Problem Statement
When InCommon was created 10+ years ago, it was an explicit goal to keep the bar for membership and operational participation as low as possible. This helped to grow the Federation to its current size. However, this has also hindered interoperation. Members cannot make any real assumptions about policy, practices, and the supported functionality at other member sites when attempting to interoperate. Both IDPs and SPs suffer from this problem.
Charter
- Produce a list of recommended/required deployment practices for both IdPs and SPs that would increase interoperability and security within the InCommon federation. The intention would be that sites following these practices would, to the extent possible, interoperate by default.
- Develop a set of proposed updates to the SAML2int specification in order to better facilitate interoperability.
The Interop Issues List created in FedInterop Round 1 can serve as point of departure for this work.
Membership
Membership in the Working Group is open to all interested parties. Members join the Working Group by subscribing to the mailing list, participating in the phone calls, and otherwise actively engaging in the work of the group.
Work Products
Timeline here...
Related Resources
- InCommon FedInterop WG (Round 1) Wiki
- InCommon FedInterop WG (Round 2) Final Report
- FedInterop WG Interop Issues List
- SAML V2.0 Implementation Profile for Federation Interoperability - Kantara Draft
- The saml2int Deployment Profile.
- A list of proposed Changes to saml2int.
- A Draft IdP Deployment Checklist.
- Net+ Guidance for Services
- CIC Cloud Services Cookbook
- Good Federation Citizenship - IAM Online
- The Federation Lab SAML Test Suite (git)