Page History

This proposal is to experiment with distributed ledger technology as a pilot aimed for production to provide a live and auditable record of who has claimed what about any entity and in turn, leverage these entity claims to augment existing metadata as well as other future protocols in a variety of ways. 

Metadata decoration, regardless of protocol(SAML,OIDC,ABFAB,etc) is challenging to do at scale and equally challenging to do in a trustworthy way economically. By using the features of a distributed permissioned ledger there is an opportunity to leverage our rich set of entities in our respective trust fabrics.  Each entity already has cryptographic keys  to ‘go on record’ and assert things about other peer entities. These assertions in the distributed ledger would be signed using the existing keypair that each entity controls to indicate the authenticity of the claim. These claims can be verified leveraging the existing key distribution in our metadata. The distribution of said claim is handled by the decentralized ledger and thus reduces overhead in overall operations and has resiliency aspects over a centralized service.

These claims could indicate almost anything. Some interesting ones may be:

• A SIRTFI service entity could sign its claim that a given entityId is SIRTFI compliant
• An entity could claim a given entityid possesses an entity category tag of any label
• A federation operator could sign a claim that a given entityId belongs to its federation
• An entity could claim a given entityid has a certain SSLLabs score as of a given date
• A service provider could sign a claim that a given entity is permitted in its discovery service
• An entity could sign a claim about an entity in its community of interest
• An entity could sign a claim about where geographically an entity resides

Anyone publishing or handling metadata can then choose to merge (metamerge?) their choice of any or all of the above into their metadata and sign it. Similarly, use cases exist for those already receiving our metadata to ‘listen’/read’ certain things from the distributed ledger to augment the metadata for their own purposes: e.g. render enhanced discovery for service only showing SIRTFI compliant entities or showing entities that are in my community of interest, etc  This is especially interesting as our federations move toward MDQ as a way to achieve more near real time delivery of elements about entities.

Decision of what to merge and consider ‘appropriate decoration’ is always in the hands of the person/process merging the data be them federation, identity provider, or service provider operator. This is done by determining which keys sign which claims and which keys will be considered anchors for the claim.   If another entity attempted to sign a same claim, the validation would fail because it would not be signed by the right anchor or authority.

Other interesting features of this approach is that it is a distributed ledger system and thus decentralized and lends itself well to our geographically diverse community. Another benefit is the ledger technique is agnostic to underlying trust-fabric technology. Usage examples: Populate only SIRTFI OIDC Ops for discovery. Show only members of a community of interest in a given user interface in moonshot, indicate which IdPs are in govroam and/or eduroam etc.

A group of interested participants to assist with initial structure and would contribute a portion of time to the activity 3 – 18 months depending on how robust one would want things and who participates. I can better elaborate if there are more +1's here

Niels: This might be build on top of existing work in GEANT project from Linus (certificate transparency)