Scribing Template --Wed., Nov 13, 2013 at 10.15am -- Santa Barbara Room

TOPIC: Social 2 SAML IdP / CommIT Project

CONVENER: Michael Gettes

SCRIBE: Rob Chevalier

# of ATTENDEES: ~30


Identity Providers of Last Resort

Questions to promote discussion:

  • Is this a good idea?  
  • Is there a choice?  
  • Will we short-circuit the value of campus IdPs?
  • What if IdPs could be spun up quickly for specific needs?


  • Closed IdPs federations are like a private club.
  • Scott C expressed that authentication should not be based on IdP but on user data.
  • There is a long standing culture among universities to not trust social network identities but times have changed.
  • Some services may wish to allow social identities while others might not.
  • Define a new metadata tag to identify these networks within a global federation.  A federaion of Last Resort?
  • Most applications don't care about authorization or don't do it well.  Most just want an user name and identifier/email.
  • Trust is fundementally a branding issue sometimes irrationally.
  • Maybe a metadata aggregator to consolidate community IdPs and IdPs of last resort could work.
  • The CommIT pilot seems like a step in this direction but again doesn't trust Social network Identities.
  • It all seems to boil down to trust.


  • Look at CommonApp and see if you organization is a member. If so, push for CommonApp to support federation.

If slides are used in the session, please ask presenters to convert their slides to PDF and email them to

  • No labels