Versions Compared

Old Version 1

changes.mady.by.user Licia Florio

Saved on

compared with

New Version 2

changes.mady.by.user Licia Florio

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Agenda and presentations

  • Quick follow up from the meeting in Bergen: how do we continue from that? Marina, Hildegunn, Licia  
  • EOSC EU NODE AAI: what does this mean for the IdPs? Anything we can do? - Christos
  • Shib consortium updates and some thoughts on the next steps for the SwamID federation - Pal
  • Upcoming events:
    • TechEx24
    • TIIME workshop in MAR 31 - APR 3, 2025 | Reading, UK - for info
    • TNC25 Call for papers

Main highllights and Actions

Follow up from Bergen

There were a few topics discussed in Bergen where we could benefit from a closer collaboration:

...

It was noted that the meeting in Bergen offered a good opportunity to get to know each other. And it was agreed to follow up with another f2F meeting, better spread over 2 half days. Licia to send a doodle with dates.

EOSC EU NODE updates

Licia summarises that work on going in the EU node: 

...

Christos also noted that the legal bases for MyAccessID is controller-to-controller. Work is in the pipeline to make MyAccessID more transparent to provide more information on what users will have access via MyAccessID. It is important to dissociate contractual aspects from the identity management flows; however it is important to talk about these things so everybody understand how things work.

Shib consortium updates and some thoughts on the next steps for the SwamID federation

SUNET and CSC use Shibboleth as the ID Federation software. Pål noted that Shib SP software will change. Currently based on old language, will not stay as it is. Shib consortium need to handle libraries by itself and this is not viable by itself. The new software will be based on profile of identity providers and of course it will need to support OIDC. Pål added that:

...

  • Accessibility (WCAG 2.1 & EU directive)
  • Filtering (choosing a subset of the metadata in discovery service, the rest being communicated to the user it won't give access so don't start the login flow)
  • Storage access API (remember IdP choice across service providers, even with browsers changing their policy on third party cookies/storage)
  • Warning about returnurl not being set

Upcoming events

...