With InCommon interconnected to the global federation community, participants now have the opportunity to take part in and support policies and standards being developed internationally. One of the most promising collaborations in this area is the Security Incident Response Trust Framework for Federated Identity (Sirtfi). Developed by a working group comprising international research, campus, and federation operator community members, this framework and related entity tags for IdPs and SPs serves as a first iteration of a global federated incident response approach.
Very shortly, InCommon will begin a proof of concept to support the federation role of the Sirtfi framework for three InCommon identity providers (and a few SPs to be identified) to enable international experimentation with and further refinement of the Sirtfi framework and to continue the community’s work to increase trust within and across our federations. This proof of concept will affect our trust registry/metadata aggregate, but should have no impact on any operations.
This proof of concept will include very scoped support for Sirtfi including:
- Importing the Sirtfi entity attribute for those international IdPs and SPs that have chosen to adhere to the specification along with importing the REFEDS Security Contact metadata into InCommon metadata from eduGAIN.
- Adding to the InCommon aggregate and exporting to eduGAIN the REFEDS security contact and the Sirtfi entity attribute on the entity descriptors of the following IdPs:
- The University of Chicago
- Adding the Sirtif tag to several LIGO SPs
Given the Sirtfi federation operator obligations have not been finalized, InCommon is working to confirm with these IdP operators and their executive contacts that they comply with the framework by having them self assert to the requirements.