Assurance

[Ann West <>]

Hello,

Susan's question reminded me that I needed to send out an update about the Assurance service. 

- First Certified Campus - Virginia Tech is the first campus to be certified in Bronze and Silver (version 1.1).  We commend Mary Dunker and her team for their thorough work and thank them for providing feedback on the certification process. We will be inviting Mary and her folks to answer your questions about their implementation on Wednesday's Assurance Implementers Call as I mentioned in an earlier note. 

- NIH - University of Florida is leading assurance testing with NIH to enable their gateway to request and consume InCommon assurance qualifiers. Current  (informal) discussions at the Internet2 Member Meeting point to a release of NIH's ERA (grant submission) service in January 2013. This service will require Silver for users using federated credentials.  I'm working with our NIH contacts to see if we can get official notice of this release and timetable for it. 

- Update on FICAM and 1.2 Framework and Profile Documents - It's the end of the fiscal year for the Federal Government, and their attention has moved to renewing contractors and closing books. However, we hope to hear word shortly about 1.2 and roll out the Simplified Bronze this fall.

- Posting 1.2 Versions - Since the FICAM review is taking longer than expected, I'll be posting the Steering approved 1.2 version that we sent to FICAM. As a reminder, if your campus is planning to apply for certification now, you'll need to reference 1.1.

- Value Proposition for Silver - In the last couple of weeks, I've received several requests for a Silver Value Proposition. I'll be working with the Assurance Advisory Committee to draft up a basic discussion of the value and will circulate ir to this list. In the interim, if you have developed something similar and feel comfortable sharing it with your colleagues, please post it to the wiki:

https://spaces.internet2.edu/display/InCAssurance/Community+Contributions. I've added a page entitled Value Propositions for Assurance. 

- Assurance Over-the-Wire -  As you know, Assurance isn't expressed using an attribute, but rather using SAML AuthnConext requests. And while it's a part of the spec, implementations in the wild are very new and require a bit of tweaking. Through our testing, we're finding that we need to develop better documentation for SPs and IdPs than what we have on the Assurance wiki. And we're working with the InCommon Techncal Advisory Committee to make AuthContext easier to support and integrate. Stay tuned on this front.  

- Third-Party Audit - As we proceed on our quest to identify profile audit services for campuses unable to perform their own review, we've had several promising discussions with firms around the country. If you know of an organization that would be interested in supplying this service, please let me know. 

If you have suggestions, please forward them my way. 

Best,

Ann 

--
Ann West
Assistant Director,
Assurance and Community
Internet2/InCommon/Michigan Tech
awest@internet2.edu
office: +1.906.487.1726