Community Review
This consultation on Trusted Relationships for Access Management: The InCommon Model is open Monday, March 13, 2017 through Monday April 10, 2017.
Documents for review/consultation
Change Proposals and Feedback - We welcome your feedback/suggestions here
Please add one comment per row and use as many rows as you need. If you have comments that do not lend themselves well to the tabular format below, you may create a new Google doc and link to it in the suggestion section below.
Number | Current Text | Proposed Text / Query / Suggestion | Proposer | +1 (add your name here if you agree with the proposal) | Action (please leave this column blank) |
|---|---|---|---|---|---|
| 1 | Identity Provider Assertion | In the "Intro to IF" document, this phrase is used a number of times. Was it invented for this text? Consider changing, perhaps to "Identity Assertion." The context makes the meaning clear, but that's from the perspective of someone who already understands the technologies. A newcomer might wonder if the assertion is "about" the IdP or "by" the IdP. | Walter H. | Scott Koranda | |
| 2 | Intro document emphasis | While the "Intro. to Identity Federations" document is intended to overview "identity", paragraphs 1, 3, and 4 (of 4) talk more about information exchange (for authorization). Consider putting something like the two full paragraphs under "What Do We Trust" (i.e., "In a federated..." and "To enable ...") from the "Trusted Relationships" document up front in the "Intro" document to better explain the straightforward way identies are federated. Perhaps then follow with the fact that at the point at which participants are introduced, more can be shared (to the degree that an Identity-providing participant is able and willing). | B. Savage | ||
| 3 | None | In today's environment executives, managers, and others interested in understanding the purpose of federation can be understandably concerned about security incident response. The document should explain that the Federation Operator is, or will soon be, prepared to coordinate and assist with security incidents that span across organizations. | Scott Koranda | ||
| 4 | "Digital certificates to enable authentication of Participants' IdPs and SPs" | If the audience is executives, managers, and others interested in understanding the purpose of federation but without technical expertise than the less said about digital certificates the better. Consider eliminating that bullet. | Scott Koranda | ||
| 5 | "Certifications" section of "Trusted Relationships" doc | a) Decision-makers may be looking for more regarding "why" one would want each certification - the benefit(s) of complying with a formal set of requirements. b) certifications seem listed in reverse order of frequency so readers may assume becoming a participant requires a high level of assurance compliance c) the limits of self-assertion is difficult to convey, so may be a bit confusing to readers: "The certification process may be self-asserted..." followed by "In all cases, the Federation Operation is responsible for ensuring the certification process has been followed." followed by (in bullet "Being an InCommon Participant") "Most aspects of compliance are self-asserted, but the Federation Operator does verify ..." | B. Savage |
See Also