| Warning | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||
We have exciting news! An updated InCommon Federation wiki is now available. Please visit the new InCommon Federation Library for updated content. This wiki is preserved for historical records only. It will no longer be updated. We invite you to come check out the new Library. Don't forget to update your bookmarks accordingly.
|
In this document the InCommon Federation presents recommendations for federation participants regarding many aspects of federation practice. Sites following these practices will find benefits not only to their own use of the federation but will enable other participants to more easily and completely take advantage of federated services.
...
A key part of creating online trust is accurately representing your organization to other federation participants, including organization identity management organizational contact information and security practices, and contact information.
Participant Operational Practices
...
.
Contacts in Metadata
- Include technical, administrative, security, and support contacts in metadata.
- List contacts in metadata as mailing lists, reflectors, or similar mechanisms, rather than specific individuals.
- Refer users encountering attribute release policy issues with a service to their IdP's administrative contact.
...
- Publish federated incident response contact information for your federated services and identity providers.
- Implement a log retention policy for federated services and identity providers.
- Document and advertise your procedure for responding to a federated security incident.
Technical Basics
Maintaining complete and accurate information in InCommon metadata is important so systems from other federation participants can best engage with your site's services.
...