Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The Identity Federation operated by the German Research and Education Network (DFN) introduced Entity Categories (both for SPs and IdPs) in 2012 in order to support so-called "Virtual Sub-Federations". The setup is based on a whitelist maintained by a specific project or community and which is hooked up with the metadata registry. The project-specific EC is only available for entities listed on such a whitelist - a nightly check removes the EC automatically if an entity disappears from the respective whitelist. Using such an EC, (Shibboleth) SPs are able to select all project-related IdPs from the federation metadata and ignore the rest, while IdPs only have to set up one Attribute Filter Policy in order to release Attributes to a dynamic number of project-related SPs. This concept turned out to be quite popular, meanwhile (2015) three of these ECs are in use, a fourth has been requested recently.

The CoCo EC was introduced in July 2013, R&S in 2015.  While many SPs registered with the DFN-AAI committed especially to the Code of Conduct, the acceptance by German IdPs is still improvable. One reason for the reluctance of German IdP admins to support the CoCo and R&S ECs is the strictness and complexity of data protection laws and regulations in Germany, cf. http://dariah-aai.daasi.de/attribute-release_and_legal-stuff_wp.pdf

The Greek Federation experience (GR)

...