interfed - Re: [inc-interfed] value of InCommon joining eduGAIN
Subject: Interfederation
List archive
- From: John Krienke <>
- To: <>
- Cc: "Basney, Jim" <>
- Subject: Re: [inc-interfed] value of InCommon joining eduGAIN
- Date: Tue, 28 May 2013 18:08:50 -0400
- Authentication-results: sfpop-ironport04.merit.edu; dkim=neutral (message not signed) header.i=none
A good list. Some additions below. I'll try to write up a few other things separately as well.
On 5/28/13 4:15 PM, Basney, Jim wrote:
Following on to our phone discussion today, some thoughts on the value
proposition for InCommon joining eduGAIN.
Benefits:
* Multilateral exchange of metadata across established federations.
* Directory of federation contacts and links to policy docs at
http://www.edugain.org/technical/status.php.
We don't really get the first benefit without the big cost of determining trust described below. So what is the remaining benefit? I see a few:
* Shared Metadata profile that addresses security of MD
* Shared Attribute profile
* Shared governance on requirements and recommendations for international federation operations and policy
* Few constraints on independent policy and operations (Ian spoke about this on the call, if I captured this well. I mentioned that the flip side of this coin is risk, which I noted below).
Costs:
The biggest one is:
* Effort to analyze each federation's RPS and other policies to determine trustworthiness of metadata.
Once this is accomplished, we can start providing a trustworthy aggregate. One of the questions on the table is, can we provide an untrustworthy aggregate that would be of some use beforehand? This is one of those questions. Is there value in a technical aggregation of metadata sources that contains no claims of trust, ownership, veracity, or validity? It's a real question. I hear some edging toward yes, and I'm trying to understand why that is. Does this create a race to the bottom in trust?
* Legal effort to sign eduGAIN declaration.
* Effort to add RegistrationInfo elements to InCommon metadata.
* Effort to publish interfed metadata aggregate to InCommon members.
* Ongoing participation in eduGAIN steering group.
* Handling interfederation technical support, complaints, and incidents.
Non-benefits:
Perhaps we should call non-benefits, Risks. I would word some of the other
risks as:
* No claims about security of md registrations and veracity of md ownership
(source)
* No claims about security or possession of keys or domains in md (content)
* No claims about organizational naming or misnaming of entities listed in md (ownership)
* No consistent standard for entity registration.
Need to check each federation's registration practice statement.
* No consistent level of assurance of identities.
* SPs need to negotiate attribute release directly with IdPs.
john.
- [inc-interfed] value of InCommon joining eduGAIN, Basney, Jim, 05/28/2013
- Re: [inc-interfed] value of InCommon joining eduGAIN, Tom Scavo, 05/28/2013
- Re: [inc-interfed] value of InCommon joining eduGAIN, Ian Young, 05/28/2013
- Re: [inc-interfed] value of InCommon joining eduGAIN, Tom Scavo, 05/28/2013
- Re: [inc-interfed] value of InCommon joining eduGAIN, Basney, Jim, 05/28/2013
- Re: [inc-interfed] value of InCommon joining eduGAIN, Leif Johansson, 05/28/2013
- Re: [inc-interfed] value of InCommon joining eduGAIN, Tom Scavo, 05/28/2013
- Re: [inc-interfed] value of InCommon joining eduGAIN, Leif Johansson, 05/28/2013
- Re: [inc-interfed] value of InCommon joining eduGAIN, Tom Scavo, 05/28/2013
- Re: [inc-interfed] value of InCommon joining eduGAIN, Leif Johansson, 05/29/2013
- Re: [inc-interfed] value of InCommon joining eduGAIN, Tom Scavo, 05/28/2013
- Re: [inc-interfed] value of InCommon joining eduGAIN, Ian Young, 05/28/2013
- Re: [inc-interfed] value of InCommon joining eduGAIN, John Krienke, 05/28/2013
- Re: [inc-interfed] value of InCommon joining eduGAIN, Scott Koranda, 05/28/2013
- Re: [inc-interfed] value of InCommon joining eduGAIN, Tom Scavo, 05/28/2013
Archive powered by MHonArc 2.6.16.