Skip to Content.
Sympa Menu

assurance - [Assurance] If apply for Silver, then apply for Bronze?

Subject: Assurance

List archive

[Assurance] If apply for Silver, then apply for Bronze?


Chronological Thread 
  • From: Ann West <>
  • To:
  • Subject: [Assurance] If apply for Silver, then apply for Bronze?
  • Date: Wed, 20 Jun 2012 12:52:17 -0400 (EDT)

Hello,

As InCommon and the Assurance Advisory Committee work through the details of
Assurance in action, the relationship between Bronze and Silver profiles
needs clarification. It stems from the assumption that logically Bronze is a
subset of Silver and that this can be transferred to the application process
and over the wire behavior.

From the point of view of the admins supporting the 819 SPs in the
federation, it would be less of an overall development burden if they didn't
need to code for the relationship between the profiles. They ask for and
receive the profile they require for their service. If they want the Bronze
qualifier, they should receive Bronze, not Silver.

But can't I just assert Bronze-ness for Silver users? Because of the
differences in implementation, InCommon has no way of knowing. The IdPO needs
to have processes in place to determine whether users that aren't Silver
qualify for Bronze. In some cases, IdPOs are setting up separate systems for
Silver. The second-factor credential may qualify for Silver, but the
plain-old-password infrastructure used to support Bronze may not.

So InCommon and the AAC propose requiring IdPOs applying for Silver
certification to also apply for Bronze. There is no impact to the fees to
support both, and no audit needed if one uses the new Representation of
Conformance methodology in the new 1.2 version of the Identity Assurance
Profiles.

And one final note: who cares about Bronze anyway? From what we hear, our
FICAM friends would like existing NIH and NSF services operating in InCommon
to start requesting Bronze. Once they approve 1.2 Profile and Framework docs,
we'll be working with the Community and FICAM to develop next steps.

Thoughts about this proposal?

Ann



--
Ann West
Assistant Director,
Assurance and Community
Internet2/InCommon/Michigan Tech


office: +1.906.487.1726




Archive powered by MHonArc 2.6.16.

Top of Page