...
The latest Snctfi document is at
- https://docs.google.com/document/d/1WGcH3RqPpD_3usqL4sEq1S73iiF2-FUTiE6X0WlVYTo1kNkfAAzFEAo1dxVaJqj55uu3HNBmi0ZL12EpQa9p3O8/edit?usp=sharing
Building on the structures of the Security for Collaboration among Infrastructures (SCI) framework, the “Security Networked-Community Trust-framework for Federated Identity” (Snctfi) proposes a policy framework that allows determination of the 'quality' of such SP-IdP proxies. For example, a SP-IdP-proxy for EGI – proxying for all its compute and storage services – would be able to express to the R&E federation space that is has an internally-consistent policy set, that it can make collective statements about all its constituent services and resource providers, and that it will abide by best practices in the R&E community, such as adherence to the Data Protection Code of Conduct (DPCoCo), REFEDS Research and Scholarship (R&S) entity category, Sirtfi – the security incident response trust framework that is in itself a development from the SCI structure.
...