You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 9 Next »

The Challenges

  • We have a vetted list of requirements that an IdP would have to meet in order to serve the need for an Open R&S Identity (ORSID) Provider.
  • We want to define a standard process by which federations can assess candidate ORSID providers and tag the approved ORSIDs.
  • We want to assure the long-term stability of identifiers issued by ORSID providers.
  • We want to assure that a person always has the option to migrate from one ORSID provider to another.
  • We want to allow individuals to carry the same identifier even if they move from one ORSID provider to another.
  • We want to assure that ORSID services are continuously available as long as they are filling a need for the Research and Scholarship community.

 

The Questions, Some Answers

  • Q: Should people be able to enable more than one ORSID to authenticate them? Ie, beyond moving  from one to another?
    • If the solution involves assigning people a portable identifier value that could be asserted by two different ORSID-tagged IdPs, it would be possible to allow people to authenticate with either IdP; If that is a problem, then it would be necessary to have the means to prevent this from happening.
    • Note that the other attribute values received by an SP could differ depending on which particular IdP was chosen by the user.

The Plan

  • InCommon and the UK Access Management Federation will collaborate to define a process for evaluating and tagging candidate ORSIDs.
  • InCommon and the UK federation will tag at least one ORSID as soon as feasible and assure that it operates for a minimum of two years.
  • The InCommon and UK federations will seek to designate additional IdPs as ORSIDs with the goal of having at least two production ORSID providers in operation at any one time.
  • REFEDS will create a working group to feed the knowledge gained during the InCommon/UK Access Management Federation into, and to draft and finalize a REFEDS-level ORSID entity category
    • KeithH Note: Tom Barton suggested in an email of Oct. 19 in the thread "Re: [TAC-InC] Draft TAC Minutes - 7-October-2015" that we might be wise to get a two-federation agreement on process and have a successful trial before approaching Refeds.  For further discussion.
  • eduGAIN will adopt the entity category and require member federations to abide by its terms
    • KeithH Note: That may be more responsibility than the eduGAIN organization wants to take on. For further discussion.
  • ...

 

  • No labels