...
Focus on trustworthiness of their Federation as a primary objective
Good practices are followed to ensure accuracy and authenticity of metadata to enable secure and trustworthy federated transactions
Internationally-agreed frameworks that improve trustworthy use of Federation, such as entity categories, are implemented and adoption by Members is promoted
- Work with other Federation Operators to help ensure that each Federation’s operational practices suitably promotes the realization of baseline expectations, as above, by all actors in all Federations
END OF DRAFT
Change Proposals and Feedback - We welcome your feedback/suggestions
herein this table
If you have comments that do not lend themselves well to the tabular format below, please create a new Google doc and link to it in the suggestion column.
Number | Current Text | Feedback / Proposed Text / Query / Suggestion | Proposer | +1 (add your name |
---|---|---|---|---|
1 | IdP expectations | I'd swap expectation 1 and 2 | Thomas Lenggenhager, SWITCH | |
2 | IdP expectations | Add something like: The IdP only asserts faculty, staff and student affiliations backed by proper on- and off-boarding processes | Thomas Lenggenhager, SWITCH | Mikael Linden, CSC |
3 | IdP expectations #1 | The approach may work for staff, faculty and students but my experience is that even trustworthy IdPs have also users (industry partiers, library walk-in, ...) whose accounts are less secure and wouldn't have access to the key enterprise systems. To make #1 useful for SPs, maybe introduce a tag for the trustworthy accounts (to enable SP side filtering) or make it explicit that #1 applies only to accounts with eP(S)A=staff, faculty or student (c.f. the comment above from Thomas). | Mikael Linden, CSC | |
4 | ||||
5 | ||||
6 | ||||
7 | ||||
8 | ||||
9 | ||||
10 |
See also:
InCommon Assurance Call of Nov 2015 on Baseline Practices
...