Skip to Content.
Sympa Menu

assurance - RE: [Assurance] Feedback desired on Baseline Exceptions for Trust in Federation

Subject: Assurance

List archive

RE: [Assurance] Feedback desired on Baseline Exceptions for Trust in Federation


Chronological Thread 
  • From: Christopher A Spadanuda <>
  • To: "" <>
  • Subject: RE: [Assurance] Feedback desired on Baseline Exceptions for Trust in Federation
  • Date: Fri, 29 Jul 2016 19:51:15 +0000
  • Accept-language: en-US
  • Authentication-results: spf=none (sender IP is ) ;
  • Spamdiagnosticmetadata: NSPM
  • Spamdiagnosticoutput: 1:99


Thank you to everyone who has provided feedback to date.

We are relying on you, the community, to provide the AAC with feedback on
what
we should be including in the Baseline Expectations. I would like to
encourage
additional suggestions on the wiki page. If you
think there is a practice that needs to be included please suggest it on the
wiki page. Others who agree, please +1 the suggestion to indicate your
support.

The AAC is opening up the wiki page as a means of tracking and managing
feedback. We want your input and will be considering it as we move forward.

Here is a link to the feedback page

https://spaces.internet2.edu/display/InCAssurance/Baseline+Expectations+for+Trust+in+Federation

Chris

___________________________________________________________________
Chris Spadanuda
AAC Chair



-----Original Message-----
From:


[mailto:]
On Behalf Of Steven Carmody
Sent: Friday, July 29, 2016 1:51 PM
To:

Subject: Re: [Assurance] Feedback desired on Baseline Exceptions for Trust in
Federation

On 7/29/16 12:00 PM, Tom Barton wrote:
> Hi Steven,
>
> Thanks for that feedback. Do you see further gaps in "trust level"
> between baseline and POP that are not called out already on the
> consultation page? And are there additional baseline expectations you
> think are needed to represent a "reasonable level for today's world"?

I was wondering, in particular, whether we'd expect to see a profile targeted
at IDM Management Policy and Practices.

Jim Basney has already called out one such item ( "IdPs will provide
authoritative and accurate attribute assertions to other Participants" - I
read that to mean that the site de-provisions properly when someone leaves; it
also means that the site maintains Affiliation values, etc as a person's role
changes).

Another example might be "each account is controlled/owned by a single person,
who is responsible for its use".

I expect all sites to behave consistent with those practices. I'm asking if
AAC sees those as Baseline practices, or as items in a layered profile related
to IDM prtactice ?

>
> Yes, the general idea is to add profiles on top of baseline. Work is
> well underway on one of those, Sirtfi. The REFEDS Assurance WG is
> working on another, motivated to address needs identified by a number of
> research communities. All who are interested are invited to join that
> new WG. After that ... we'll try to understand what is the next
> important target to shoot for.
>
> Thanks,
> Tom
>

Attachment: smime.p7s
Description: S/MIME cryptographic signature




Archive powered by MHonArc 2.6.19.

Top of Page