The final recommendations from CACTI are now available: http://doi.org/10.26869/TI.112.1 Many thanks to all who participated across the Internet2 community and working groups for their passion in support of collaboration in the research and education community.
Internet2 Trust and Identity's Community Architecture Committee for Trust and Identity (CACTI) is seeking feedback on "FIM4Rv2 Assessment for Internet2 Trust and Identity." This is a white paper outlining gaps between the current state of Trust and Identity's offerings and the FIM4Rv2 recommendations from the research community in Federated Identity Management for Research Collaborations, as well as recommendations for closing those gaps. It is expected that CACTI's recommendations will form the basis for ongoing efforts to enhance its support for research in the future.
Document for review/consultation
- FIM4Rv2 Assessment for Internet2 Trust and Identity (Link to PDF attachment.)
Aggregation of Input Received
- Google spreadsheet containing an aggregation of survey responses we received
Change Proposals and Feedback - We welcome your feedback/suggestions here
If you have comments that do not lend themselves well to the tabular format below, please create a new Google doc and link to it in the suggestion section below.
|Number||Current Text||Proposed Text / Query / Suggestion||Proposer||+1 (add your name here if you agree with the proposal)||Action|
CILogon has become a critical service for existing collaborations as well as a foundation for broader collaboration, but there is currently no sustainability model.
|CILogon has become a critical service for existing collaborations as well as a foundation for broader collaboration, but its current subscription-based sustainability model could benefit from more stable, long-term support.||James Basney (illinois.edu)||The text will be modified as suggested.|
|2||(p36, sB.11, para #2)|
The number of participating national identity federations (IDFs) has grown from a handful to 18 in mid 2017, enabling user’s from 1577 organisations to use single sign-on to login to CLARIN services.
|The number of participating national identity federations (IDFs) has grown from a handful to 18 in mid 2017, enabling users from 1577 organisations to use single sign-on to login to CLARIN services.||This was in the original FIM4Rv2 paper ("Federated Identity Management for Research Collaborations"), which is already final.|
(Gap3 - page 10 IdP of last resort)
Researchers from institutions that have not federated their IAM systems are not well served. An IdP of Last Resort that releases R&S attributes and can be used internationally is needed.
|Researchers from institutions that have not federated their IAM systems are not well served. An IdP or perhaps a set of regional IdPs (hosted in Research Computing facilities) of Last Resort that releases R&S attributes and can be used internationally is needed.|
|The text will be modified as suggested.|
|4||Recommendations related to IdPs as a Service and IdPs of Last Resort.||Be more explicit about which of these is indicated, and how they support research activities.||Oct-18-2018 Open CACTI meeting at TechEx in Orlando||The recommendations related to IdPaaS and IdPoLR will be made more explicit.|
|5||OIDC||There should be more explicit recommendations regarding use cases that are not handled well with SAML||Oct-18-2018 Open CACTI meeting at TechEx in Orlando||The recommendation has been modified to be more explicit.|
|6||Timeline||Consider adding a timeline for recommended actions.||Oct-18-2018 Open CACTI meeting at TechEx in Orlando||The decision was not to provide a timeline but to emphasize the need for a roadmap as a next step.|
|7||The paper's focus on recommendations for InCommon||Consider adding recommendations for the other "strata" in the FIM4Rv2 report (e.g., identity providers, research service providers, software developers).||Oct-18-2018 Open CACTI meeting at TechEx in Orlando||The decision was not to expand the scope of the recommendations, but there is already text highlighting Internet2's unique role to foster action by other "strata."|
|8||Security||Consider more explicit recommendations for SIRTFI, proactive security assessments, etc.||Oct-18-2018 Open CACTI meeting at TechEx in Orlando||Text has been added to specify compliance with SIRTFI, but SIRTFI-specific recommendations were considered out of scope.|
|9||Outreach||Consider help for campuses to bridge the gap between researchers and their IAM staff. Also explore ways to reach out to researchers directly.||Oct-18-2018 Open CACTI meeting at TechEx in Orlando||Text has been added to recommend information exchange and partnerships between these communities.|
Improve clarity of collaboration as a service pivoting on adopters (both sites and projects) understanding the tools, readiness and/or maturity of campus IAM solutions to allow ease of use such that adoption barriers are minimal.
|Nov 9 Author's meeting||The text has been edited for clarity.|
For each of the authors listed, please provide the ORCID ID where possible.
Nicholas Roy: https://orcid.org/0000-0001-6515-4316
|Emily Eisbruch||ORCIDs have been added to the list of authors.|