Problem Statement

There is already a noticeable amount of campus-based activity exploring the use of the OIDC-related protocols, and particularly OAuth2. Today, very little of this activity is related to InCommon, and none of it is occurring within InCommon. Over the longer term, if a consensus emerges about the value of these protocols to campus communities, there may be actions that InCommon can take to help campuses use these protocols effectively. Today, it is more important to learn about what people are doing, and trying to do, without necessarily worrying about how InCommon might help them. Timing is import since this could be one of those situations where there is a risk in not talking action now.

Charter

  1. Survey the campus community, and ask them to share information on the problems they are trying to solve that they think OIDC/OAuth2 can help to solve.  Include their current and planned use of the OIDC/OAuth2 protocols, and encourage them to submit ideas that have not yet reached the planning stage. Encourage them to submit these descriptions as Use Cases.
  2. Review the collected Use Cases, particularly the concrete ones that seem to generalize. Verify that these Use Cases seem like an appropriate use of OIDC, etc
  3. Write a report summarizing the findings and conclusions. Include recommendations on next steps, if any, for
    1. TIER, and developing IDP/SP federating software
    2. InCommon, and Federation level support for these use cases
    3.  and thoughts on the urgency, if any, of the recommended actions.
  4. Include in the report the group's concerns, if any, about implementing scaleable trust in conjunction with using the OIDC/OAuth2 protocols. Identify issues related to scaling trust, and issues InCommon would face in providing a trust fabric for these protocols.

Work Products

  1. The group should submit its report to the TAC by Feb, 2017
  • No labels