After watching someone try and get a wiki registered with several federations around the world last week, I’ve seen first hand just how difficult it can be to engage with federated access management. Whilst I can understand the way our policies and processes have grown up, we sure don’t do ourselves any favours (as someone wise said to me today).
Thinking about this over the weekend, I was wondering if it might be possible to create a single point of entry to allow a Service Provider to join as many federations as possible in as few moves, without actually making any changes to the way federations are currently set up. I was mostly thinking about this in connection to PEER – which will give SPs a chance to atleast only register their entities once. Would federations accept PEER metadata blind? Would they expect members to join and point them to PEER? Would they still expect payment? Would they demand more metadata on top of PEER?
I thought it might be possible to create a form that collected all the basic information that federations require (address, contacts etc. etc.) and then asked a series of questions to establish how far down the joining chain the Service Provider could be taken. These might be:
- Do you have a sponsor letter from a local organisation? (required by several federations – i think REFEDS could also do something here)
- Do you have a $3million insurance policy? (required by InCommon)
- Do you want to use personally identifiable information? (expressly not allowed in some federations if not in the EU)
Once filled in, you would get a report back that said – you can go straight on and join federations x,y and z – please print out, sign and post the attached letters. Or, federation x won’t be able to accept you at the moment, please contact email@example.com. Or, yes you can join but you need to pay a fee, please visit here to pay your dues.
Such a tool would have to express the importance of STILL READING ALL THE AGREEMENTS YOU SIGN but perhaps could offer something better than the currently, slightly torturous process. Am I mad?