PEER Policy Principles
                        ======================

Date: 2012-05-18 14:19:06 CEST


1 Phase 1 - starting the service 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

1.1 Open to any SP 
===================
The repository should allow any SP to store their metadata.

1.2 Only Domain Validation required 
====================================
SP's entry should be authenticated by verifying their relation to the
DNS zones referenced in its metadata (analogical to DV certificate
issuance)

1.3 Federations recommended to register all their SPs 
======================================================
Federation should register all their public SPs with the service.

1.4 IdPs recommended to release opaque IDs only 
================================================
Federation should deliver/publish PEER metadata to all their IdPs and
recommend the appropriate minimal attribute release policy (transient
opaque user ID only).

2 Later development 
~~~~~~~~~~~~~~~~~~~~

2.1 SP Categorization 
======================
We might add stronger SP validation policy (e. g. TACAR-like
procedures) and mark the strongly validated SPs in the
repository. IdPs then could use different attribute release policy
based on the SP category.