Skip to end of metadata
Go to start of metadata

InCommon Assurance Community Wiki

Call for Participation for InCommon MFA Interoperability Profile Working Group

read about the InCommon MFA Interoperability Profile Working Group

Assurance Call on 1) Flexible Vetting and 2) NIST 800-63-2 - Recording Now Available

Wed., May 6, 2015 at noon ET

Recording of AdobeConnect webinar available here

Flexible Vetting portion of the call -  Bert Bee-Lindgren and Jesse Rankin - Georgia Tech

View the Georgia Tech Flexible Vetting slides (PDF)

NIST 800-63-2 portion - Jacob Farmer

View the NIST-800-63-2 slides (PDF)

Assurance Call on Password Reset - Recording Now Available

Wed., April 1, 2015 at noon ET

Eric Goodman, Identity and Access Management Architect, University of California Office of the President, led a discussion on password reset issues.

Recording of AdobeConnect webinar available here 

View the slides (PDF)

Guidance for Supporting SHA-2 Signed Assertions

In August 2014, InCommon released Migrating to SHA-2 to help certified campuses support SHA-2 signed assertions.

In June 2014, InCommon Steering approved the (now expired) "Alternative Means for Bronze and Silver Requirement to Discontinue SHA-1 Encryption for SAML Assertions" to ease the transition for Identity Provider Operators that had been certified by the InCommon Assurance Program or were wishing to apply for certification by January 15, 2015.

InCommon Silver with Active Directory Domain Services Cookbook for 1.2 Released

The final version of the InCommon Silver with Active Directory Domain Services Cookbook is available now! For an overview of the important bits, see the May 2014 webinar recording

Reading Bronze: Understanding the InCommon Profile (recordings available)

InCommon sponsored a community reading of the Bronze InCommon Assurance Profile to aid in the understanding and intent of the requirements. There were four calls during Dec. 2013 and Jan. 2014.  The calls have now concluded. Thanks to all who participated for the excellent comments and questions.

Recordings are available at this link.

Assurance Program

Specification Documents

Alternative Means

Project Status: Shibboleth Identity Provider Enhancements (Multi-Context Broker)

The MCB v1.0 for development of Assurance Enhancements for the Shibboleth Identity Provider has been completed and is available now for use. For more information and a project status, see Shibboleth Enhancements - Project Status.

See news on the Multi Context Broker.

See slides from IAM Online on the Multi-Context Broker (April 30, 2014)

Community Resources

Toolkits

Technical InterOp

Community Contributions

Webinars and Presentations

  • InCommon Bronze Approaches from GW and Harvard, recorded March 4, 2015. See recorded Webinar. See slides (PDF).
  • InCommon Bronze and Security, IAM Online with two case studies of achieving Bronze (Todd Haddaway of UMBC and Sharon Welna from the University of Nebraska Medical Center), recorded October 15, 2014 (slide deck also available)
  • Successful Security Practices: Counting Failed Login Attempts, PDF slide Deck, Webinar recorded Sept. 3, 2014
  • Better Practices Build Better Systems: Identity Assurance, recorded presentation by Ann West, Internet2, and Ron Thielen, U. Chicago, at EDUCAUSE Security Professionals Conference, May 2014 
  • Open for Business: InCommon Identity Assurance Program (PDF Silde Deck. Webinar recorded February 29, 2012)
  • Grab the Bronze and Silver Ring: Identity Assurance Progress (PDF Slide Deck. Webinar recorded June 15, 2011)

Stay Informed

Add yourself to our email list by sending an email to sympa@incommon.org with this in the subject: subscribe assurance

Join our monthly Implementers calls scheduled for Noon ET on the first Wednesday of every month. 
+1-734-615-7474 
+1-866-411-0013 (toll free US/Canada Only)
PIN: 0129048#

Page: Approaches to Supporting the Federal Privacy Requirements Page: Assurance 1.2 Specification Review Page: Assurance Implementation Example - Virginia Tech Page: Assurance Implementation Toolkits Page: Assurance Technical Implementation Considerations Page: Background on Version 1.1 Page: Community Contributions Page: Deprecated Versions Page: Footer Page: InCommon Assurance Alternative Means History Page: Minutes of Assurance call of 13-Feb-2013 Page: Minutes of Assurance Call of 2-Oct-2013 Page: Minutes of Assurance Call of 3-April-2013 Page: Minutes of Assurance Call of 4-Dec-2013 Page: Minutes of Assurance Call of 4-March-2015 Page: Minutes of Assurance Call of 4-Sep-2013 Page: Minutes of Assurance Call of 4-Sep-2014 Page: Minutes of Assurance Call of 5-June-2013 Page: Minutes of Assurance Call of 5-Nov-2014 Page: Minutes of Assurance Call of 6-March-2013 Page: Minutes of Assurance Call of 6-Nov-2013 Page: Minutes of Assurance Call of 7-Aug-2013 Page: Minutes of Assurance Call of 8-May-2013 Page: Minutes of Assurance Call of 9-Jan-2013 Page: Minutes of Assurance Call of 9-Jul-2014 Page: Minutes of Assurance Call of 10-July-2013 Page: Minutes of Assurance Call of 12-Dec-2012 Page: Minutes of Assurance Call of 12-Feb-2014 Page: Minutes of Assurance Call of 15-Oct-2014 Page: Minutes of Assurance Call of 19-March-2014 Page: Multi-Context Broker Page: Reading Bronze Assurance Profile Page: Request for Proposal - Assurance and MFA Enhancements to Shibboleth Identity Provider Page: Shibboleth Enhancements - Project Status Page: Transition to SHA-256 including Alternative Means