UPDATE ......From Tuesday 8 April 2025 we have changed the way that Single Sign-on works on this wiki. Please see here for more information:
Update
When a new identity federation applies to join eduGAIN, the eduGAIN Secretariat and business development team will work closely with them to help them prepare and meet all the membership requirements. The following steps will be taken and will be used as a template to manage Candidate applications. Each "step" may run concurrently, depending the on the readiness of the federation.
| Candidate Name | CAFMoz |
|---|---|
| OTRS Ticket Number | TT#2022090134002134 |
eduGAIN New Candidate Process
| Steps | Requirements | Actions | Owner | Timeframe | Notes |
|---|---|---|---|---|---|
| Step 1: Initial application meeting / readiness discussion | This initial meeting will talk the candidate through the joining process, get an understanding of the technical infrastructure of the federation and it's maturity and also share information about useful resources for the federation such as the eduGAIN website and wiki and the REFEDS resources. If not already familiar, federations will also be talked through the available document templates and the various eduGAIN tools that can be used for testing compliance and reviewing issues. |
| BD Sec | Set up meeting within 2 weeks of receiving request | |
| Step 2: Collect required information for membership application | There are a number of formalities that need to be addressed before a federation can become a membership candidate. These are known as the "joining checklist" and represent the core information that is held about each federation to enable metadata consumption and to start the trust building process. |
| Sec / OT | TBD - depending on maturity of federation | Delegate Deputy |
Step 3: eduGAIN Secretariat review of federation documentation | The eduGAIN Secretariat will undertake an initial review of the federation Policy and MRPS documents and may invite others to help support this process. The aim of this step is to help the federation identify any potential issues that might come up from the community review process and ensure step 5 goes as smoothly as possible. |
| Sec | 4 - 6 weeks | |
| Step 4: Technical review | The purpose of the technical review is to iron out any issues the federation may have with publishing and consuming eduGAIN metadata on a daily basis to ensure that the federation can run successfully with no / low error rate when membership is approved. |
| Sec / OT | Concurrent with Step 5 & 6 | |
| Step 5: membership review of federation documentation | As stated in the eduGAIN Constitution, the eduGAIN Steering Group (eSG) is responsible for: "Reviewing and approving the membership of new Federations". Step 5 and Step 6 support this requirement. |
| Sec | 4 weeks (or 2-3 weeks for assessment + 1-2 weeks for the applicant to process the feedback?) | |
| Step 6: voting | Formalised vote for membership acceptance |
| Sec | 2 weeks | |
| Step 7: formal registration | This final step ensures that the candidate is able to fully utilise the eduGAIN service after the community vote is successful. |
| Sec |
eduGAIN New Candidate Assessment Feedback
Assessment Period: DATES
Policy: document
MRPS: https://cafmoz.morenet.ac.mz/wp-content/uploads/2024/09/CAFMoz-Metadata-Registration-Practice-Statement.pdf
| Comment # | Document (Policy / MRPS) | Document line / reference | Proposed Change or Query | Proposer / Affiliation |
|---|---|---|---|---|
| 1 | Policy | Section 7, page 6 | Add a reference (link URL...) to the existing privacy regulatory framework applying | Mario Reale/GÈANT |
| 2 | Policy | Section 9, page 6 | eduPerson (instead of eduperson) | Mario Reale/GÈANT |
| 3 | Policy | Section 14, page 8 | Add a reference to the competent legal authority to settle disputes | Mario Reale/GÈANT |
| 4 | Policy, Sec4 | Typo "EduGAIN" | change to "eduGAIN" | Casper Dreef/GÉANT |
| 5 | Policy, Sec 4 | "Interfederation" | "the" is now bold. | Casper Dreef/GÉANT |
| 6 | Policy, Sec 4 | "Service Provider" | I would strongly suggest to use follow the definitions as described in the REFEDS template: https://wiki.refeds.org/display/FBP?preview=/44957944/44958086/Identity%20Federation%20Policy%20Template%20v0.4.pdf | Casper Dreef/GÉANT |
| 7 | Policy, Sec 4 | "Identity Provider" | Idem | Casper Dreef/GÉANT |
| 8 | Policy, Sec 4 | "User" | Idem | Casper Dreef/GÉANT |
| 9 | Policy, Sec 4 | General | Please review your Definitions section against the REFEDS template (see link above). | Casper Dreef/GÉANT |
| 10 | Policy, Sec 6 | What are are the responsibilities of the Governance Body? An example description can be found in the aforementioned template. | Casper Dreef/GÉANT | |
| 11 | Policy Sec 7 | I couldn't find the privacy policy on the federation website. | Casper Dreef/GÉANT | |
| 12 | Policy Sec 7 | Risk assessment | Are the Federation Members responsible for performing risk assessments on the CafMoz infrastructure? | Casper Dreef/GÉANT |
| 13 | Policy Sec 9 |
| Why are date of birth and national id number required? Is this a legal obligation? | Casper Dreef/GÉANT |
| 14 | Policy Sec 11 | How would this audit work in practice? | Casper Dreef/GÉANT |