The focus for this kick-off call was on the prepared mapping of OpenID to the current SAML Technical Profile: OpenID Technical Profile Mapping.
Issues identified in the call:
- Current Metadata Aggregation Practice Statement might be better renamed Metadata Management Practice Statement and could be aligned across both approaches.
- Need to agree on a consistent naming process - OIDFed is proposed.
- Metadata Registration Practice Statement should be registration and publication statement and needs to be machine readable. These rules MUST be consistent at the eduGAIN level (not the case for SAML).
- Scope is an issue in OIDFed world - require the fedop run a TrustMark Issuer that makes "scope" statments about OPs?
- If policies are machine readable statements published in trust anchor, how do we enforce them?
Notes: some of the areas of work might be done via extensions as well as Trust Marks. If we do an extension, we need to do a spec!
Currently look at metadata. Need to have a discussion on the trust model. Attributes and claims not currently in the spec - specifically how we e