...
Steve Devoti reported that the AAC has developed an upgrade process that will serve for the current upgrade from 1.1 to 1.2, and will also provide the framework for future upgrades to the assurance spec. The migration process currently only applies to Virginia Tech, but the expectation is that a greater number of IdPs will be impacted by future upgrades. Since the change from 1.1 to 1.2 is not considered a major change, no audit is required. What is required for this upgrade is a written statement attesting to compliance with each criterion that is highlighted yellow in Substantive DIF: IAP v1.1 versus v1.2. No audit is required for this upgrade.
-The approach for future upgrades to the assurance spec will be:
-AAC identifies the extent of the changes
-AAC decides on what is appropriate (attestation?, audit? other? Etc) given the extent of the changes
Ann noted that the The version 1.2 spec laid out the process for handling alternative means. Virginia tech Tech will be submitting their alternative means as part of the upgrade.
Shib IdP Enhancements Progress
As reported in Julylast month, the Assurance and MFA Enhancements to Shibboleth Identity Provider RFP was awarded to Paul Hethmon. Paul has started work on the design documents, and progress can be review reviewed at:https://spaces.at.internet2.edu/display/InCAssurance/Shibboleth+Enhancements+-+Project+Status
Campuses doing acceptance testing for the Shib IdP Enhancements will include U. Chicago, U. Florida and Brown. The project is on schedule to finish by the end of the year (or possibly sooner). Paul Hethmon has been communicating with the Shib developers to align his work with their Shibboleth UI work.
Q: Is SHA-2 going to be part of the Shib Enhancements?
A: There is going to be a plug in for SHA-2. There is also a different group (looking specifically at SHA-2, led by Tom Barton under the auspices of the InCommon TAC) looking specifically at SHA-2.
Assurance Advisory Committee Update
...