Assurance

[Tom Scavo <>]

Nick, there are a number of issues on the Technical Implementation wiki page 
(https://spaces.internet2.edu/x/eqSKAQ) that touch on that issue. Would you 
mind adding an issue to that page to make it explicit?

Thanks,
Tom

----- Original Message -----
> I just thought of a different use case.  I'm not certain that I know
> where it would be used, but it seems plausible.  It's kind of
> similar to the "prefers Silver" case, but I could see there being a
> need for differentiation.
> 
> The use case is: Elevation of LoA.  What if a service allows everyone
> to log in at the baseline level of assurance (0/Aluminum?) and then
> someone needs to do something that requires elevated privileges and
> elevated LoA.  For instance, you allow a researcher to log in to
> most stuff using InCommon "Aluminum", but then they have a need to
> make changes to some Grouper groups.  This might only be a problem
> if the collaborative org handles authZ for several apps inside a
> container that uses a federation gateway protected by an SP.
> 
> Nick
> 
> -----Original Message-----
> From: 
> 
> [mailto:]
>  On Behalf Of Ann West
> Sent: Monday, October 10, 2011 9:21 AM
> To: 
> 
> Subject: [Assurance] Assurance InterOp: Update and Next Steps
> 
> Good morning everyone,
> 
> This note is a follow up on the interop testing effort we started in
> mid September.
> 
> As a reminder, we (thanks to Virginia Tech and the CILogon folks)
> have tested and documented use case 0
> (https://spaces.internet2.edu/display/InCAssurance/SP+Assurance+Policy+Use+Cases).
> During the Internet2 Member Meeting last week, Terry Fleury from
> CILogon also tested having the SP pull the entityid qualifier out of
> test metatdata to verify entityid certification. All good things!
> 
> Next Steps
> In lieu of having a call this week (which was the original plan), we
> talked in the InCommon Technical Advisory Committee meeting last
> week about the following next steps:
> 
> - Ann will work with the SPs intending to offer Silver services in
> 2012 to determine their initial functional use cases. (See
> documented examples at the above URL.) As a reminder, the identified
> services are: NIH ERA (grant submission), CILogon (Open Science Grid
> access), selected LIGO services (such as updating access groupers in
> their Grouper instance), and National Student Clearinghouse/Meteor
> access (financial aid).
> 
> - Next, the TAC will review the SP's use cases to determine what's
> needed for the technical support.
> 
> - After that, we'll loop 'round with the community for further
> testing.
> 
> So far, the use case we've already tested (UC0) will work for the SPs
> I've contacted, but stay tuned for additional flows and testing
> updates.
> 
> Many thanks for your help. If you have suggestions, alternatives,
> ideas, etc. please don't hesitate to let me know.
> 
> Best,
> Ann
> 
> --
> Ann West
> Assistant Director,
> Assurance and Community
> Internet2/InCommon/Michigan Tech
> 
> office: +1.906.487.1726
> 
>