Internet2 is investigating a security incident involving a compromise to a confluence server that affected https://spaces.at.internet2.edu on April 10, 2019, which was successfully mitigated on April 12, 2019. If you did not receive an email from us, it’s unlikely that any of the content you submitted to the Internet2 Spaces Wiki needs to be re-entered. We apologize for any inconvenience this may have caused. Should you have any questions or require further assistance, please email collaboration-support@internet2.edu.
Skip to end of metadata
Go to start of metadata

With InCommon interconnected to the global federation community, participants now have the opportunity to take part in and support policies and standards being developed internationally. One of the most promising collaborations in this area is the Security Incident Response Trust Framework for Federated Identity (Sirtfi). Developed by a working group comprising international research, campus, and federation operator community members, this framework and related entity tags for IdPs and SPs serves as a first iteration of a global federated incident response approach.

Very shortly, InCommon will begin a proof of concept to support the federation role of the Sirtfi framework for three InCommon identity providers (and a few SPs to be identified) to enable international experimentation with and further refinement of the Sirtfi framework and to continue the community’s work to increase trust within and across our federations. This proof of concept will affect our trust registry/metadata aggregate, but should have no impact on any operations. 

This proof of concept will include very scoped support for Sirtfi including:

  • Importing the Sirtfi entity attribute for those international IdPs and SPs that have chosen to adhere to the specification along with importing the REFEDS Security Contact metadata into InCommon metadata from eduGAIN.
  • Adding to the InCommon aggregate and exporting to eduGAIN the REFEDS security contact and the Sirtfi entity attribute on the entity descriptors of the following IdPs:
    • NCSA
    • LIGO
    • The University of Chicago
  • Adding the Sirtif tag to several LIGO SPs

Given the Sirtfi federation operator obligations have not been finalized, InCommon is working to confirm with these IdP operators and their executive contacts that they comply with the framework by having them self assert to the requirements.

  • No labels