UPDATE ......Confluence has now been updated to version 9.2.6. Please see following page for details and feedback about changes:
Updates
This is the start of a breakdown to look at what policy changes will be needed for eduGAIN in order to introduce OpenID Federation into the eduGAIN framework.
| Current Section of SAML Technical Profile | Purpose | References | OpenID Interpretation | Notes |
|---|---|---|---|---|
Overview | General overview of the document but framed in SAML language | Operational Practice Statement for SAML: Operational Practice Statement - SAML profile Metadata Aggregation Practice Statement for SAML: Metadata Aggregation Practice Statement eduGAIN Best Current Practice as a SHOULD (CoCo, Sirtfi, R&S). | ||
Metadata Registration Practice Statement | Current reliance on a non-machine readable document and we do not have any strong requirements over what is included, this is left to federations to describe local practice. Does this still meet objectives or is another approach required? Note it is only a template, not a set of standards / requirements. Current MRPS only speaks to SAML requirements. | |||
SAML Metadata Production | ||||
SAML Metadata Signing | ||||
SAML Metadata Publication | ||||
Participant Federation Requirements | ||||
Adherence | ||||
Mandatory Entity Requirements | This does not currently exist but the suggestion of introducing a privacy statement and Sirtfi as mandatory requirements would require this to be added. Should this be part of the metadata production requirements or separate? |