An open discussion list for topics related to the eduGAIN interfederation service.

[振溶[Jinyong Jo] <jinyong.jo AT gmail.com>]

Hello, 

Posted documents seem well organized. We have just a few comments:

1. As already noted by another member, there are documents missing on the website. The site should post the documents, federation metadata, and signing certificate. 

- Level of Assurance profiles

- Technology profiles

- Application form  

- Template of the Identity Management Practice Statement, if possible

2. "Related to Identity Providers, in order to maintain consistency, only one IdP per institution is accepted" (p.6 in [1])

  "Once a member has joined the Federation, the member MAY add any number of entities" (p.5 in [2]) 

 - May a Federation Member have multiple IdPs? The meaning of the 2nd sentence needs to be clarified more.

3. Use of the regular expressions (p.4 in [2])

 - I am not sure about if it is recommendable to use the regular _expression_ in the scope. We, KAFE do not allow the regular _expression_ and thus it possibly makes interoperability issues.

I would like to hear what other federations think about using the regular _expression_. 

4. Entity validation (p.5 in [2])

 -  I hope RoEduNetID drives its members to use strong signing algorithms and key length. Also, it would be nice to encourage the members to include the privacy policy statement into the metadata. Entities in eduGAIN metadata are filtered out by our federation if they provide weak algorithms and short key length as well as no privacy-policy statement. 

[1] Identity Federation Policy

[2] Federation Operator Practice: Metadata Registration Practice Statement (MRPS)

Kind Regards,

Jinyong Jo

2019년 3월 7일 (목) 오후 10:21, Brook Schofield <brook.schofield AT geant.org>님이 작성:

All,

I present to you the application of Romania / RoEduNetID who has signed the eduGAIN Declaration, has a policy based on the policy template, is self declaring their federation as a production service and is wanting to join the global R&E federated environment.

You can find more detailed information about the federation under "eduGAIN Candidates” at
    https://technical.edugain.org/status.php
which contains links to their policy and MRPS.

This application is from an organisation that is closely aligned with the GÉANT community via their participation in the GÉANT project (GN4-2) and received funding to support their participation in eduGAIN.

So I ask the following federations to specifically review the submission by RoEduNetID:

 * Korea/KAFE

 * Latvia / LAIFE

 * Lithuania / LITNET FEDI

 * Luxembourg / eduID.lu

 * Macedonia/AAIEduMk

All eduGAIN members can (and should) provide feedback on this but to share the burden of review around, these five (5) federations have a specific responsibility.

If you have any questions please contact the RoEduNetID team that are subscribed to this mailing list as well as CC’d to this message.

Formal components of the membership process will be via the eduGAIN Steering Group mailing list.

Thanks,

Brook Schofield
eduGAIN Steering Group Chair
GÉANT

M: +31651553991 
Skype: brookschofield