Scribing Template --Wed., Nov 13, 2013 at 10.15am -- Santa Barbara Room
TOPIC: Social 2 SAML IdP / CommIT Project
CONVENER: Michael Gettes
SCRIBE: Rob Chevalier
# of ATTENDEES: ~30
MAIN ISSUES DISCUSSED:
Identity Providers of Last Resort
Questions to promote discussion:
- Is this a good idea?
- Is there a choice?
- Will we short-circuit the value of campus IdPs?
- What if IdPs could be spun up quickly for specific needs?
Thoughts:
- Closed IdPs federations are like a private club.
- Scott C expressed that authentication should not be based on IdP but on user data.
- There is a long standing culture among universities to not trust social network identities but times have changed.
- Some services may wish to allow social identities while others might not.
- Define a new metadata tag to identify these networks within a global federation. A federaion of Last Resort?
- Most applications don't care about authorization or don't do it well. Most just want an user name and identifier/email.
- Trust is fundementally a branding issue sometimes irrationally.
- Maybe a metadata aggregator to consolidate community IdPs and IdPs of last resort could work.
- The CommIT pilot seems like a step in this direction but again doesn't trust Social network Identities.
- It all seems to boil down to trust.
ACTIVITIES GOING FORWARD / NEXT STEPS:
- Look at CommonApp and see if you organization is a member. If so, push for CommonApp to support federation.
If slides are used in the session, please ask presenters to convert their slides to PDF and email them to acamp-info@incommon.org