...
Background: FICAM informed the Trust Framework Providers of the new FICAM 2.0 spec last fall.
InCommon sent a lengthly set of comments. Most were addressed in discussions afterwards.
FICAM released their new 2.0 spec early in 2014.
Ann is working on analyzing the impact of the FICAM 2.0 documents on InCommon Assurance IDPs. The InCommon Bronze and Silver specs will most likely remain unchanged. There are some changes in terminology . The new FICAM spec in FICAM 2.0. For instance, FICAM 2.0 refers to Identity Providers as a Credential Service Providers (CSP). A Credential Service Provider handles assurance, can do token management and credential issuance and can assert identity attributes on behalf of the individual.
http://www.idmanagement.gov/approved-identity-services
There is a bundle of attributes An issue under negotiation is that FICAM 2.0 requires all Credential Service Provides to release certain attributes. At this point those attributes are legal name and date of birth. InCommon's position is that attribute release for InCommon IDPs should be handled by membership in the InCommon federation. InCommon is working with FICAM to remove the requirements for InCommon Credential Service Providers to release attributes to FICAM. The hope is that Hopefully as a result of these discussions, FICAM will agree that InCommon will release a standard set of attributes (perhaps the R&S bundle). Anil John of FICAM will be setting up a meeting with NIH and NSF to see if an agreement can be reacheddiscuss this.
In addition, InCommon has also stressed in discussions with Anil John that the lack of federal services requiring assurance is a major issue.
...
The AAC heard from the community that it would be beneficial to have more modular standards in the InCommon assurance program. The background is that the current Bronze and Silver profiles were modeled off a monolithic government document (NIST 800-63). Some Service Providers have stated that don't care about every category in the current specs and some IDPs find it hard very difficult to implement 100% of the spec requirements.
Conversation nationally and within the IDESG focuses on developing modular units, called Trustmarks, for assurance. https://www.idecosystem.org/wiki/Trust_Frameworks
The idea is you can take that the current InCommon Assurance Bronze and Silver profiles and can decompose them be decomposed into smaller chunk standards, so making it 's possible to pick and choose the relevant section, both on the IDP and SP side, providing more flexibility. So service providers and can more selective
The AAC is starting to discuss this approach. At the same time the AAC is also working on a community profile. It's said that bronze and silver, being based on NIST 800-63, took the federal government view of the world. In fact, the higher education community cares about a smaller subset of the identity universe. One major area of interest is multi-factor authentication.
...