Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Fri 23th Oct 2015 at 10.30-11.20 CEST

Adobe Connect: https://connect.sunet.se/edugain

   Nicole Harris, GN4 SA5 Identity harmonisation task lead
   Wolfgang Pempe, AARC NA3
   Martin Haase, AARC NA3
   Peter Gietz, AARC NA3
   Daniela    Daniela Pöhn, GN4 SA5 Identity Harmonisation, Level of Assurance sub-task lead
   David Groep, AARC NA3 lead
   Mikael Linden, AARC NA3 LoA task lead, chair

Apologised

   Tangui Coulouarn, GN4 SA5 Identity harmonization    harmonization    
   Sree GaneshPeter Gietz, AARC NA3

...

Notes

- Status of IdP-side  (Daniela)

  • https://wiki.geant.org/display/gn41sa5/IdP+survey
  • https://wiki.geant.org/display/gn41sa5/Federation+survey
  • Daniela goes went to the Herbsttreffen of ZKI AK Verzeichnisdienste, a meeting of German IdM operators
    • 2-3 replies form IdPs so far
      • 4 additional answers (+1 Renater and +1 GEANT)
    • presented at Internet2 Tech Exchange 
      • short discussion about trust framework (in REFEDS meeting?), 
      • is step up authentication really good?      
      • results from InCommon IdP-survey
      • GakuNin would like to participate with InCommon and GEANT in world wide solution (or whatever is the outcome)
      presenting at Internet2 Tech Exchange next week
    • main issue to find out: LoA cost for IdPs (money/manpower). Will be in touch with SWAMID Got information from SWAMID and InCommon regarding the costs
    • still some more IdPs to talk to?

    - related issues (could be taken into account when surveying the IdPs)

    • potential use of step-up authentication (potentially as a GEANT-provided centralized service?)
    • potential use of guide to increase LoA?
    • Sirtfi (incident handling procedures for IdPs)

    ...

    • Level of Assurance survey for SP communities
    • Interviews done: CLARIN, ELIXIR, PRACE, photon/neutron
    • Interviews scheduled: WLCG, EGI
    • Interviews not scheduled: DARIAH, libraries ?, others??(Mikael contacts Melanie and if she doesn't react escalates to David/Licia. Also possible to contact JISC collections). Bob Jones regarding Helix nebula etc (DavidG will contact Bob)
    • Initial thoughts on LoA Floor:
      • baseline: personal accounts, persistent IDs (no re-assignments), password authentication?
      • Self-assertion of LoA is good enough if supported by specific enough requirements (and perhaps a . Self-audit could be supplemented by a tool that helps to do the self-audit )What role IGTF could play in audits and a step-up authentication service, they have been in the LoA business for some time? (c.f. Surfnet's IdM maturity scan)

    - next vc: Fri 13 Nov at 10:30 CET