete
1.1.1.2Community consultation and vote on eduGAIN constitutionBrook and NicoleDecember 2016 - February 2017

Complete

https://technical.edugain.org/doc/eduGAIN-Constitution-v3ter-web.pdf

1.1.1.3Create a SAML Technology Profile that combines the current Metadata and WebSSO profiles.  Consider making this mandatory (although not all the pieces within it REQUIRED or MUST)Nicole, Brook, Justin, Peter S, Alessandra, Marina, Chris P (advising), Tomasz

February - July 2017 

delayed


Initial consultation complete.  Final edit and voting to complete.

2018 eduGAIN SAML Profile Consultation

IMPACTS:

 - need to update the current validator.

 - need to restructure the joining the checklist. 

Complete

1.1.1.4Review the requirements in the existing eduGAIN metadata profile and add areas that are missingNicole, Brook, Justin, Peter S, Alessandra, Marina, Chris P (advising), TomaszFebruary - July 2017 Complete
1.1.1.5Add in details to the eduGAIN SAML Technology Profile that are SAML specific requirements but have currently not been covered or removed from constitution (certificates, metadata url, MRPS)Nicole, Brook, Justin, Peter S, Alessandra, Marina, Chris P (advising), TomaszAs part of 1.1.1.3 Complete
1.1.1.6

Manage issues associated with current SAML2int problems, liaise with Kantara and define WebSSO requirements for edugain

BrookDependency unknown - awaiting community to move Overtaken by work at InCommon and Kantara work
1.1.1.7Introduce MRPS developed by REFEDS as standard templateNicole and Brookunknown  Proposal

Proposal socialised at various meetings.

 

   Dependency on requirements set in the SAML Profile.

Work has become to implement via:


1.1.1.8Deprecate current Attribute Profile and work on a best current practice (BCP) document to replace this.  BCPs to be R&S, CoCo, MFA and Sirtfi.NicoleJan - Jul 2018

 Proposal socialised at various meetings. 

What does it mean to have a BCP?

  • Documented on the eduGAIN website.
  • These will be monitored and shown as warning in validators (including history).
  • Warnings will be followed up by edugain-support.
  • We will advertise and promote the BCP.


Do we need a incident response template for federations?

Add security contacts for federations.

1.1.1.9Position Code of Conduct and R&S as a best practice document and not a profileTomasz and BrookJan - Jul 2018 Complete
1.1.1.10Write eduGAIN Operational Practice StatementTomaszSept - Dec 2017

 eduGAIN Operations - SAML

eduGAIN Operational Practice Statement (DRAFT)

1.1.1.11Write eduGAIN Metadata Aggregation Practice StatementTomaszSept - Dec 2017 Metadata Aggregation Practice Statement
  1.1.2Review text of GDRPGDPR M4-M6Complete
 Review Federation interpretations of impact on their local and eduGAIN systems M6-M8 Complete
 Develop statements and recommendations for stakeholders M8-12 Complete
 M9.2 Assessment of DP Legislation Implications M8 (EC Milestone)Complete
  1.3CoCo V2MikaelOngoingDependencies - GDPR, Privacy Shield. Cross-ref with REFEDs
 International CoCo DevelopmentMikaelOngoingDependencies - GDPR, Privacy Shield. Cross-ref with REFEDs

...