assurance - RE: [Assurance] Addressing InCommon IAP & Shibboleth IdP
Subject: Assurance
List archive
- From: "Jim Green " <>
- To: <>
- Subject: RE: [Assurance] Addressing InCommon IAP & Shibboleth IdP
- Date: Wed, 8 Aug 2012 14:31:36 -0400
I would be fine with talking about the generalized management assertions/supporting documentation section in the Internet2 wiki that the CIC InCommon Silver documentation group is working on, if it will be of general interest to those on the CIC IdM full group call. For those on this list who don’t know, there is a section in the Assurance wiki under InC-Assurance > Community Contributions > Documentation Examples where we’re working on compiling example management assertions and supporting documentation. As Brett says we can always use more volunteers to help with drafting and/or reviewing examples. From: [mailto:] On Behalf Of Roy, Nicholas S Some kind of generalized management assertion could be created and contributed here: https://spaces.internet2.edu/display/InCAssurance/4.2.5+Authentication+Process I’d encourage interested parties to take a shot at writing one and when we get all the generalized management assertions put together (that we can) we can run it by the Big Ten auditors and/or other auditors. Jim Green, if you’re on this list- would it be a good idea to try to do a session on generalized management assertions on the regular assurance group call, if that sounds good to Ann and the rest of the group? Nick From: [] On Behalf Of Cantor, Scott On Aug 8, 2012, at 8:02 AM, "Russell J Yount" <> wrote:
Out of curiosity, is there any product, or indeed web application that does document that in such detail? I ask because it reflects on the wisdom of that level of detail in the document. How have others addressed this area? Would it make sense for the InCommon Assurance group to put some text together for a stock Shibboleth installation and perhaps for common add-ons such as the Ohio State Custom Login Handler which provides technical details that one could point an auditor to? What does an auditor require? Is a statement to the truth of the requirement sufficient? And how, again, is anybody running, say, ADFS expected to get their answer? -- Scott |
- [Assurance] Addressing InCommon IAP & Shibboleth IdP, Russell J Yount, 08/08/2012
- Re: [Assurance] Addressing InCommon IAP & Shibboleth IdP, Cantor, Scott, 08/08/2012
- RE: [Assurance] Addressing InCommon IAP & Shibboleth IdP, Roy, Nicholas S, 08/08/2012
- RE: [Assurance] Addressing InCommon IAP & Shibboleth IdP, Jim Green , 08/08/2012
- Message not available
- Re: [Assurance] Addressing InCommon IAP & Shibboleth IdP, Brett Bieber, 08/08/2012
- RE: [Assurance] Addressing InCommon IAP & Shibboleth IdP, Roy, Nicholas S, 08/08/2012
- Re: [Assurance] Addressing InCommon IAP & Shibboleth IdP, Michael R. Gettes, 08/08/2012
- RE: [Assurance] Addressing InCommon IAP & Shibboleth IdP, Roy, Nicholas S, 08/08/2012
- Message not available
- RE: [Assurance] Addressing InCommon IAP & Shibboleth IdP, Russell J Yount, 08/08/2012
- Re: [Assurance] Addressing InCommon IAP & Shibboleth IdP, Cantor, Scott, 08/08/2012
- RE: [Assurance] Addressing InCommon IAP & Shibboleth IdP, Russell J Yount, 08/08/2012
- Re: [Assurance] Addressing InCommon IAP & Shibboleth IdP, Cantor, Scott, 08/08/2012
- RE: [Assurance] Addressing InCommon IAP & Shibboleth IdP, Russell J Yount, 08/08/2012
- Re: [Assurance] Addressing InCommon IAP & Shibboleth IdP, Cantor, Scott, 08/08/2012
Archive powered by MHonArc 2.6.16.