More than 80 people gave up their Sunday to attend the REFEDS meeting in Cleveland, hosted at the Technology Exchange 2015 (TechEx15).
The meeting provided a good opportunity to discuss the latest developments within the community, including the operational best practices. An important discussion (led by Chris Phillips and Nick Roy) centred around finding a way for REFEDS to talk to commercial providers (starting with Microsoft) with ‘one voice’. The starting point is based on the fact that many universities use ADFS (which lacks some features) and how we as a community could influence Microsoft to implement the missing features.
Additional operational problems related to the growth of federations mentioned were:
- size of metadata – monolithic metadata won’t scale – the REFEDS MDQ is a critical work to achieve this, however it will take some time before a REFEDS MDQ undergoes the IETF process;
- attribute release – entity category is seen as a key aspect to address this aspect. This may become even more true in light of the recent discussions on Safe Harbour. Nick also noted that InCommon is offering support to enable regional networks and consortia to join inCommon and to act as an RA.
- ECP usage and its problems (discovery being mentioned as one).
This would take the reach of REFEDS beyond the research environment, and the fact that many federations agree to use REFEDS as their channel of representation clearly demonstrates the value that REFEDS has in aggregating requirements.
REFEDS has also strengthen the collaboration with ORCID, the not-for-profit organisation that manages personal identifiers for researchers. Laura Paglione, ORCID technical director, presented ideas to start a working group in REFEDS to address community use-cases for ORCID. Work is also ongoing to add ORCID as a service provider in the SURFFederation (and eduGAIN).
Leif Johansson reported on the result of the consultation period of Academia; the outcome indicates that InAcademia should move from an Entity Category (which was the initial proposal) to a trust framework with the aim to separate academic institutions from other type of institutions. However, a number of open questions (such as which institutions can use the trust tag, better definition of the use-cases, etc ) need to be addressed.
Nicole Harris showed, MET, the metadata explorer tool, in light of its value to federation operators; the plans to enhance FedLab, the suite of tools to test compliance with protocols like SAML and OpenID Connect were presented by Rainer Horbe and Roland Hedberg. It was also agreed to integrate saml2int under FedLab.
The REFEDS meeting offered also an opportunity to update participants on the progresses of the GN4-1 project (Nicole), the AARC (Licia Florio) project, eduKeep (Maarten Kremers), CILogon (Jim Basney) and other relevant activities in the Trust and Identity space, such as TIER (Ann West and Steve Zoppi) and ISOC T&I (Steve Olshansky).
Lots of actions for the REFEDS coordinators to push forward:
- ACTION-oct-2015-01: Plan for a new REFEDS WG to create position statements for Microsoft (and similar) around implementation profiles for SAML.
- ACTION-oct-2015-02: Work with Kantara on promoting REFEDS outputs, particularly Internet Draft documents.
- ACTION-oct-2015-03: Work with FedLab to test SAML2Int in existing deployments.
- ACTION-oct-2015-03: Create a REFEDS wiki page to share ECP usage and problems to date.
- ACTION-oct-2015-04: Create an ORCID WG to gather use-cases and to agree on ways to link ORCID to federation.
- ACTION-oct-2015-05: Continue work around “academia” as a trust process.
- ACTION-oct-2015-06: eduperson and REFEDS to discuss CIlogin requirements and changes required for schemas to support.