Discuss documents A, B, C:

• Table of Contents
• Key points to mention

Decided to prioritise document C

Introduced June from RZG, who is liasing for Geant to consume results of our document

Document responsibility handed to Uros,

Finalise Intro: Marcus

Agreed from now on to use Vidyo room:

https://www.nikhef.nl/grid/video/?m=aarcjra1

Short review of the doc, and discussion about the future steps.

Discussion about the possible implementations of the step-up:

From the SP point of view, there are 3 use cases:

• First, if the SP requires having MFA (or step-up of other components), then all IdPs which users are accessing this service need to support and provide MFA, which may be difficult to achieve
• Second, the SP itself may implement MFA functionality (the actual implementation of this use case was not elaborated at this point)
• Third (most interesting at this point), there can be IdP-proxy that can provide step-up service (e.g. for MFA)

Possible description of the third use case:

• User authenticates with the SP and establishes a browser session. The SP then can redirect the user to the predefined IdP-proxy service, where the user can then go through the step-up procedure (e.g. perform MFA). After successful performance of the step-up procedure, the user is redirected back to the SP. SP then can grant access to the user.

Future work:

• Pinging Stefan for SafeShare chapter: Uros
• Review old comments and try to resolve them: Uros
• Create initial drawing of the third use case, on lucidchart: Uros
• For everyone: going through the doc, and fix current issues