[Fim4l] New Email Forum for Service Providers

[Nicole Harris]

Hi Klaas

Yes indeed this group has been discussed with the REFEDS Steering Committee and was presented at the last REFEDS meeting for comment. There are a number of reasons why this approach has been agreed:

1.  REFEDS is indeed both open and inclusive and we try to ensure that most of our activities are free to participation from anyone.  However being inclusive isn’t just about letting everyone in to everything, it’s about being open and accepting to ideas from diverse groups.  SPs have suggested that it would be useful to them so the SC thinks it is worth the experiment.
2.  We’ve struggled to get the SP voice heard at all at REFEDS despite being open.  If this is a way to bridge that disconnect, its worth a shot.
3.  Discussion on the REFEDS list has declined significantly over the years - this is common in large groups (see Dunbar’s Number.  There are currently 411 subscribers to the main REFEDS list).  When discussion does happen it can be an intimidating space for newcomers or non-frequent posters due to the level of expertise of some of the group.  We need to look at as many different ways as possible to keep conversation flowing and this is one way to address that concern.
4. FOG is not just for incident response, it is a group for federation operations discussions that was set up with exactly the same premise as that requested by the SPs…a space where they can talk freely amongst themselves. It is hard to justify one and not the other.
5.  If we can’t meet this need, it will just happen elsewhere and we will struggle even more to be part of the conversation.  We already have a very high number of spaces where R&E SAML federation conversations are happening (RA21, REFEDS, FIM4R, FIM4L, AEGIS etc) and it would be good not to layer even more into that space when our resources are limited.

To help assuage your fears though, here are some other points:

 - there will inevitably be IdPs in the group anyway as many SPs are also IdPs. They are just asked to be “SP First” within the group setting.
 - FOG has found it useful to invite several “friends” from SP, infra, IdP groups to participate to enrich the conversation. I imagine the SPOG group would be open to this too.
 - to address the lack of discussion on the main list, we are looking at sending out some more regular updates to REFEDS on the work of the individual working groups (possibly quarterly) and that will be an ideal time to encourage discussion points from the groups back into an open space.

I hope that helps

Nicole
--
Nicole Harris
Head of Trust and Identity Operations
GÉANT
T: +31 (0) 20 530 4488
M: +31 (0) 646 105395
Skype: harrisnv

PGP key Fingerprint: 4017 2E40 13D4 9DA7 68E1 8ADB 3F11 9CDB FC48 6216

Networks • Services • People

Learn more at www.geant.org<http://www.geant.org>


GÉANT Vereniging (Association) is registered with the Chamber of Commerce in Amsterdam with registration number 40535155 and operates in the UK as a branch of GÉANT Vereniging.  Registered office: Hoekenrode 3, 1102BR Amsterdam, The Netherlands. UK branch address: City House, 126 -130 Hills Road, Cambridge CB2 1PQ, UK.

On 14 Jul 2019, at 12:28, Klaas Wierenga <klaas.wierenga at geant.org<mailto:klaas.wierenga at geant.org>> wrote:

Hi Laura,

I (wearing no particular hat) have to admit that the sentence “Our goal is to make this a safe, collegial and targeted place to have discussions specific to Service Providers. For this reason, it is only open to Service Providers.“ throws me a bit. I am fully onboard with creating a venue to discuss SP specific topics, but I think many Identity Providers would benefit from participating in the discussions and vice versa. It is easy enough to appoint a moderator to take action when the discussion veers off-topic.
I feel rather uncomfortable with mailing lists (and especially under the flag of refeds) that close their membership, unless absolutely necessary (for example those that discuss incident related topics like fog). I assume that the refeds SG has approved this, but would be interested in their and your reasoning for this policy. I’d like to think that refeds is inclusive.....

Klaas



On 13 Jul 2019, at 21:57, Laura Paglione <lpaglione at sphericalcowgroup.com<mailto:lpaglione at sphericalcowgroup.com>> wrote:

[Please excuse the cross posting!]

