Skip to Content.
Sympa Menu

inc-ops-notifications - [InCommon NOTICE] Re: SIRTFI proof of concept [FYI only]

Subject: InCommon Operations Notifications

List archive

[InCommon NOTICE] Re: SIRTFI proof of concept [FYI only]


Chronological Thread 
  • From: Thomas Scavo <>
  • To: "" <>
  • Cc: InCommon Administration <>
  • Subject: [InCommon NOTICE] Re: SIRTFI proof of concept [FYI only]
  • Date: Mon, 12 Sep 2016 18:24:39 +0000
  • Accept-language: en-US
  • Authentication-results: incommon.org; dkim=none (message not signed) header.d=none;incommon.org; dmarc=none action=none header.from=internet2.edu;
  • Ironport-phdr: 9a23:7HmskRTC4hjOJKXOfEiQZaeqPtpsv+yvbD5Q0YIujvd0So/mwa64ZxyN2/xhgRfzUJnB7Loc0qyN7PCmBDdLuMvJmUtBWaIPfidNsd8RkQ0kDZzNImzAB9muURYHGt9fXkRu5XCxPBsdMs//Y1rPvi/6tmZKSV3XfDB4LeXtG4PUk9//l6Xro8WSME10g2/3YLV5aRKutkDXsdUXj4ppI7owzR3SinpOcONTwGRuY1WJkFy0ssa299tk6z8VvfU99sBBWqzmfqM+VpRZCj8hNmUy4ovsrxaVHiWV4X5JbmURlxNTSzPO5Q/9FsPtqDDxv/R68CicIcDsS70oA3Kv47o9G0ygszsOKzNsqDKfscd3lq8O5Uv5/xE=
  • Spamdiagnosticmetadata: NSPM
  • Spamdiagnosticoutput: 1:99

Following up from last week, there are now 108 entities in InCommon metadata
that contain the SIRTFI entity attribute. All but one of those (i.e., the
University of Chicago IdP) are entities registered by other federations. As a
side effect, the number of security contacts in metadata has jumped from 387
to 495 since every entity that contains the SIRTFI entity attribute also has
a security contact.

Since security contacts in metadata are generally useful, InCommon Site
Administrators are encouraged to log into the Federation Manager and add a
security contact to your metadata, whether it be IdP metadata or SP metadata.
A security contact in metadata [1] informs your partners who to contact in
the event of a security incident, which is what federated incident response
is all about.

Tom

[1] Contacts in Metadata https://spaces.internet2.edu/x/BomKAQ

________________________________________
From:


<>
on behalf of Thomas Scavo
<>
Sent: Thursday, September 8, 2016 2:10 PM
To:

Cc: InCommon Administration
Subject: [InCommon NOTICE] SIRTFI proof of concept [FYI only]

You may have heard that InCommon is conducting a proof of concept for SIRTFI
Federated Incident Response. For details, see "Proof of Concept for SIRTFI
Federated Incident Response" in the September issue of the InCommon
Newsletter. [1]

In conjunction with this proof of concept, we will adjust our metadata import
policy rules [2] to allow the SIRTFI entity attribute to be imported from
eduGAIN:

<mdattr:EntityAttributes
xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
<saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
Name="urn:oasis:names:tc:SAML:attribute:assurance-certification"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<saml:AttributeValue>https://refeds.org/sirtfi</saml:AttributeValue>
</saml:Attribute>
</mdattr:EntityAttributes>

This entity attribute should have no immediate effect on InCommon IdP and SP
deployments but we wanted to let you know this was happening in case these
attributes showed up on your radar.

We intend to make this change to our import process TOMORROW (9/9) but if we
run into any problems, it may be delayed until next week. If you have any
questions or concerns, please contact us at


[1] http://www.incommon.org/newsletter/2016_09.html
[2] Interfederation Technical Policy https://spaces.internet2.edu/x/TgCNBQ

-----
Tom Scavo
For InCommon Operations


Archive powered by MHonArc 2.6.19.

Top of Page