R&E Working Group - Charter

The R&E working group is creating a set of profiles for the OpenID Connect specifications to ease adoption in the Research and Education (R&E) sector. The profiles will include current international standards to represent users that belong to R&E institutions and the existing international trust fabric based on R&E identity federations and multi-lateral trust exchange.

R&E Working Group
OVERVIEW

R&E Working Group
CHARTER

R&E Working Group
SPECIFICATIONS

R&E Working Group
REPOSITORY

1) Working Group name

Research and Education Working Group (R&E)

2) Purpose

The purpose of this Working Group is to develop a set of profiles for the OpenID Connect specifications to ease the adoption of OpenID Connect in the Research and Education (R&E) sector. The profiles will take into account existing practices of federated identity management in the R&E sector, current international standards to represent users that belong to R&E institutions, as well as the existing international trust fabric based on R&E identity federations.

3) Scope

  • Develop a profile for OpenID Connect with specific requirements for security, multi-lateral trust and interoperability in the R&E sector.
  • Develop a profile for the use of a specific set of claims and scopes related to the R&E sector.
  • Develop a profile for extending OpenID Connect entity’s metadata to support policy frameworks used in the R&E sector.

4) Proposed specifications

  •  One or more R&E profiles for OpenID Connect.
  • R&E claims and scopes for OpenID Connect.
  • Entity metadata extension for OpenID Connect.

5) Anticipated audience or users

The anticipated audience for the documents produced by this Working Group includes developers, deployers, federation operators, and designers of online services and network agents and devices that can act on behalf of users and organizations in the R&E sector.

The group also anticipates gathering input from identity specialists from R&E organizations in order to respond to their requirements.

6) Language

Work will be conducted in English.

7) Method of work

E-mail discussions on the working group mailing list, regular working group conference calls, and opportunistic face-to-face meetings when a significant number of active members are co-located.

8) Basis for determining when the work is completed

The work will be considered complete once it is apparent that maximal consensus on the drafts has been achieved, consistent with the purpose and scope of the charter, interoperability with at least two independently developed implementations of software based on the profiles has been demonstrated, and the bodies of international organizations relevant in R&E involved in the development have been given the opportunity to consistently express feedback and comments in series of iterations of the drafts (not less than three).

Related works

  • OpenID Connect Federation specification
  • JWT Federations proposal [JWTfed]
  • REFEDS OIDCre Working Group

Proposers

  • Davide Vaghetti, GARR (Editor) 
  • Niels van Dijk, SURFnet
  • Nathan Dors, University of Washington
  • Roland Hedberg, Independent
  • Maarten Kremers, SURFnet
  • Chris Phillips, CANARIE
  • Bradley Beddoes, Australian Access Federation
  • Mischa Sallé, NIKHEF
  • Nicholas Roy, InCommon
  • Christos Kanellopoulos, GÉANT
  • Wolfgang Pempe, DFN
  • Constantin Sclifos, RENAM
  • Hervé Bourgault, RENATER
  • John Bradley, Yubico
  • Steffen Klemer, DFN
  • Klaas Wierenga, GÉANT
  • Jule Ziegler, LRZ
  • Uros Stevanovic, KIT 
  • Jens Jensen, STFC
  • Andreas Åkre Solberg, UNINETT AS
  • Andrea Ceccanti, INFN
  • Peter Gietz, DAASI International
  • David Hübner, DAASI International
  • Elena Torroglosa, University of Murcia
  • Nicolas Liampotis, GRNET

Anticipated contributions

“White Paper for implementation of mappings between SAML 2.0 and OpenID Connect in Research and Education” [oidc-saml20-edu-map]

  • OIDF Connect Working Group [OIDF-Connect]
  • REFEDS (the Research and Education FEDerations group) [REFEDS]
  • The eduGAIN Steering Group [eduGAIN]
  • CACTI, Community Architecture Committee for Trust and Identity of Internet2 [CACTI]
  • AARC – The Authentication and Authorization for Research Collaboration project [AARC]
  • OIDC-OAuth Deployment Working Group of Internet2 [I2OIDC]
  • The GEANT4 project [GEANT]
  • Davide Vaghetti, GARR (Editor) 
  • Niels van Dijk, SURFnet
  • Nathan Dors, University of Washington
  • Roland Hedberg, Independent
  • Maarten Kremers, SURFnet
  • Chris Phillips, CANARIE
  • Bradley Beddoes, Australian Access Federation
  • Mischa Sallé, NIKHEF
  • Nicholas Roy, InCommon
  • Christos Kanellopoulos, GÉANT
  • Wolfgang Pempe, DFN
  • Constantin Sclifos, RENAM
  • Hervé Bourgault, RENATER
  • John Bradley, Yubico
  • Steffen Klemer, DFN
  • Klaas Wierenga, GÉANT
  • Jule Ziegler, LRZ
  • Uros Stevanovic, KIT 
  • Jens Jensen, STFC
  • Andreas Åkre Solberg, UNINETT AS
  • Andrea Ceccanti, INFN
  • Peter Gietz, DAASI International
  • David Hübner, DAASI International
  • Elena Torroglosa, University of Murcia
  • Nicolas Liampotis, GRNET