Versions Compared

Old Version 6

changes.mady.by.user Keith Hazelton (wisc.edu)

Saved on

compared with

New Version Current

changes.mady.by.user Keith Hazelton (wisc.edu)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

If InCommon chooses to adopt the IdPoLR Working Group's recommendation to help make available an IdPoLR service as soon as possible, then UnitedId.org would be a strong candidate. That claim is backed by based on the following evaluation of UnitedId against the requirements defined in the WG's final report.

Assessment of UnitedId with respect to defined requirements

The near-term solution should initially offer a basic set of identity provider services. The suite of services could grow over time as needs evolve and resources permit. Here is an assessment of UnitedId against the requirements defined above:

UnitedId meets the following MUST requirements today:

  • Support for user self-registration (but see first bullet under 'some dev. work needed' below)
  • Once a user has authN (there is authenticated an SSO session )is established at the IdP
  • Ability to assign ePPN (these are non-reassignable)
  • Accepts SP requests for authentication contexts via the standard SAML2 Authentication Request Protocol
  • Support for Tech Basics for IdPs
  • Conforms to saml2int
  • No commercial interest in the use of user data (by organizational principle, backed by support of Code of Conduct)
  • Available to users throughout the world

...

  • IdP must support R&S
  • Support for ECP (already on UnitedId roadmap under near-term goals)
  • InCommon and UnitedId will would work together to define approaches to service sustainability, but the first goal is to get an initial IdPoLR in service and in use
  • Self assertion of bronze
  • IdP must be available globally to any R&S tagged SP (both InCommon and Refeds R&S for now)

...

  • Open discussions with UnitedId to come up with a mutually agreed-upon set of terms and conditions to launch an IdPoLR and maintain it for a stated period of time (do this in consultation with key R&S SP stakeholders)
  • Arrange for UnitedId to become a member of InCommon
  • Have this IdPoLR designated as supporting R&S (both InCommon and Refeds R&S definitions)
  • Authorize this IdPoLR to assert compliance with InCommon Bronze level of assurance
  • Develop a communication plan to inform R&S SPs (and users) of the availability and purposes of the service