InC-Lib-Vendor

["Kent Percival" <>]

Scott makes some interesting and useful points to guide our development.

1.      I think it was clear from our vendor discussions that common-lib-terms is more of a problem than a solution, at least in the long run and not being used by some..  Should we  revise the “strongly recommend” downward and add something that suggests the convention is changing.

2.      As Scott notes some of our examples include Shib1.x-only functionality.  With Shib 1.x being EOL’d next summer and InCommon recommending new implementations be Shib 2 (SAML 2.0) compliant, we will be in a transition period for some time.  A couple things to clarify ..

a.       Where are the leading vendors at?  What’s the roadmap?   BTW I just had a conversation with a big LMS vendor who are talking about implementing Shib in a new platform using Sun Open SSO which is “pure SAML 2.0” and does not play with Shib 1.3 sites!

b.      Do we need to further clarify the audience for our best practices documents.  Or universities with an existing Shib 1.3 deployment, and for

c.       Should we also develop a Best Practise for newer vendor participants focusing on best SAML 2.0 design?  - would that have implications on the client (IdP) side?   Perhaps, we could find out a bit more from the JISC planning team who are looking at Shib 1.3 – Shib 2.0 transition too.

The current Best Practice document serves some immediate needs and speaks to current implementations.  The best way to deal with transition issues may be to leave our document as is and develop a Roadmap document to describe a common understanding of what the next few transition steps are, as we currently see them.  The roadmap would also help us understand who the players are in these processes.

·         Transition from Shib 1.3 to SAML 2.0 compliance

·         Replacement/improvement (and international standardization) of eduPersonEntitlement for entitlement assertion to library vendors

·         Standardization of the “SessionInitiator” URL format for deep linking to resources.

·          … ??

 

BTW, Norman Wiseman, Head of Services and Outreach, JISC, presented Lessons from the United Kingdom's Experience with Federated Access Management (click for video/slides of session) at EDUCAUSE 2009.   One of the things he talks about is that JISC is concerned about the shortcomings of eduPerson and that they are planning to revise it.  In a conversation afterwards, limitations of “entitlement” assertion was one of the issues they want to address.  Norman talked about doing this revision with REFeds so that it is internationally recognized and adopted by multinational vendors.

 

 

....Kent

 _

 

 

> -----Original Message-----

> From: Andy Ingham [mailto:]

> Sent: November 18, 2009 09:19

> To: inc-lib-vendor

> Subject: [InC-Lib-Vendor] [Fwd: [confluence] Confluence Changes in the last 24 hours]

>

> For those who aren't signed up to receive notices from the InCommon wiki

> upon updates there, note that we have our first "comment" on the Best

> Practices doc:

>

> See BOTTOM of:

>

> https://spaces.internet2.edu/display/inclibrary/Best+Practices

>

> Andy

>

 

Attachment: smime.p7s
Description: S/MIME cryptographic signature