...
| 10:30 - 12:30 | GÉANT Project Future Workplan |
| 12:30-13:30 | Lunch |
| 13:30 | State of the Interfederation Service - Brook Schofield (PDF) |
| 14:00 | Thinking of best practices in eduGAIN - Nicole Harris |
| 14:30 | eduGAIN Support - Thomas Baerecke (PDF) |
| 15:00 - 15:30 | Coffee break + Catch-Up Time |
| 15:30 | T&I Operations - Dick Visser (PDF) |
| 16:00 | Any other Business (PDF) |
| 16:30 | Summary and Actions |
| 17:00 | Close |
...
Thinking of best practices in eduGAIN
Nicole clarified that work on reviewing all policies has largely been completed. There was no need to change the eduGAIN Policy Declaration. The constitutions is completely published and that new constitution requires a SAML profile going with it. The current status of the consultation was presented and a few "sticking points" were discussed.
Peter Schober clarified his comment about MetaIOP where "you must trust a key that is contained in the MD, purely since you trust the MD. You cannot NOT TRUST a certificate as a result and ADFS is not always compliant". In the balancing act of not kicking out ADFS and making use of existing definitions, further discussion will be required to resolve this.
In the current version of the policy, we require registrationinstant - but if nobody uses it, why do we keep it? There weren't any good reasons to enforce its use (which we don't anyway because it is SHOULD) simpler to remove.
Finally, regarding MD aggregators that aggregate metadata from multiple sources MUST use <mdrpi: PublicationPath> but since MDS only accepts metadata from a registrationAuthority and would ignore other entries this isn't needed. Delete.
[ACTION] Nicole to review and republish the eduGAIN SAML Profile.
...
Any other business was triggered by a short slide deck by Niels van Dijk (PDF) which presented on a proposal to make community signed metadata (in the vein of PEER/REEP) available with decorations. No concrete action resulted from this discussion.
All presentations can be found online.
...