Dear all,
Thanks again for volunteering to join the IGTF OIDC Fedeeation Task Force. To facilitate communications (and to maybe allow a few non-IGTF folk to participate more easily at a later stage without getting the overhead of the IGTF-general mailing list), I've set up a dedicated list for this one:
"IGTF OIDC Federation Task Force" oidcfed@igtf.net
From the notes of last week:
"The IGTF DECIDES to set up a task force to push OIDC Federation next to its current trust anchor distribution. This group will - identify objectives - scope the needs and requirements - verify compatibility of the AP policy framework for technology- agnosticity with OpenID providers - test the scenario with the WLCG use case (what to distribute, involving Brian Bockelman as well) - assess the structure and needed meta-data in the trust anchor distribution, how to address RPDNC, and how it links with dynamic client registration through .well-known (with caching) - liaise with other OIDC Fed efforts and Roland Hedberg
The size of the IGTF OIDC federation would again be O(100) organisations (but maybe more dynamic services), and not 10k+ - we expect to address the research and collaboration use case, not solve the general R&E fed problem here :) Limiting it to a enumarble set of organsiations will be implicit through the need to adhere to the IGTF baseline assurances, the membership process and review model, and maybe some coertion towards collabroation for projects in the same space. This worked well for keeping the number of authN providers reasonable over the last 15 years.
The working group will be open, and initially consist of: JimB, Jens, DavidG, DaveK, Derek, Eric Yen, and Sang-Un. "
Thus, you all have been subscribed to this list. We should start planning shortly on how to make some concrete progress beyond just mailman ;)
Cheers, DavidG.
Dear all,
During the IGTF all hands meeting I alluded to a couple of complementaty efforts in the R&E space, and the work of Roland Hedberg et al. on OIDC Federation in general. For those of you who were not at TNC17 in Linz, the following links might be interesting:
The OIDC Fed technology spec draft by Roland https://openid.net/specs/openid-connect-federation-1_0.html (src@ https://github.com/OpenIDC/fedoidc/blob/master/draft/oidcfed.hf.txt)
On the TNC BoF that Maarten Kremers organised: https://wiki.geant.org/display/gn42jra3/OIDCfed+Workshop+TNC17 Notes from the BoF: https://tid.isoc.org/pad/p/oicd-06-02-2017 (don't edit them, please :)
and a very basic OIDC Fed introduction slide deck by Roland: https://wiki.swamid.se/download/attachments/59970450/Sunetdagarna-17-OIDC.pd...
Enjoy, DavidG.