Announcing a new discussion forum for Service Providers:
the Service Providers Operating Group

This forum is a mailing list that is open to Service Providers registered in any Federation - i.e., any system that uses Single Sign-On services from universities or other federated identity providers. We expect discussions to be non-technical, and focused on access and authorization topics of interest to services, for example, signing into your service, and using sign-in to gain access to appropriate resources and services.

A small FAQ is included below, and more information can be found at the group's wiki page: https://wiki.refeds.org/display/GROUPS/SPOG

TO JOIN: Send an email to the mailing list owners spog-request at lists.refeds.org<mailto:spog-request at lists.refeds.org?subject=Request%20Access%20to%20SPOG%20mailing%20list&body=I'm%20requesting%20membership%20into%20the%20Service%20Provider%20Operating%20Group%3A%0A%0Aemail%3A%20%3Center%20your%20email%20here%3E%0Aservice%20name%3A%20%3Center%20the%20name%20of%20your%20service%20here%3E%0Aevidence%20of%20registered%20service%3A%20%3Csuch%20as%20your%20EntityID%20from%20a%20site%20like%20https%3A%2F%2Fmet.refeds.org%2F%3E> to request access. Also, see the wiki page for more information.

+=+=+ A SMALL FAQ +=+=+

I'm not a Service Provider, how can I help?
If you are a Federation Operator, please share this opportunity with your Sevice Providers. If you are an Identity Provider, please encourage your key services to participate.

What do you mean, "Service Provider"?
Service Providers use federated sign-on services (for example, from universities and other institutions) to access their services. An important component of Federated Identity Management is the "dance" between Identity Providers and Service Providers that enable Single Sign-On services, and the exchange of information about the individual involved from the Identity to Service Provider.

But aren't all Service Providers different?
There is great diversity in Service Providers, though, at the core of the FIM integration, significant similarities exist for implementation, need for attributes, assurances, and more.

Why create a group?
While there are several specific-topic groups that advocate for the needs of Service Providers (e.g., FIM4R, FIM4L), there currently isn't an easy way to share information, understand needs, provide peer support or solicit feedback across the entirety of the Service Provider community. The inability to talk with this community as a whole can lead to assumptions about what this community needs, thinks, and knows, some of which are likely suffering from limited direct interaction. This group hopes to provide a larger, unified voice for topics where there is similarity across providers; we believe this will benefit the community as a whole.

Why are only Service Providers invited to join?
Participation is open to representatives from Service Providers from any Federation. We will use tools such as the Metadata Explorer Tool (MET)<https://met.refeds.org/> to verify participants. Our goal is to make this a safe, collegial and targeted place to have discussions specific to Service Providers. For this reason, it is only open to Service Providers. Those who represent different types of entities are encouraged to include someone who only works on the Service Provider work, or to FIRMLY wear their Service Provider "hat" when interacting in this community. ANY service provider can join. This group includes entities from commercial organizations to virtual organizations.

How much time is this going to take?
This is a mailing list; there are no specific time requirements to participate, and no work deliverables that you will be expected to contribute to. We expect discussions to be non-technical, and focused on access and authorization topics of interest to services, for example, signing into your service, and using sign-in to gain access to appropriate resources and services.


Feel free to reach out to me if you have any questions
--
[https://thumbs.about.me/thumbnail/users/l/p/a/lpaglione_emailsig.jpg?_1536598687_988]<https://about.me/lpaglione?promo=email_sig&utm_source=product&utm_medium=email_sig&utm_campaign=edit_panel&utm_content=thumb>
Laura Paglione
about.me/lpaglione <https://about.me/lpaglione?promo=email_sig&utm_source=product&utm_medium=email_sig&utm_campaign=edit_panel&utm_content=thumb>
Innovation • Technology • Creation
lpaglione at SphericalCowGroup.com<mailto:lpaglione at sphericalcowgroup.com>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.daasi.de/pipermail/fim4l/attachments/20190714/6e553346/attachment.html>