As of the 3.2 release of the Federation Manager, sites can now self-assert SIRTFI compliance.
What is SIRTFI?
The Security Incident Response Trust Framework for Federated Identity (SIRTFI) is an international standard to enable the coordination of incident response across federated organizations. The standard was developed by the international federation operators organization REFEDS and is documented at https://refeds.org/sirtfi.
SIRTFI provides a framework for effective incident response collaboration among federation and interfederation participants. One compromised account can create a security problem for a multitude of services across the interfederation community. When an organization complies with the SIRTFI framework, it agrees to participate in a federated incident response process. SIRTFI stipulates high-level practices and procedures, and identifies organizations that are capable of participating in a federated incident handling process. Federation participants that comply with SIRTFI are marked in the federation’s metadata, raising the bar for operational security across federations.
To self-assert compliance for an existing IdP or SP:
Log into the Federation Manager as a site admin.
- From the site home page, scroll down to "Existing Identity Providers" or "Existing Service Providers".
- Click "Update" for the IdP or SP you wish to assert SIRTFI for.
- See the section titled "SIRTFI Entity Attribute"
- Check the box next to "This IdP complies with the requirements of the SIRTFI framework" (SP will be the same, except for the substitution of SP for IdP).
- Click Save.
To assert compliance for an new IdP or SP:
When creating a new IdP or SP, there is a new checkbox on the metadata entry page for self-assertion of SIRTFI compliance. Simply check the box when creating the new IdP or SP.
