Child pages
  • InCommon Assurance Program
45 more child pages
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 361 Next »

InCommon Assurance Community Wiki

InCommon MFA Interoperability Profile Working Group

The mission of the working group is to develop and document requirements for creating and implementing an interoperability profile to allow the community to leverage MFA provided by an InCommon Identity Provider by allowing SPs to rely on a standard syntax and semantics regarding MFA. See the working group wiki space.

Guidance for Supporting SHA-2 Signed Assertions

In August 2014, InCommon released Migrating to SHA-2 to help certified campuses support SHA-2 signed assertions.

In June 2014, InCommon Steering approved the (now expired) "Alternative Means for Bronze and Silver Requirement to Discontinue SHA-1 Encryption for SAML Assertions" to ease the transition for Identity Provider Operators that had been certified by the InCommon Assurance Program or were wishing to apply for certification by January 15, 2015.

InCommon Silver with Active Directory Domain Services Cookbook for 1.2 Released

The final version of the InCommon Silver with Active Directory Domain Services Cookbook is available now! For an overview of the important bits, see the May 2014 webinar recording

Reading Bronze: Understanding the InCommon Profile (recordings available)

InCommon sponsored a community reading of the Bronze InCommon Assurance Profile to aid in the understanding and intent of the requirements. There were four calls during Dec. 2013 and Jan. 2014.  The calls have now concluded. Thanks to all who participated for the excellent comments and questions.

Recordings are available at this link.

Assurance Program

Specification Documents

Alternative Means

Multi-Context Broker Model

The Multi-Context Broker (MCB) was released in February of 2014 to improve support for multi-factor authentication and assurance profiles in version 2.x of the Shibboleth IdP.  MCB functionality is also in the more recent Shibboleth IdP version 3.x.  See Multi-Context Broker for more more background and information on how to configure and deploy the MCB for either version of the Shibboleth IdP.

Community Resources


Technical InterOp

Community Contributions

Webinars and Presentations

  • Assurance Survey Results and Baseline Standards to replace the POP, at Nov. 2015 Assurance call (link to slides and recording here)
  • Duo with Shibboleth v3, from U. Chicago and Unicon, at Sept 2015 Assurance call (link to slides and recording here)
  • Flexible Vetting: using a point system to verify identity, at May 2015 Assurance call. (link to slides and recording here)
  • Password Reset practices, at April 2015 Assurance call.  (link to slides and recording here)
  • InCommon Bronze Approaches from GW and Harvard, recorded March 4, 2015. See recorded Webinar. See slides (PDF).
  • InCommon Bronze and Security, IAM Online with two Bronze case studies (Todd Haddaway, UMBC and Sharon Welna, University of Nebraska Medical Center), (webinar recorded October 15, 2014  and slide deck)
  • Successful Security Practices: Counting Failed Login Attempts, PDF slide Deck, Webinar recorded Sept. 3, 2014
  • Better Practices Build Better Systems: Identity Assurance, recorded presentation by Ann West, Internet2, and Ron Thielen, U. Chicago, at EDUCAUSE Security Professionals Conference, May 2014 
  • Open for Business: InCommon Identity Assurance Program (PDF Silde Deck. Webinar recorded February 29, 2012)
  • Grab the Bronze and Silver Ring: Identity Assurance Progress (PDF Slide Deck. Webinar recorded June 15, 2011)

Additional Resources

InCommon Assurance Program website

InCommon Assurance News
Confluence Syndication Feed

Stay Informed

Add yourself to our email list by sending an email to with this in the subject: subscribe assurance

Join our monthly Assurance calls scheduled for Noon ET on the first Wednesday of every month. 
+1-866-411-0013 (toll free US/Canada Only)
PIN: 0129048#



  • No labels