Skip to Content.
Sympa Menu

assurance - Re: [Assurance] Feedback desired on Baseline Exceptions for Trust in Federation

Subject: Assurance

List archive

Re: [Assurance] Feedback desired on Baseline Exceptions for Trust in Federation


Chronological Thread 
  • From: Tom Barton <>
  • To:
  • Subject: Re: [Assurance] Feedback desired on Baseline Exceptions for Trust in Federation
  • Date: Fri, 29 Jul 2016 11:00:26 -0500

Hi Steven,

Thanks for that feedback. Do you see further gaps in "trust level" between baseline and POP that are not called out already on the consultation page? And are there additional baseline expectations you think are needed to represent a "reasonable level for today's world"?

Yes, the general idea is to add profiles on top of baseline. Work is well underway on one of those, Sirtfi. The REFEDS Assurance WG is working on another, motivated to address needs identified by a number of research communities. All who are interested are invited to join that new WG. After that ... we'll try to understand what is the next important target to shoot for.

Thanks,
Tom

--
Tom Barton
Senior Director for Architecture, Integration, and Security
Chief Information Security Officer
IT Services
University of Chicago
+1 773 834 1700



On 7/29/2016 10:39 AM, Steven Carmody wrote:
On 7/7/16 9:54 AM, Christopher A Spadanuda wrote:

To inform changes InCommon might make to the status quo the AAC took a
step back and decided to try to express, in simple and straightforward
language, what those who rely on federation expect of themselves and of
their federation partners.

This approach is a huge improvement over the current, rather outdated, approach of asking sites to publish a POP containing text.

However, this profile contains the word BASELINE in its title; I'm also struck that it doesn't include mention of some items that were supposed to be included in a POP statement. The obvious examples are already called out in the feedback (eg #7, 8,9).

Once this Baseline profile is promulgated, is the AAC planning to develop additional profiles layered on top of the Baseline ? Trustmarks of some sort ? Should the community push to raise the proposed Baseline at least to the level of the POP, or even to a "reasonable level for today's world" ?

Or should we wait for the follow on set of profiles ? If this is the case, has the AAC begun to think about what that set of profiles might be ?

thanks !








Archive powered by MHonArc 2.6.19.

Top of Page