TI-wizard

• Peter Bolha
• Mihály Héder (Budapest University of Technology and Economics)
• Alexandr Petrunin

Magaging the relations between services and identity providers is a challange, both for emerging adopters of federation technologies, collaborative organisations and institutions alike. Typically technical complexity and a steep learning curve are the liming factors in the ability to manage a SAML or OIDC based ecosystem. A GUI may help reduce the complexity of managing the environment, as it provides a single integration and organisational interface for managing the relations. Even so, current proxy products are still rather technically inclined and do not provide easy to use interface to configure the entities. This activity takes inspiration from the prototype build in the TIM programme in the previous cycle and aims to create a (browser based) GUI to allow (proxy) operators to easily configure the proxy. The GUI is to be build in such a way it may be deployed independently from the product. A reference implmentation will then be build for both SimpleSAMLphp and SaToSa.

Verifiable Credentials Schema for eduPerson, SCHAC and voPerson

• Niels van Dijk (SURF)

W3C Verifiable Credentials (VC) are increasingly important to our community with the rise of Decentralized Identity and Wallet ecosystems. Several VC based credential definitions already exist for expressing skills and micro-credentials, like e.g. the Openbadges 3.0 specification. However, there is no consistent and community driven definition for expressing the 'identity related' credentials of the commonly used schema managed by REFEDs like e.g. eduPerson, SCHAC and voPerson. The REFEDS schema board is setting up a subcomittee to define the VC representations of these well known credentials so they may be used in an standardized and interoperable way.

Implement OpenID Federation into SimpleSAMLphp and Shibboleth IdP

• Marko Ivančić
• Niels van Dijk (SURF)
• Henri Mikkonen

eduGAIN PoC

• Diana Gudu (KIT)
• Niels van Dijk (SURF)
• Giuseppe De Marco
• Gabriel Zachmann
• Davide Vaghetti (GARR)

The eduGAIN service activity will set up a POC in order to evaluate the new OpenID Federation (OIDfed) standard and wants to eventually create an official eduGAIN Technology Profile to extend the current service. The Trust and Identity Incubator has over the years build considerable experience with developing tooling, and implementing OpenID Fed in various products and languages, as well as evaluating e.g. REFEDs specifications in the context of OIDfed. This activity seeks to contribute to the eduGAIN PoC by: Sharing existing experience and providing a sparring partner to the eduGAIN PoC team Contribute to standards and policy development for eduGAIN and national federations (upon request by the eduGAIn PoC team) Developing or further enhancing software tools, including, but not limited to: Contribute to existing software development for the eduGAIN PoC Build/Productise a (scalable) resolver which can be deployed by fedops and eduGAIN Further improve visualisation and reporting tooling Further improve Go based OP/RP The incubator will work on these in close collaboration with the eduGAIN PoC team.