Policy Archive

Practice Note: Participation Agreement

Federation is a complex space, and South Africa is grappling with the implication of new privacy legislation. Whilst we’ve tried to make SAFIRE’s Participation Agreement easy for the likely signatory — a federation layman — to understand, experience has shown that there are sometimes misunderstandings of the technology and gaps in interpretation. This document is intended to consolidate that experience into a practice note for legal departments and other people trying to make sense of the SAFIRE Participation Agreement.

Requirements for SAML2 Service Providers v20231130

Changes to the Requirements for SAML2 Service Providers that are purely technical must reach rough consensus/no opposition among SAFIRE’s service advisory group. Changes to the administrative requirements are synchronised with the Metadata Registration Practice Statement. This version reached rough consensus on 30 November 2023. The following describes the technical and administrative checks made before a service provider is admitted into the SAFIRE federation within the SAML2 Technology Profile. It also serves as a checklist for service provider operators for assessing their readiness to participate.

Metadata Aggregation Practice Statement v20220712

Changes to the Metadata Aggregation Practice Statement are announced to the SAFIRE Participants’ Forum. SAFIRE generates a number of metadata aggregates for various purposes, including inter-federation and its own internal operations. This document gives a broad overview of how the aggregation process works. It is currently non-normative and will be refined over time. Metadata aggregator SAFIRE makes use of WAYF’s PHPH (PHederation PHeeder) metadata aggregation software. An overview of the configuration of this aggregator and the aggregates it generates is publically available at https://phph.

Participation Agreement v20161018bis

Changes to the Participation Agreement are approved by TENET’s Board of Directors. Version v20161018 reached rough consensus within the community and was subsequently ratified on 26 October 2016. This revision contains minor edits to acknowledge the publication of a fee structure on 1 May 2019, and to record the Participation Agreement’s subordinance to the 2020 revision of TENET’s REN Master Service Agreement. There are some notes on interpretation available to help decision makers.

Requirements for SAML2 Identity Providers v20231130

Changes to the Requirements for SAML2 Identity Providers that are purely technical must reach rough consensus/no opposition among SAFIRE’s service advisory group. Changes to the administrative requirements are synchronised with the Metadata Registration Practice Statement. This version reached rough consensus on 30 November 2023. The following describes the technical and administrative checks made before an identity provider is admitted into the SAFIRE federation within the SAML2 Technology Profile. It also serves as a checklist for identity provider operators for assessing their readiness to participate.

Requirements for SAML2 Service Providers v20210303

Changes to the Requirements for SAML2 Service Providers that are purely technical must reach rough consensus/no opposition at the SAFIRE Participants’ Forum. Changes to the administrative requirements are synchronised with the Metadata Registration Practice Statement. This version reached rough consensus on 31 March 2021. The following describes the technical and administrative checks made before a service provider is admitted into the SAFIRE federation within the SAML2 Technology Profile. It also serves as a checklist for service provider operators for assessing their readiness to participate.

Requirements for SAML2 Identity Providers v20210303

Changes to the Requirements for SAML2 Identity Providers that are purely technical must reach rough consensus/no opposition at the SAFIRE Participants’ Forum. Changes to the administrative requirements are synchronised with the Metadata Registration Practice Statement. This version reached rough consensus on 31 March 2021. The following describes the technical and administrative checks made before an identity provider is admitted into the SAFIRE federation within the SAML2 Technology Profile. It also serves as a checklist for identity provider operators for assessing their readiness to participate.

Requirements for SAML2 Service Providers v20200826 (Draft)

Changes to the Requirements for SAML2 Service Providers that are purely technical in nature must reach rough consenus/no opposition at the SAFIRE Participants’ Forum. Changes to the administrative requirements are synchronised with the Metadata Registration Practice Statement. This version reached rough consensus on 18 Sept 2018, and was subsequently amended to incorporate updates from the MRPS. The following describes the technical and administrative checks that will be made before a service provider is admitted into the SAFIRE federation within the SAML2 Technology Profile.

Requirements for SAML2 Identity Providers v20200826

Changes to the Requirements for SAML2 Identity Providers that are purely technical in nature must reach rough consenus/no opposition at the SAFIRE Participants’ Forum. Changes to the administrative requirements are synchronised with the Metadata Registration Practice Statement. This version reached rough consensus on 1 January 2019, and was subsequently amended to incorporate updates from the MRPS. The following describes the technical and administrative checks that will be made before an identity provider is admitted into the SAFIRE federation within the SAML2 Technology Profile.

South African Identity Federation