Versions Compared

Old Version 2

changes.mady.by.user Scott Cantor (osu.edu)

Saved on

compared with

New Version 3

changes.mady.by.user trscavo@internet2.edu

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • POP Available
  • Security Incident Contact Registered
    • Does this also imply adherence to the recommended incident response process?

Would be appropriate to list those participants whose software is misconfigured for the InCommon WAYF (instead of the InCommon Discovery Service)?

Deployment Practices

  • SAML 2.0 Support
    • IdPs with TLS-protected HTTP-Redirect SSO
    • SPs with TLS-protected HTTP-POST ACS and an encryption key
  • Support for SAML 2.0 persistent NameIDs or eduPersonTargetedID
    • Perhaps support for other attributes are worth noting?
  • Full saml2int conformance
  • Consent-based support for particular attributes (i.e., no admin involvement needed)
  • Keys of less than a certain age
    • We should consider what, if any, age is actually "too old"
  • Appropriate error pages
    • Perhaps subjective, but I'd start with having actual contact info for users and a reasonable indication of what to do, maybe not using the Shibboleth logo?

...