When a new identity federation applies to join eduGAIN, the eduGAIN Secretariat and business development team will work closely with them to help them prepare and meet all the membership requirements. The following steps will be taken and will be used as a template to manage Candidate applications. Each "step" may run concurrently, depending the on the readiness of the federation.
Candidate Name | GARNET Identity Federation https://gif.garnet.edu.gh/ |
OTRS Ticket Number | TT#2024030734001159 |
eduGAIN New Candidate Process
Steps | Requirements | Actions | Owner | Timeframe | Notes |
Step 1: Initial application meeting / readiness discussion | This initial meeting will talk the candidate through the joining process, get an understanding of the technical infrastructure of the federation and it's maturity and also share information about useful resources for the federation such as the eduGAIN website and wiki and the REFEDS resources. If not already familiar, federations will also be talked through the available document templates and the various eduGAIN tools that can be used for testing compliance and reviewing issues. |
| BD Sec | Set up meeting within 2 weeks of receiving request | |
Step 2: Collect required information for membership application | There are a number of formalities that need to be addressed before a federation can become a membership candidate. These are known as the "joining checklist" and represent the core information that is held about each federation to enable metadata consumption and to start the trust building process. |
| Sec / OT | TBD - depending on maturity of federation | |
Step 3: eduGAIN Secretariat review of federation documentation | The eduGAIN Secretariat will undertake an initial review of the federation Policy and MRPS documents and may invite others to help support this process. The aim of this step is to help the federation identify any potential issues that might come up from the community review process and ensure step 5 goes as smoothly as possible. |
| Sec | 4 - 6 weeks | |
Step 4: Technical review | The purpose of the technical review is to iron out any issues the federation may have with publishing and consuming eduGAIN metadata on a daily basis to ensure that the federation can run successfully with no / low error rate when membership is approved. |
| Sec / OT | Concurrent with Step 5 & 6 | |
Step 5: membership review of federation documentation | As stated in the eduGAIN Constitution, the eduGAIN Steering Group (eSG) is responsible for: "Reviewing and approving the membership of new Federations". Step 5 and Step 6 support this requirement. |
| Sec | 4 weeks (or 2-3 weeks for assessment + 1-2 weeks for the applicant to process the feedback?) | |
Step 6: voting | Formalised vote for membership acceptance |
| Sec | 2 weeks | |
Step 7: formal registration | This final step ensures that the candidate is able to fully utilise the eduGAIN service after the community vote is successful. |
| Sec |
eduGAIN New Candidate Assessment Feedback
Documents provided | Togo federation. https://gif.garnet.edu.gh/ provided docs | URL on the fedederation webpage |
Ghana Policy doc v1.1 | identityfredrationpolicy-GhanaFed.pdf | |
Ghana MRPS doc v1.1 | metadataregistrationpracticestatement-GhanaFed.pdf | http://gif.garnet.edu.gh/pdf/metadataregistrationpracticestatement.pdf |
Assessment Period: DATES
Comment # | Document (Policy / MRPS) | Document line / reference | Proposed Change or Query | Proposer / Affiliation | Reply Candidate |
#1 | Metadata | Provided metadata source is invalid | Casper Dreef, GÉANT | This now seems to be working again (Casper) | |
#2 | Policy 3.1 Governance + 3.3 Obligations and Rights | 3.1 bullet: Approves the fees to be paid by the Federation Members to cover the operational costs of the Federation, on proposal of Federation Operator. | I would be interested to learn how this process works when federation member (Idp/SP) applies for membership. | Casper Dreef/GÉANT | We rephrased the bullets in 3.1 and 3.3 to bring clarity. A portion fees paid by Federation Members, will be allocated to cover the operational costs of the Federation |
#3 | MRPS | Headers throughout the document are called Entity Eligibility and Validation | The headers probably changed when converting the MRPS into a pdf file. The table of content does show the correct headers. | Casper Dreef/GÉANT | Update completed |
#4 | MRPS Section 6.1 | Communication of change happens via (e-mail) | Please specify the contact email address | Casper Dreef/GÉANT | Email address added |
#5 | Policy 3.3 | If a Federation Member processes personal data, the Federation Member will be subject to applicable data protection laws and must follow the practice presented in the Data Protection Profile derived from the Ghana Data Protection Regulation of 2019 by the National Information Technology Development Agency: | The link to the data protection regulation is broken. When I try to find the regulation I only find the Data Protection Act, 2012 (Act 843), not the one from 2019. | Pål Axelsson, Sunet | |
#6 | MDRPS Section 5 | Defintion of registration of DNS based scope is missing. The scope registration for identity providers is mandatory and if it's missing attributs may be automatically filter by services. | Pål Axelsson, Sunet |