There are many potential topics spanning the very basic (often spanning both non-federated and federated scenarios) to the very in-depth. The initial WG activity needs to be the pruning/scoping of the effort to identify the critical topics and begin to dicuss how to tackle them.
- Externalizing Authentication
- Integration with SSO
- Federation and Trust Management
- IdP Discovery
- Logout
- Identifiers and User Identification
- Identity Assurance
- Attributes
- Provisioning Models (incl. Account Activation / Linking)
- Groups
- Authorization / Access Control
One of the challenges will be to identify areas where best practice can be agreed on (relatively) non-controversially vs. areas of open debate and disagreement where discussion of alternatives will be more appropriate.