[Openid-specs-ab] Guidelines for using OpenID Federations in research infrastructures

Gudu, Diana (SCC) diana.gudu at kit.edu
Sun Oct 13 16:20:26 UTC 2024 

Hi all,

In the AARC TREE project [1], where guidelines and policies for
authentication and authorisation in the context of research
collaborations are being developed, we have been investigating
different approaches for establishing trust among entities residing in
distinct domains.

An approach based on OpenID Federations was the natural choice, but we
also considered other approaches that partially rely on OID-Fed. Given
the status quo of trust and identity federations and the efforts
required for a fully compliant OpenID federation setup, the other
approaches can also be seen as more realistic in the short term or as
intermediate solutions.

We describe and compare the approaches, as well as our recommendations,
in the informational document below:

https://docs.google.com/document/d/18bvC63O3wti8nw5lhgUbBVMtDG9ggqpe5ad8Om9voBo/edit?usp=sharing

This document will be the basis for developing guidelines for
the relevant entities, with one selected approach as a starting point.

We would welcome any comments and suggestions to this document from the
OpenID Federation WG. You can also directly comment in the Google doc,
or open new issues with the label AARC-I058 in our Github repository:

https://github.com/aarc-community/architecture-guidelines/labels/AARC-I058

We look forward to your input!

On behalf of the AARC Architecture team,

Diana Gudu

[1] https://aarc-community.org/aarc-tree-project/


-- 
Karlsruhe Institute of Technology (KIT)
Scientific Computing Center (SCC)

Dr. Diana Gudu

Hermann-von-Helmholtz-Platz 1
Building 449, Room 304
76344 Eggenstein-Leopoldshafen

Phone: +49-721-608-28280
E-mail: diana.gudu at kit.edu

Registered office:
Kaiserstraße 12, 76131 Karlsruhe, Germany

KIT – The Research University in the Helmholtz Association





-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 7382 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20241013/12448a24/attachment.p7s>

More information about the Openid-specs-ab mailing list