Date:

March 12, 2014

Time:

12 Noon Eastern, 9AM Pacific, 5PM UK

Dial-in Info:

+1-734-615-7474 (English I2, Please use if you do not pay for Long Distance),
+1-866-411-0013 (English I2, toll free US/Canada Only)
PIN: 0195401 #

Agenda:
  1. Announcements
  2. Metadata and Quilt
  3. AOB
Attending:

Warren, Guy Jones (Maryland), John Kreinke, Mark Schieble, Anne West, IJ, Ian Young, Tom Scavo, Steven Carmody, Paul Caskey

Recording:
Minutes:
  1. Announcements
  2. Metadata and Quilt
    • Starting just after Do not support SAML1, Do not support attribute query, Do not support SAML artifact (in either direction)
      • Ian suggests reorganization to indicate clearly all the best practices
    • Include an errorURL in metadata - actually used for IdPs by InC (may also be supported for SP in SAML, but not InC)
    • Include user interface elements in metadata - extension metadata that turns out to be important. DisplayName is most important, it is what is shown on Discovery Service. Fixed and not editable. This will be changed in the near future. Distinction between organization display name and IdP display name. 
    • Include contacts in metadata 
      • technical contacts that will be contacted by InC technical or other technical persons
      • admin contacts will become more important - person to be contacted for attribute release, assurance, etc.
      • good idea to use mailing list or reflector for these contacts
    • Support a “standard” attribute bundle
    • Support a “standard” attribute bundle
      • there is no attribute support requirement at present
      • there is no standardization, but the bundle most often used is "eduPersonPrincipalName, eduPersonTargetedID (optional), mail, displayName, givenName, sn (surName)". ePPN should be non-reassignable. Steven has a question - if person has never used ePPN can we reassign it? Tom notes that the main problem with ePPN reassignment is inadvertent access. Discussion of how scoped ePPNs are understood in the wild.
    • Adopt a measured attribute release process
      • worth keeping in mind that R&S provides example of a standard mechanism for attribute release
      • user consent mechanism for attribute release is a strong possibility
    • Question about OrganizationDisplayName vs DisplayName. ODN is made the same as Organization Name in Participation Agreement by default. There is room to change this upon request as long as it is still similar. ODN used on five pages. DisplayName used in DS, so can be different and has its own set of rules.
  3. AOB
  • No labels