You are viewing an old version of this page. View the current version.
Compare with Current
View Page History
« Previous
Version 5
Next »
Highlights
- SPs and App Developers
best practices would be valuable to document - how to make your app federation-readyprovisioning is included
attribute creation and management
coding for SP options, if available
representing permissions for access control
scaling advice
standardized method of getting federation metadata would be useful
don't persist anything you can get in an assertion unless you have a justifiable requirementPerhaps an InCommon or MACE working group, or even REFEDS, to work on documenting this...
federations having problems in ad hoc environments, how to handle different ARPs?
introduction problem, how to get into a collaborative environment
- IdM Project/Process Mgmt.
- Loosely affiliated populations
- LoA
- no good way to do a risk assessment
- password entropy tool issues
- SAML AuthN context - not widely used?
- will be used to express InCommon Silver Profile
- RP specific
- a particular authN event may be associated with more than one profile...
- Is scope the right thing to look at? What about one domain mapped to more than one IdP?
- Grids & non-browser apps
- perhaps X.509 deserves more investigation and debate?
- Social Networking
some schools looking at using internally, other looking at developing external presence, e.g. on FaceBook.
raises privacy issues
InCommon interoperability with common social networks, of interest to majority of the community? If so, better to enable it the right way