Streamlining SP Onboarding Working Group Charter
Streamlining SP Onboarding Working Group
Working Group Chairs
- Tommy Roberson, Baylor
- Garrett King, Carnegie Mellon
Currently, Identity Provider Organizations (IdPOs) provide onboarding guidance for new Service Providers (SPs). This process has allowed the InCommon Federation to scale but has contributed to variability and low interoperability in SP configurations. They also sometimes find themselves convincing an SP to join InCommon and having to explain the value proposition for federation.
InCommon has a Join InCommon page that contains information, but it isn’t clear to campuses, VOs, or Sponsored Partners, including Net+ services, what SPs should be doing to interoperate. A way to help Service Providers is to streamline the onboarding process to make it easier.
Having standards available that help SPs onboard will add to the value proposition for SPs in the InCommon Federation and reduce variance in configuration and increase interoperability.
The goals of the working group are:
1. Increase the clarity for organizations running SPs on what it means to federate in InCommon
2. Provide suggestions for how organizations can verify their SP configurations
3. Reduce the burden on IdPOs to communicate the requirements
It is critical to note that differing implementation profiles exist. The working group will not redo work the community has already contributed in this area nor will the work product contain only changes to existing profiles. It will augment existing work by integrating similar information into the standards that it produces. As a starting point, the working group will use the CIC Cloud Services Cookbook to identify and document standards for SP operation within InCommon.
The working group will focus on identifying standards to reduce variance and improve interoperability among SPs. The standards will allow SPs to be measured according to an essential standard. The practices will include a level above the base that contains options such as applying for the Research and Scholarship Category. The standards should differentiate between what is necessary (must) and what is good to have (should) possibly determined by the type of SP.
It is likely that some current technical or operational recommendations may not appear in the latest version of the CIC Cookbook. Those will need to be accounted for and included in the configuration standards. The working group will differentiate its output from existing implementation and deployment profiles while noting that the CIC Cookbook, for example, under the Technical Interoperability subsection of Working within the Federation, directs campuses and vendors to conform to an existing profile, saml2int.
The target audience for the working group is organizations that are running, or want to run, an SP. It will be important for working group members to remain cognizant of the fact that most Service Providers in the Federation, whether noncommercial or commercial, support the mission of research and scholarship.
The standards will apply to both education and research SPs and vendor (commercial) SPs. When known, it must be made clear that a particular practice applies to a specific type of SP. InCommon drives interoperability for Net+ services, so they are in scope. The Net+ program would like to be able to point SPs to a testing service.
The publishing and promotion of the final report containing the SP standards is not in scope. A production strategy falls under the purview of the InCommon Federation and will need to be strongly articulated in order for the work to add value for SPs in the InCommon Federation.
There are implications for IdPOs as well as SPs but they are out of scope for this activity. However, the standards will require significant review by IdPOs.
Participation in the working group is open to all who are interested, including organizations running IdPs or SPs. Institutions that have made suggestions to SPs on software configuration or integration documentation will bring value to the working group.
The Chair of the Working Group is appointed by the TAC and responsible for providing it with updates on the group’s progress.
Define a standard set of technical vocabulary to aid in the understanding of the configuration standards
Identify Service Provider implementation criteria using the CIC Cloud Services Cookbook
Document SP configuration standards including basic and optional levels that meet the requirements defined and scoped in the previous sections
The working group’s deliverables will be a net gain for IdPs as well as SPs because SPs that conform to standards also drive IdPs to conform. The result will be better alignment of practices across the InCommon Federation and a decrease of variability in both SP and IdP configurations.
Expected End Date
The tentative end date of the Streamling SP Onboarding Working Group is late November to mid-December 2017. The configuration standards will need significant review by IdPs, as well as input from REFEDS. A paper is not expected in time for TechEx (October 15-18) but plan to have a BoF-like discussion that week.