Fri 23th Oct 2015 at 10.30-11.20 CEST
Adobe Connect: https://connect.sunet.se/edugain
Nicole Harris, GN4 SA5 Identity harmonisation task lead
Wolfgang Pempe, AARC NA3
Martin Haase, AARC NA3
Daniela Pöhn, GN4 SA5 Identity Harmonisation, Level of Assurance sub-task lead
David Groep, AARC NA3 lead
Mikael Linden, AARC NA3 LoA task lead, chair
Apologised
Tangui Coulouarn, GN4 SA5 Identity harmonization
Peter Gietz, AARC NA3
Notes
- Status of IdP-side (Daniela)
- https://wiki.geant.org/display/gn41sa5/IdP+survey
- https://wiki.geant.org/display/gn41sa5/Federation+survey
- Daniela went to the Herbsttreffen of ZKI AK Verzeichnisdienste, a meeting of German IdM operators
- 4 additional answers (+1 Renater and +1 GEANT)
- presented at Internet2 Tech Exchange
- short discussion about trust framework (in REFEDS meeting?),
- is step up authentication really good?
- results from InCommon IdP-survey
- GakuNin would like to participate with InCommon and GEANT in world wide solution (or whatever is the outcome)
- main issue to find out: LoA cost for IdPs (money/manpower). Got information from SWAMID and InCommon regarding the costs
- still some more IdPs to talk to?
- related issues (could be taken into account when surveying the IdPs)
- potential use of step-up authentication (potentially as a GEANT-provided centralized service?)
- potential use of guide to increase LoA?
- Sirtfi (incident handling procedures for IdPs)
- Status of SP-side (Mikael)
- Level of Assurance survey for SP communities
- Interviews done: CLARIN, ELIXIR, PRACE, photon/neutron
- Interviews scheduled: WLCG, EGI
- Interviews not scheduled: DARIAH, libraries (Mikael contacts Melanie and if she doesn't react escalates to David/Licia. Also possible to contact JISC collections). Bob Jones regarding Helix nebula etc (DavidG will contact Bob)
- Initial thoughts on LoA Floor:
- baseline: personal accounts, persistent IDs (no re-assignments), password authentication
- Self-assertion of LoA is good enough if supported by specific enough requirements. Self-audit could be supplemented by a tool that helps to do the self-audit (c.f. Surfnet's IdM maturity scan)
- next vc: Fri 13 Nov at 10:30 CET