An open discussion list for topics related to the eduGAIN interfederation service.

[振溶[Jinyong Jo] <jinyong.jo AT gmail.com>]

Hello HKAF,

I think, the overall documents are well organized and the policies are clearly described.

My questions/comments:

1. It seems that SAML WebSSO Technology Profile is not posted on the web site.

2. Compelling "Federation members MUST collect and generate HKAF Core Attributes [1]" would act as a barrier when eduGAIN-federated IdPs try to access any relying parties held by HKAF's Associate Members. It will be better if HKAF relaxes the compulsory clause to the level of Attribute Bundle in REFEDS R&S Category [2].  

3. Especially for eduPersonAssurance [3], how about letting SPs determine required level of LoA and control access by themselves, instead of enforcing the mandatory use of the attribute? 

4. I wonder what the exact meaning of the 'sponsored' in the sentence "The associated membership of an organization must be sponsored by a full member [4]" and how HKAF can verify the eligibility of the sponsored membership. It seems likely that foreign SPs will be federated very limitedly depending on the meaning.

5. I just want to know target applications/services HKAF pursues. The strict policy and profiles are fully understandable If the federated use of supercomputers or hpc resources is an ultimate goal. However, i would like HKAF to slightly mitigate the compelling stuff to accept wide variety of SPs.

[1] Hong Kong Access Federation (HKAF) Federation Policy, p. 15

[2] REFEDS, https://refeds.org/category/research-and-scholarship

[3] Hong Kong Access Federation (HKAF) Attribute Profile, p. 6

[4] Hong Kong Access Federation (HKAF) Eligibility Policy, p. 5

Cheers,

Jinyong JO,

KAFE/KISTI

2017-09-28 23:28 GMT+09:00 Brook Schofield <brook.schofield AT geant.org>:

All,

I present to you the application of:
 * Hong Kong/HKAF

who has Signed the eduGAIN Declaration, has a policy based on the federation policy template that covers all the prescribed areas with extensions into useful areas, is self declaring their federation as a production service and is wanting to join the global R&E federated environment. To provide guidance on your assessment I’ve performed a summary (attached) of their policy.

You can find more detailed information about the federation under "eduGAIN Candidates” at
    https://technical.edugain.org/status.php

which contains links to their policy and MRPS (which doesn’t follow the MRPS template but does address Home Organisation, IdP and SP registration and production of @scope).

This application is from an organisation that is closely aligned with the GÉANT community via their participation in the APAN and Asi@Connect/TEIN communities. The development of this federation has been supported by the Australian Access Federation (AAF). They are also the eduroam .hk roaming operator.

So I ask the following federations to specifically review the submission by HKAF:

 * France / FÉR

 * Japan/GakuNin

 * Korea/KAFE

 * Latvia / LAIFE

 * Lithuania / LITNET FEDI

All eduGAIN members can (and should) provide feedback on this.

If you have any questions please contact the HKAF team that are subscribed to this mailing list.

This announcement of the assessment of a federation is new to the eduGAIN-Discuss mailing list. It is hoped that this platform will allow the free flow of information between commenters and the HKAF team (which wasn’t possible when this discussion was only on the eduGAIN Steering Group (eSG) mailing list. Formal components of the membership process will continue on the eSG list. Hopefully this will be an improvement to the membership process. 

My intention is to call a vote to accept Hong Kong/HKAF as a member after I’ve received confirmation from at least 3 of the specific federations that this policy is inline with their expectations.

Thanks,

Brook Schofield
eduGAIN Steering Group Chair
GÉANT

M: +31651553991 
Skype: brookschofield