policy Archive

Key Management Practice Statement v20170117 (Draft)

Changes to the Key Management Practice Statement must reach rough consenus/no opposition at the SAFIRE Participants’ Forum. This version reached rough consensus on . Definitions and terminology The key words “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”, “SHOULD NOT”, “RECOMMENDED”, “MAY”, and “OPTIONAL” in this document are to be interpreted as described in RFC 21191. Federation, Identity Federation: An association of organisations that come together to securely exchange information as appropriate about their users and resources to enable collaborations and transactions.

Participation Agreement v20161018

Changes to the Participation Agreement are approved by TENET’s Board of Directors. This version reached rough consensus within the community and was subsequently ratified on 26 October 2016. As a revision of v20160916, it contains minor typographical edits and the insertion of one new clause at 6.5. There are some notes on interpretation available to help decision makers. Download Open at Google Please sign and scan (or electronically sign) a copy of the Participation Agreement and email it to us.

Requirements for SAML2 Service Providers v20160916 (Draft)

The following describes the technical and administrative checks that will be made before a service provider is admitted into the SAFIRE federation within the SAML2 Technology Profile. It also serves as a checklist for service provider operators for assessing their readiness to participate. Metadata MUST1 have an entityID that is a URL (well-known location). The URL SHOULD use the https scheme and it is RECOMMENDED that valid metadata be available at this URL.

Requirements for SAML2 Identity Providers v20160916 (Draft)

The following describes the technical and administrative checks that will be made before an identity provider is admitted into the SAFIRE federation within the SAML2 Technology Profile. It also serves as a checklist for identity provider operators for assessing their readiness to participate. Metadata MUST1 have an entityID that is a URL (well-known location). The URL SHOULD use the https scheme and it is RECOMMENDED that valid metadata be available at this URL.

Participation Agreement v20160916 (Draft)

The following PDF document contains a final draft of SAFIRE’s Participation Agreement. This agreement has achieved rough consensus within SAFIRE’s membership, and is currently awaiting legal review. There are not likely to be any substantive changes to this document, but the review process may result in a further revision. This version of the document was submitted to eduGAIN on 18 September 2016. Download Open at Google

Attribute Release Policy v20160912

Management of attribute release to Service Providers has been delegated to the Federation Operator in terms of the Participation Agreement. Through a community consensus process, the following attribute release profiles have been approved: Default The release profile used when no other attribute release policy is defined: eduPersonTargetedID schacHomeOrganizationType Research & Scholarship The release profile used when a service provider is tagged with the research and scholarship entity category (https://refeds.

Metadata Registration Practice Statement v20160901

This version of the Metadata Registration Practice Statement reached rough consensus on 16 September 2016. Definitions and terminology The key words “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”, “SHOULD NOT”, “RECOMMENDED”, “MAY”, and “OPTIONAL” in this document are to be interpreted as described in [RFC2119]. Federation, Identity Federation: An association of organisations that come together to securely exchange information as appropriate about their users and resources to enable collaborations and transactions.

Key Management Practice Statement v20160817 (Draft)

Definitions and terminology The key words “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”, “SHOULD NOT”, “RECOMMENDED”, “MAY”, and “OPTIONAL” in this document are to be interpreted as described in RFC 2119 [RFC2119]. Federation, Identity Federation: An association of organisations that come together to securely exchange information as appropriate about their users and resources to enable collaborations and transactions. Federation Operator: Organisation providing the infrastructure for Authentication and Authorisation to Federation Participants.

Privacy Statement v20160622

This version of the Privacy Statement reached rough consensus on 28 October 2016. Introduction This document explains what personal information is collected by the South African Identity Federation (SAFIRE) and how it is used. This document SHALL1 be published on the Federation website at https://safire.ac.za/safire/policy/privacy/. Types of data collected or processed Metadata The Federation collects metadata from various entities to facilitate the operation of the federation. Such metadata typically contains the canonical legal name of the organisation operating the entity, the contact details of various responsible parties, as well as technical information pertaining to its operation.

South African Identity Federation