Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Once you have joined InCommon (Participation Agreement signed by both sides), the next steps which need to be completed before one can actually register your metadata with InCommon follow. The key is getting the persons who will serve in the role of the campus' InCommon Executive and Site Administrators. These roles are described here:

   https://www.incommon.org/roles.html

  1.  In Section 18 of the
  2.  The Executive designates up to two Site Administrators by completing the form here: https://app.smartsheet.com/b/form?EQBCT=6d51f902251f4a038263e53c152fadb3
  3.  InCommon staff will "identity vet" the designated Site Admin(s)
  4.  InCommon will then provide a way for each Site Admin to establish an InCommon Federation Manager login account
  5.  Create some form of "Participant Operational Practices" (POP) document, where one option is to use the template form here:  
    1.   https://www.incommon.org/docs/policies/incommonpop_20080208.html
    2.  The POP is simply meant to be something that, at least at a very high level, says something about how you "do identity management" within the college. The requirement is that a POP exist, not what is in it. The POP could (obviously not ideal :-) say "we have no idea how we are doing identity management", and, technically, satisfy the requirement that a POP exist.
    3. Note this POP requirement is very likely to change in not too long, switching to being a basic affirmation that you have a core process for managing identities, credentials, etc. that is reasonably sound. So, unless you have other reasons (like for your own documentation purposes) to fill out that full template form above, keep your POP simple, perhaps a couple of paragraphs that  speak to why you think you satisfy the following expectations:
      1. Baseline Expectations of Identity Providers
        1. • The IdP is operated with organizational-level authority
        2. • The IdP is trusted enough to be used to access the organization’s own systems
          • Generally-accepted security practices are applied to the IdP
          • Federation metadata is accurate, complete, and includes site technical, admin, and security contacts, MDUI information, and privacy policy URL



• Federation metadata is accurate, complete, and includes site technical, admin, and security contacts, MDUI information, and privacy policy URL
---
  • No labels