The Incommon Federation wiki has moved.

Please visit the new InCommon Federation Library wiki for updated content. Remember to update your bookmarks.

Click in the link above if you are not automatically redirected in 15 seconds.



You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 20 Next »

This document is not yet public!

The InCommon R&S Category vs. the REFEDS R&S Category

This document attempts to identify the differences between the InCommon Research & Scholarship Category and the REFEDS Research & Scholarship Entity Category. The latter was formally adopted by the REFEDS community in February 2014. The specification was revised to V1.2 on October 29, 2014.

 

InCommon R&S Requirement

REFEDs R&S Requirement

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="3e471a33-8f7c-4ca5-85df-628118a29878"><ac:plain-text-body><![CDATA[

1

[[Participation Agreement

http://www.incommon.org/docs/policies/participationagreement.pdf], section 9] Participant agrees to respect the privacy of and any other constraints placed on identity information that it might receive from other InCommon Participants as agreed upon between Participant and the InCommon Participant(s). In particular, Participant understands that it may not permanently store nor share or disclose or use for any purpose other than its intended purpose any identity information that it receives from another InCommon Participant without express written permission of the other InCommon Participant. Participant understands that the storing and sharing of resources is between the Participant and the InCommon Participant(s) and is not the responsibility of InCommon.

A "Service Provider claims that it will not use attributes for purposes that fall outside of the service definition."

]]></ac:plain-text-body></ac:structured-macro>

2

"Whether an SP operator is commercial or non-commercial is not relevant to eligibility for the R&S Category, nor are any other aspects of how the service is implemented or operated, beyond the specific requirements noted below. It's all about purpose."

"This Entity Category should not be used for access to licensed content such as e-journals."

3

"...because of the risk involved, a Service Provider that engages subjects in experiments that require specific oversight is not eligible for the R&S Category."

NA

4

"The SP provides an mdui:DisplayName in metadata..."

"The Service Provider provides an mdui:DisplayName and mdui:InformationURL in metadata."

5

"The SP provides Technical and Administrative contacts in metadata."

"The Service Provider provides one or more technical contacts in metadata."

6

"R&S category SPs may request other attributes, but IdP operators will likely require a prior agreement before releasing additional attributes."

"It is therefore highly recommended that SPs use a minimalist approach to attributes, only requesting those attributes that they absolutely need."

"Service Providers SHOULD request a subset of R&S Category Attributes that represent only those attributes that the Service Provider requires to operate its service."

Privacy

[Item 1] Here is the relevant phrase from the Participation Agreement:

Participant understands that it may not permanently store nor share or disclose or use for any purpose other than its intended purpose any identity information that it receives from another InCommon Participant without express written permission of the other InCommon Participant.

Compare the above passage with the following quote from the REFEDS R&S Category specification:

Service Provider claims that it will not use attributes for purposes that fall outside of the service definition.

The primary distinction is that the former is included in a signed legal agreement while the latter is self-asserted by the service owner. See, for example, the R&S application form used by InCommon.

Commercial Services

[Item 2] While the InCommon R&S Category keeps the door open to commercial services, the REFEDS R&S Category seems to explicitly rule them out.

Human Subjects Research

[Item 3] Prior to October 27, 2014, the InCommon R&S Category had the following requirement:

a Service Provider that engages subjects in experiments that require specific oversight is not eligible for the R&S Category.

This refers to research that would require Institutional Review Board (IRB) approval. Following the recommendations of both the Technical Advisory Committee and the Steering Committee, this requirement was removed from the InCommon R&S Category on October 27, 2014.

User Interface Elements

[Item 4] All but one R&S SP already has an mdui:InformationURL in metadata.

Contacts in Metadata

[Item 5] InCommon already requires both technical and administrative contacts in metadata, for all SPs and IdPs.

Requested Attributes

[Item 6] It’s difficult (if not impossible) to reconcile these two REFEDs R&S requirements:

The Service Provider provides requested attributes in metadata.

Service Providers SHOULD request a subset of R&S Category Attributes that represent only those attributes that the Service Provider requires to operate its service.

The latter requirement implies the use of the isRequired XML attribute in SP metadata but InCommon intentionally does not support this XML attribute.

REFEDs is currently considering the following reformulation of the above requirement:

  1. Replace the second sentence above with: "Service Providers SHOULD request a subset of the R&S Category attribute bundle."

References

#trackbackRdf ($trackbackUtils.getContentIdentifier($page) $page.title $trackbackUtils.getPingUrl($page))
  • No labels