internet2 fall12
DESCRIPTION
TRANSCRIPT
The Future of Federation Policy?
1
Nicole Harris
Internet2 Fall Member Meeting, 02 October 2012
2
3
What are the problems?
4
• We don’t know what to call them;• We don’t know what they are;• We don’t agree on how to structure them;• We don’t agree on the content;• We all start from scratch when writing them;• We ask the wrong questions to the wrong people.
Apart from that it is ALLLL fine.
5
6
Proposal?
https://refeds.terena.org/index.php/Federation_Policy_Best_Practise_Approach
Federation Policy Best Practise Approach
• Analysis of 15 federation policies;• Content ‘blocks’ for policy areas defined;• Preferred structure / ORDER proposed;• Example wording given;• Chose your areas, leave out others.
7
A: STUCTURE. GENERAL INFORMATION ABOUT HOW YOUR FEDERATION WORKS
• RFC2119. • Definitions. • Background and Purpose. • Governance. • Eligibility. • How to Join. • How to Withdraw.
STATUS: COMPLETE
SECTION A: Structure
8
B: TERMS OF USE. WHAT EVERYONE IS ALLOWED AND NOT ALLOWED TO DO
• Terms of Use (IdP). • Terms of Use (SP). • Termination / Dispute Resolution. • Logging. • Data Protection. • Audit. • Use of Attributes. • Operator Rights / Role. • Interfederation / Publish rights.
STATUS: IN PROGRESS
SECTION B: Terms of Use
9
C: LEGAL. ALL THE LEGAL STUFF
• Liability. • Jurisdiction and Legal. • Fee schedule. • Copyright.
STATUS: IN PROGRESS
SECTION C: Legal
10
• What am I signing?
• Eligibility mistakes;
• Publication (interfederation);
• Enabling exchange or protection your XXXX?
• Writing policy without all the information;
• Ignoring interoperability issues.
Common Mistakes
11
Learning from Your Mistakes – eduGAIN (1)
Getting your metadata in a tangle
“Any metadata file which makes use of parts of metadata published by eduGAIN MUST include either a reference with a URL to the
eduGAIN Metadata Terms of Use [ToU] or the entire ToU text. It MUST be placed at the top of the metadata file formatted as an XML
comment.”
• Over-specification of downstream metadata. • eduGain metadata must be managed separately. • Cannot be managed as part of a hierarchical aggregate.
12
Learning from Your Mistakes – eduGAIN (2)
Backing yourself in to a corner
"Publications under clause 1 above will be at the request of the Member who controls each Entity."
• Over constrained management of metadata inclusion. • Requires members to understand they are using eduGain. • Requires a specific aggregate for eduGain.
• LET THE METADATA FLOW.
13
Learning from Your Mistakes – eduGAIN (3)
Not realising the implications
• eduGain requires you to apply their terms of use to any metadata you republish.
• Fundamental misunderstanding of how metadata is managed and signed.
• Should only apply to the public metadata file. • Don’t tell federations it is mandatory to protect themselves in a
certain way.
14
Next Steps?
• Surfacing issues Making changes.
• Will any EXISTING federations adopt?
• Working with the new technical models (eduGAIN, PEER etc.)
• More support for SPs, making sense of federations.