Difference between revisions of "Talk:VT Federated Identity Providers Assessment Task 1: Questionnaire about TCS"
Latest revision as of 09:13, 20 June 2015
Institution joining a federation as IdP
The process for an institution to join a national identity federation in each country as an IdP may go beyond what we want to ask NGIs. It may be sufficient to ask if the relevant institutions are already members: if not, we can see there is a problem. --Ocalladw 17:34, 21 December 2011 (UTC)
Institution providing access to TCS for their users
 explains the requirements. In short a subscriber (i.e. a university or other research inst.) must sign a subscriber agreement with a member (i.e. an NREN) (TO BE COMPLETED...) --Ocalladw 17:34, 21 December 2011 (UTC)
Good point. I split the question and added a pointer to the TCS document repository --Leinen 16:44, 22 December 2011 (UTC)
Procedure to obtain a personal e-Science certificate
In my understanding, the procedure to obtain certificates would be the same in all participating federations, because they all use the same service. What is different, and not just between federations, but also between the different institutions within a federation, is the process for a user to become registered in an institutional Identity Provider. For many institutions this will be integrated into HR or other enrollment procedures and thus mostly transparent to the user; for others it may be a separate process, possibly an onerous one.--Leinen 16:49, 22 December 2011 (UTC)
"a catch-all IdP to register users from not-federated institutions" While this is generally a common practice in federations I don't think this is compatible with TCS e-Science. I think IdP's must be linked to primary, institutional identity databases, and specifically the face-to-face identity vetting cannot be out-sourced. At least this was our understanding in Ireland. --Ocalladw 14:50, 22 December 2011 (UTC)
The TCS is based on a contract between Terena and the CA provider (Comodo), which was valid for three years. I don't know what is the likehood that this is extended then.