Skip to Content.
Sympa Menu

assurance - RE: [Assurance] Assurance InterOp: Update and Next Steps

Subject: Assurance

List archive

RE: [Assurance] Assurance InterOp: Update and Next Steps


Chronological Thread 
  • From: "Roy, Nicholas S" <>
  • To: "" <>
  • Subject: RE: [Assurance] Assurance InterOp: Update and Next Steps
  • Date: Tue, 11 Oct 2011 18:57:59 +0000
  • Accept-language: en-US

I've added this item to the SP use case issues section.

Best,

Nick

-----Original Message-----
From:


[mailto:]
On Behalf Of Tom Scavo
Sent: Tuesday, October 11, 2011 9:59 AM
To:

Subject: Re: [Assurance] Assurance InterOp: Update and Next Steps

Nick, there are a number of issues on the Technical Implementation wiki page
(https://spaces.internet2.edu/x/eqSKAQ) that touch on that issue. Would you
mind adding an issue to that page to make it explicit?

Thanks,
Tom

----- Original Message -----
> I just thought of a different use case. I'm not certain that I know
> where it would be used, but it seems plausible. It's kind of similar
> to the "prefers Silver" case, but I could see there being a need for
> differentiation.
>
> The use case is: Elevation of LoA. What if a service allows everyone
> to log in at the baseline level of assurance (0/Aluminum?) and then
> someone needs to do something that requires elevated privileges and
> elevated LoA. For instance, you allow a researcher to log in to most
> stuff using InCommon "Aluminum", but then they have a need to make
> changes to some Grouper groups. This might only be a problem if the
> collaborative org handles authZ for several apps inside a container
> that uses a federation gateway protected by an SP.
>
> Nick
>
> -----Original Message-----
> From:
>
> [mailto:]
> On Behalf Of Ann West
> Sent: Monday, October 10, 2011 9:21 AM
> To:
>
> Subject: [Assurance] Assurance InterOp: Update and Next Steps
>
> Good morning everyone,
>
> This note is a follow up on the interop testing effort we started in
> mid September.
>
> As a reminder, we (thanks to Virginia Tech and the CILogon folks) have
> tested and documented use case 0
> (https://spaces.internet2.edu/display/InCAssurance/SP+Assurance+Policy+Use+Cases).
> During the Internet2 Member Meeting last week, Terry Fleury from
> CILogon also tested having the SP pull the entityid qualifier out of
> test metatdata to verify entityid certification. All good things!
>
> Next Steps
> In lieu of having a call this week (which was the original plan), we
> talked in the InCommon Technical Advisory Committee meeting last week
> about the following next steps:
>
> - Ann will work with the SPs intending to offer Silver services in
> 2012 to determine their initial functional use cases. (See documented
> examples at the above URL.) As a reminder, the identified services
> are: NIH ERA (grant submission), CILogon (Open Science Grid access),
> selected LIGO services (such as updating access groupers in their
> Grouper instance), and National Student Clearinghouse/Meteor access
> (financial aid).
>
> - Next, the TAC will review the SP's use cases to determine what's
> needed for the technical support.
>
> - After that, we'll loop 'round with the community for further
> testing.
>
> So far, the use case we've already tested (UC0) will work for the SPs
> I've contacted, but stay tuned for additional flows and testing
> updates.
>
> Many thanks for your help. If you have suggestions, alternatives,
> ideas, etc. please don't hesitate to let me know.
>
> Best,
> Ann
>
> --
> Ann West
> Assistant Director,
> Assurance and Community
> Internet2/InCommon/Michigan Tech
>
> office: +1.906.487.1726
>
>



Archive powered by MHonArc 2.6.16.

Top of Page