Versions Compared

Old Version 8

changes.mady.by.user Michael Grady

Saved on

compared with

New Version 9

changes.mady.by.user Michael Grady

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1.  In Section 18 of the Participation Agreement, the college/district identified the person who will serve as the initial InCommon Executive. InCommon will establish that it has accurate contact information for that person, so it can verify the submission of any forms by that personthe Executive.
  2.  The Executive designates up to two Site Administrators by completing the form here: https://app.smartsheet.com/b/form?EQBCT=6d51f902251f4a038263e53c152fadb3
  3.  InCommon staff will "identity vet" the designated Site Admin(s)
  4.  InCommon will then provide a way for each Site Admin to establish an InCommon Federation Manager login account
  5.  Create some form of "Participant Operational Practices" (POP) document, where one option is to use the template form here:  
    1. https://www.incommon.org/docs/policies/incommonpop_20080208.html
    2.  The POP is simply meant to be something that, at least at a very high level, says something about how you "do identity management" within the college. The requirement is that a POP exist, not what is in it. The POP could (obviously not ideal :-) say "we have no idea how we are doing identity management", and, technically, satisfy the requirement that a POP exist.
    3. Note this POP requirement is very likely to change in not too long, switching to being a basic affirmation that you have a core process for managing identities, credentials, etc. that is reasonably sound. So, unless you have other reasons (like for your own documentation purposes) to fill out that full template form above, keep your POP simple, perhaps a couple of paragraphs that  speak to why you think you satisfy the following expectations:
        1. Baseline Expectations of Identity Providers
          • The IdP is operated with organizational-level authority
          • The IdP is trusted enough to be used to access the organization’s own systems
          • Generally-accepted security practices are applied to the IdP
          • Federation metadata is accurate, complete, and includes site technical, admin, and security contacts, MDUI information, and privacy policy URL
    4. Put your POP, or at least information on hwo one can obtain a copy of it, onto a web accessible page and register the URL to that page in the InCommon Federation Manager.
    5. In the following Info box is one example of what a simple POP could look like.
  6. You are now ready to register metadata for the college using the nCommon Federation Manager at https://service1.internet2.edu/siteadmin/

...