UPDATE JULY 31, 2017
Following the completion of the work of the MFA Interoperability Profile Working Group, the MFA Profile was taken under consideration by the REFEDS (Research and Education FEDerations) group. After a slight modification to the profile and a period of community consultation, the REFEDS Steering Committee voted to adopt the profile in June 2017. The REFEDS profile is live and ready for implementation at https://refeds.org/profile/mfa.
Working Group Chair: Karen Herrington
Working Group Flywheel: David Walker
Email list: firstname.lastname@example.org . To subscribe this list, email email@example.com with the subject line subscribe mfa-interop
Report and Work Products
REFEDS MFA Profile: https://refeds.org/profile/mfa
Issues Identified after Completion of the Final Report
Results of the Public Comment Period
- Comment period was through May 16, 2016
- Please see Documents for Public Comment
- Public Comment Threads received
- The work group is currently revising its documents in light of the comments.
DRAFT Working Documents
- Multi-Factor Authentication (MFA) Interoperability Profile Working Group Final Report
- InCommon MFA Support Entity Attribute
- Charter for a Strong Identity Proofing Profile Working Group
Working Group Charter
The Assurance Advisory Committee (AAC) invites the Community to participate in the InCommon Multifactor Authentication (MFA) Interoperability Profile Working Group. The mission of the working group is to develop and document requirements for creating and implementing an interoperability profile to allow the community to leverage MFA provided by an InCommon Identity Provider by allowing SPs to rely on a standard syntax and semantics regarding MFA.
1. Assemble use cases that will motivate the deliverables of this working group
2. Develop short list of widely deployed MFA technologies in higher education that will be in scope for the profile
3. Define requirements for and draft MFA Interoperability Profile
4. Develop and recommend scope and plan for adoption
5. Present draft to InCommon community for review
6. Publish final profile
1. Profile should be constrained to address the articulated need for distributed MFA.
2. Ability to implement with current MFA and Federation technology should be a core design constraint.
3. Support for this capability should be exposed in the Federation Metadata.
- InCommon Assurance Call of April 2016 - Update on MFA Interop Profile WG
- MFA Cohortium Wiki
- Duo Security Outage - Responses and Planning for Future
- Federation Interoperability Working Group
- InCommon Working Groups