You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Next »

This is a very early DRAFT set of Phase 2 Recommendations.

Phase 2 Recommendations

The following Phase 2 deliverables were included in the Phase 1 Implementation Plan:

  1. Elicit and capture short to mid-term requirements for metadata aggregation
  2. Devise a plan to transition the metadata signing algorithm to SHA-2
    • SHA-2 is an important driver for Phase 1
    • The Phase 1 Implementation Plan stipulates that all SAML deployments shall consume metadata signed with a SHA-2 digest algorithm by June 30, 2014.
  3. Determine the desirability, feasibility, and impact of changing the InCommon metadata distribution point
    • A new vhost for XML metadata distribution will be introduced in Phase 1

The following Phase 2 deliverables are included in this Phase 2 plan:

  1. Conduct a pilot study that explores the utility of per-entity metadata
  2. Conduct a feasibility study of the potential needs and uses of hardware security modules
  3. Participate in the samlbits.org project

Some Phase 2 deliverables have so far not been discussed:

  1. per-organization metadata
  2. metadata aggregates based on self-asserted entity attributes
  3. support for both XML and JSON formats (both signed)

Multiple Metadata Aggregates

As mentioned above, multiple metadata aggregates will be deployed in conjunction with Phase 1.

Per-Entity Metadata: A Pilot Study

Conduct a pilot study that explores the utility of per-entity metadata as an alternative to metadata aggregates.

  1. The method of addressing per-entity metadata shall conform to the Metadata Query Protocol
  2. If necessary, generate a new signing key for this pilot study
  3. Does it make sense to distribute per-entity metadata via samlbits.org?

Hardware Security Modules: A Feasibility Study

Conduct a feasibility study on the potential uses of Hardware Security Modules (HSMs) to secure XML signing keys and other high-value secrets.

  1. An HSM for the current metadata signing key
    1. On-premise deployment
    2. Impact: The current metadata production process that results in three (3) signed SAML metadata aggregates (production, preview, fallback)
  2. An HSM for a new metadata signing key
    1. On-premise or cloud deployment
    2. Impact: A new post-process that consumes the InCommon production metadata aggregate and produces a set of signed, per-entity metadata
    3. Impact: A new post-process that consumes the InCommon production metadata aggregate and an alternate source of metadata (such as the eduGAIN metadata aggregate) to produce a combined metadata aggregate
  3. An HSM for a new IdP signing key
    1. On-premise or cloud deployment
    2. Impact: The production Multifactor IdP Proxy, an instance of simpleSAMLphp
  • No labels