Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

In December 2015, the European Parliament and Council reached agreement on data protection reform [DPREFORM]. This will require legal and federation consultation and analysis of eduGAIN’s policies focused on attribute release (Code of Conduct, EU and international variants, Research and Scholarship Entity Categories, recommendations on User consent), in particular focusing on service implications for eduGAIN members.

 

1.1.1eduGAIN policy reviewInvolved (lead)TimeframeComments
 
1.1.1.1Working group on eduGAIN constitution reviewNicole, Brook, Justin, Peter S, Alessandra, Marina, Chris P (advising), Tomasz
  
July - December 2016Complete
1.1.1.2
 
Community consultation and vote on eduGAIN constitutionBrook and Nicole
   
December 2016 - February 2017

Complete

https://technical.edugain.org/doc/eduGAIN-Constitution-v3ter-web.pdf

1.1.1.3Create a SAML Technology Profile that combines the current Metadata and WebSSO profiles.  Consider making this mandatory (although not all the pieces within it REQUIRED or MUST)Nicole, Brook, Justin, Peter S, Alessandra, Marina, Chris P (advising), Tomasz

February - July 2017 


Initial consultation complete.  Final edit and voting to complete.

2018 eduGAIN SAML Profile Consultation

IMPACTS:

 - need to update the current validator.

 - need to restructure the joining the checklist. 

Complete

1.1.1.4Review the requirements in the existing eduGAIN metadata profile and add areas that are missingNicole, Brook, Justin, Peter S, Alessandra, Marina, Chris P (advising), Tomasz
  
February - July 2017 Complete
1.1.1.5
 
Add in details to the eduGAIN SAML Technology Profile that are SAML specific requirements but have currently not been covered or removed from constitution (certificates, metadata url,
MDRPS
MRPS)Nicole, Brook, Justin, Peter S, Alessandra, Marina, Chris P (advising), Tomasz
  
As part of 1.1.1.3 Complete
1.1.1.6
 

Manage issues associated with current SAML2int problems, liaise with Kantara and define WebSSO requirements for edugain

??   
BrookDependency unknown - awaiting community to move Overtaken by work at InCommon and Kantara work
1.1.1.7Introduce MRPS developed by REFEDS as standard templateNicole and
Justin   
Brookunknown

Proposal socialised at various meetings.   Dependency on requirements set in the SAML Profile.

Work has become to implement via:


1.1.1.8Deprecate current Attribute Profile and work on a best current practice (BCP) document to replace this.  BCPs to be R&S, CoCo, MFA and Sirtfi.NicoleJan - Jul 2018

 Proposal socialised at various meetings. 

What does it mean to have a BCP?

   

  • Documented on the eduGAIN website.
  • These will be monitored and shown as warning in validators (including history).
  • Warnings will be followed up by edugain-support.
  • We will advertise and promote the BCP.


Do we need a incident response template for federations?

Add security contacts for federations.

1.1.1.9Position Code of Conduct and R&S as a best practice document and not a profileTomasz and Brook
   
Jan - Jul 2018 Complete
1.1.1.10Write eduGAIN Operational Practice Statement
(this is currently a 1.2 workitem)  
TomaszSept - Dec 2017

 eduGAIN Operations - SAML

eduGAIN Operational Practice Statement

1.1.1.11
 
Write eduGAIN Metadata Aggregation Practice Statement
(this is currently a 1.2 workitem) 
TomaszSept - Dec 2017 Metadata Aggregation Practice Statement
 
  1.1.2Review text of
GDRP
GDPR M4-M6
Get input from Andrew C
Complete
 Review Federation interpretations of impact on their local and eduGAIN systems M6-M8
 
 Complete
 Develop statements and recommendations for stakeholders M8-12
 
 Complete
 M9.2 Assessment of DP Legislation Implications M8 (EC Milestone)
Does not need full TA review
Complete
  1.3CoCo V2MikaelOngoingDependencies -
GDRP
GDPR, Privacy Shield. Cross-ref with REFEDs
 International CoCo DevelopmentMikaelOngoingDependencies -
GDRP
GDPR, Privacy Shield. Cross-ref with REFEDs

Current Status

 

Milestone/Deliverable

GREY  Milestone M9.2: Assessment of DP Legislation Implications, M8, White PapePaper