Security

The University of Cape Town recently became the first SAFIRE identity provider to complete a self-assessment and express its compliance with the REFEDS Security Incident Response Trust Framework for Federated Identity (Sirtfi). This makes SAFIRE the 16th federation worldwide to assert a Sirtfi-compliant IdP.

This post documents SAFIRE’s experiments with, and ultimate deployment of, a smartcard-based HSM for SAML metadata signing in the hope that we can help other emerging federations along the way.

On January 30, SAFIRE generated a new metadata signing key which will be used to sign all of the Federation’s metadata aggregates.

Metadata is the basis of trust in any federation, and this makes the key management practices for metadata signing particularly important.

In response to suggestions from other federation operators, we’ve decided to try and get this “right” from the beginning — at least as far is actually practical for a small federation in its early stages. And “right” means that we should store our metadata signing key in some form of hardware security module.