Work Description
This work item will collaborate with REFEDS and with E-INFRA-7 to support the work started in the REFEDS Federations Operations Practices on topics such as metadata management, key operations and others. The work will include:
- Participation in the Federation Operators group to further identify and refine the practices necessary to guarantee the integrity, availability and confidentiality of the federation operations service provided by the national identity federations.
- Piloting the best practice with a subset of federations in the GÉANT eduGAIN community .
- Driving take-up of support for operations best practice within the GÉANT eduGAIN membership by bringing proposals for their adoption to the eduGAIN SG.
Work Area Leader
Nicole Harris
Work Area Participants
Daniela Pöhn, Tangui Coulouarn, Peter Schober, Lalla Mantovani, Thomas Lenggenhager, Sigita Jurkynaite.
Work Area Actions / Ideas
- A Metadata Registration Practice Statement has been developed and circulated but not much feedback has been received. It is unclear whether this is because people are unhappy with the document / uninterested / think it is fine. Next steps would be to talk to the edugain SG about whether they would recommend this as a standard template for federations.
- Work with edugain SG to document adoption based on this statement.
- https://wiki.refeds.org/display/FBP/Federation+Operator+Best+Practice+-+FOP details proposed next steps in developing best practice. Need to ratify a direction for this and what next? Key Management might be interesting but has few use cases that push a need for its development. Publication is an important and problematic area. Need to work with edugain OT and SG on this one.
- Additional work added to make recommendations for updates to the eduGAIN policy framework to ensure that it is non-SAML specific.
Work Items:
| REF | Work Item | Description | Responsible | Due Date | Status |
|---|---|---|---|---|---|
| 1.3.a. | Position Entity Categories as Recommended Practices within eduGAIN, separate from Profiles | Work with Brook and the eduGAIN SG to establish a "recommended practices" section for eduGAIN and move Code of Conduct to this section. Work with eduGAIN SG to add additional entity categories to this section. |
| September 2015 | COMPLETE Recommendations given to eduGAIN, need eduGAIN team to deploy. |
| 1.3.b | eduGAIN policy change proposals to support | Propose policy changes to 1. establish a single SAML profile document and 2. change the eduGAIN constitution to be technology agnostic so other things could be hooked under this (Moonshot, GEANT Trust Broker, OIDC etc). Focus here needs to be on description of edugain OT, operational responsibility for trust broker technologies, changes to the SG to allow per-profile voting.
2. Initial draft available for comment - This is intended to highlight the areas that would need change, rather than presenting the changed documents out of context. A broad set of recommendations is available. Lukas' team also working on an eduGAIN BCP document and are seeking comments. | NH to undertake initial draft, ALL to comment and support drafting.
| October 2015 | COMPLETE Final draft of report with BS for consideration and then presentation to eduGAIN SG. |
| 1.3.c | Complete MRPS | Work on MRPS to break out non-SAML specific processes (e.g. process of registering an organisation) from SAML metadata constructs. Work with eduGAIN SG to make this a recommended template for eduGAIN. Initial draft available for comment. The preamble has been split out to allow people to concentrate on the document itself - would recommend adding this for all the documents to a wiki page. | NH to undertake initial draft, ALL to comment and support drafting. NH to present at eduGAIN SG meeting on 13th October 2015. SG have been asked to comment up until 13th November 2015. Sigita to help with turning the preamble into a wiki page that we can then link the templates off. | October 2015 | COMPLETE Final draft of report with BS for consideration and then presentation to eduGAIN SG. |
| 1.3.d | Policy template review | Complete a review of the policy template for required updates and work with eduGAIN OT to have this hosted in a more sensible place. | NH to establish policy template as working document. ALL to comment and support drafting. Sigita to help with turning the preamble into a wiki page that we can then link the templates off. | March 2016 | ON TRACK |