Deliverables from the External IDs Charter
# |
Description |
Status |
References |
Next Steps |
Comments |
---|---|---|---|---|---|
1 |
Update (i.e., make current) the set of use cases previously developed by the Social Identities Working Group. This should include use cases for the following situations
|
Complete |
N/A |
|
|
2 |
Develop a set of criteria for selecting external providers in a variety of usage scenarios. Ensure that both social providers (e.g., Google, Facebook, Twitter) and non-social providers (e.g., Microsoft, PayPal, VeriSign) are included. |
In Progress |
|
|
|
3 |
Identify and document properties of external accounts that would be of interest to web application owners and other relying parties. This should include both
|
In Progress |
|
|
|
4 |
Define and document how a gateway would represent the properties of an external account to an application. |
Not Started |
|
|
|
5 |
Contrast a central gateway with a local gateway. List the advantages and disadvantages of each deployment model. |
In Progress |
|
|
|
6 |
Provide application owners with recommendations regarding risk profiles when using external identities. (These profiles need not be based on the traditional 800-63 categories.) Describe various approaches to risk management. |
In Progress |
External Identities Workgroup Meeting at ACAMP - 2014-10-27 |
|
Largely just started (risks gathered) |
7 |
Document various approaches to account linking:
|
In Progress |
Account Linking Approaches with Risks |
|
|
8 |
Produce a set of longer-lived recommendations for practitioners, roughly comparable to the NMI-DIR documents (e.g., papers, not just wiki pages). |
Not Started |
|
|
|
|
|
|
|
|
|
Potential Deliverables Considered to be Out of Scope for this Phase
# |
Description |
Status |
References |
Comments |
---|---|---|---|---|
A |
This WG will be looking at the use of personal external accounts; it will NOT be looking at situations where an enterprise is using a social provider as their IDP, for access to enterprise apps outside of google. |
|
|
|
B |
Technical requirements for Interop/deployment profile for OpenID Connect (OIDC) |
|
|
|
C |
Recommendations on approaches for elevating an external account authentication event to LoA 2. |
|
|
|
D |
Identify and document pro's and con's of having students continue to use their social account to access campus business systems during their student days. Identify an interim step toward this milestone. |
|
|
|