Concordia
From Project Concordia
Contents |
About Project Concordia
Project Concordia is a global initiative designed to drive interoperability across identity protocols in use today. It does this by soliciting and defining real-world use cases and requirements for the usage of multiple identity protocols together in various deployment scenarios, and encouraging and facilitating the creation of protocol solutions in the appropriate homes for those technologies.
In general, Concordia participants take on new work when a deployer (of any size) presents a problem that existing identity protocols do not solve, ideally a problem that benefits from greater interoperability between protocols. The participants then work with a wide swath of the Internet community to document one or more resulting use cases, requirements, and interop scenarios. All Concordia output is recorded on the wiki. Use cases and requirements may then be used as input to a technical group where relevant specification development occurs. When starting this process, Concordia participants are not biasing themselves by looking at what technical group will ultimately take on the resulting work.
Concordia welcomes participation by representatives of all identity-related initiatives as well as the wider Internet community with an interest in the areas of work the project is undertaking. Note that while Concordia was conceived of by members of the Liberty Alliance, it is organizationally independent and run as an open and self-regulating community.
See also the detailed Purpose and Principles (charter) statement.
Mailing List
Please visit the community at projectconcordia page to add yourself to the mailing list. The mail archives are publicly available.
Meeting Schedule
We meet by phone on some Tuesdays (usually alternate Tuesdays) at an hour that splits the difference between two hours in which various people had conflicts:
- 10:30-11:30am PT (normative across summertime changes)/ 1:30-2:30pm ET / 6:30-7:30pm UK /7:30-8:30pm CET / 5:30-6:30am NZ (next day)
The dial-in number is:
- US toll-free +1 866 469 3239, caller-paid +1 650 429 3300, code 7860-6951#
Upcoming telecon dates are:
- July 15 (tentatively), July 29...
Past F2F meetings and workshops:
- 26-27 Apr 2007 in Brussels at Identity Open Space
- 11-14 May 2007 in Mountain View, CA at IIW; meeting notes are here: IIW2007A_Concordia
- 26 Jun 2007 in San Francisco at Burton Catalyst Conference; summary of themes is here: Catalyst_Concordia Workshop June 26, 2007 Theme Summary
- 26 Sep 2007 in San Francisco at Digital ID World; attendees are listed here: DIDW Workshop participation list; notes are here: DIDW Workshop 2007 Notes
- 3 Dec 2007 just prior to the Internet Identity Workshop 2007b. A one-pager was prepared for the IIW Monday afternoon introductory track. Here are the Meeting Minutes from 3 December 2007 Workshop.
- 7 Apr 2008 at RSA: Held a half-day workshop and interop demo. Notes are at Concordia workshop RSA 2008 notes.
- 14 May 2008 at IIW 2008a: Held a "lightning workshop" for an hour at IIW; stay tuned for links to notes.
- 23 Jun 2008 at Burton Catalyst in San Diego: Held a day-long workshop focusing on policy and entitlements. Here are the notes: Catalyst Concordia Policy Workshop 2008. Attendees are listed here Policy_&_Entitlements_Management_workshop_participants.
Past telecons and their most prominent or notable discussion themes:
- Initial scenario-scoping calls: Concordia telecon 15 Aug 2007; Concordia telecon 9 Oct 2007; Concordia telecon 15 Nov 2007; Concordia telecon 13 Dec 2007
- Serious RSA interop planning: Concordia telecon 10 Jan 2008; Concordia telecon 22 Jan 2008; Concordia telecon 05 Feb 2008; Concordia telecon 19 Feb 2008; Concordia telecon 4 Mar 2008; Concordia telecon 11 Mar 2008; Concordia telecon 18 Mar 2008; Concordia telecon 25 Mar 2008; Concordia telecon 1 Apr 2008
- Post-RSA activities: Concordia telecon 22 Apr 2008; Concordia telecon 6 May 2008; Concordia telecon 20 May 2008; Concordia telecon 3 June 2008; Concordia telecon 17 Jun 2008p
- Era of policy/entitlement work stream: Concordia telecon 1 Jul 2008
Current Work
We held a workshop focusing on policy and entitlements issues at the Burton Catalyst conference in June 2008. See the notes at Catalyst Concordia Policy Workshop 2008 for conclusions and next steps.
We demonstrated technology-provider interop of high-priority scenarios at the RSA conference in April 2008. To do this, we identified scenarios of interest (InfoCard+federation and SAML2+WS-Fed chaining) and fleshed them out. At the December workshop at IIW three scenarios were selected. See the Concordia workshop RSA 2008 notes page and subsequent telecon notes for the results of the workshop and ongoing followup work.
History: We began to prioritize scenario areas at the DIDW workshop (see DIDW Workshop 2007 Notes) -- for example, identity provider discovery is an A-priority issue but single logout interop is only B-priority. Some topics will be interop-tested but other topics are suitable mostly for further deployer education/clarification because they are so broad and/or they involve business decisions that go beyond technical considerations.
We gather input from deployers on an ongoing basis, and deployers have made the following presentations in workshops to date:
- AOL Identity Management Use Case (see also Catalyst_Concordia Workshop June 26, 2007 Theme Summary)
- Boeing Identity Management Use Case (see also Catalyst_Concordia Workshop June 26, 2007 Theme Summary)
- Boeing Policy & Entitlements Management Use Case (see also Catalyst Concordia Policy Workshop 2008)
- Chevron (see DIDW Workshop 2007 Notes)
- Cisco Policy & Entitlements Management Use Case (see also Catalyst Concordia Policy Workshop 2008)
- General Motors Identity Management Use Case (see also Catalyst_Concordia Workshop June 26, 2007 Theme Summary)
- Government of B.C. Identity Management Use Case (see also Catalyst_Concordia Workshop June 26, 2007 Theme Summary)
- InCommon Federation Identity Management Use Case (see also DIDW Workshop 2007 Notes)
- Micron Policy & Entitlements Management Use Case (see also Catalyst Concordia Policy Workshop 2008)
- New Zealand State Services Commission Identity Management Use Case (see also DIDW Workshop 2007 Notes) (see also the Concordia workshop RSA 2008 notes for additional input provided by Danny Mollan of NZ SSC)
- U.S. General Services Administration Identity Management Use Case (see also Catalyst_Concordia Workshop June 26, 2007 Theme Summary)
We will produce educational writeups/white papers on areas of strong deployer interest that don't lend themselves to easy answers. The first is planned to be:
There is interest in creating a second white paper on the problems of single logout, which share some philosophical similarities to the problems of IdP discovery.
Metasystem Use Cases
(Here, metasystem is used in the sense of getting individual systems -- normally involving a single homogeneous set of technologies -- to work with each other. The page referred to is old and is not currently being maintained to any degree of quality.) See the Metasystem use cases page for details on the general and specific use-case landscape.
External References
The following external resources may be useful in helping us do our work:
- Massive list of standards and specifications of interest compiled by the OpenQabal social networking/collaboration project
- OpenID
- openLiberty Identity Landscape
- OASIS SSTC (SAML)
- ITU-T FG IDM
- OASIS IDTrust Member Section
Following are other groups and organizations that Project Concordia can learn from and should coordinate with as appropriate:
- 3GPP
- ITU-T FG on IdM (Abbie Barbir has agreed to be the Concordia liaison to ITU-T)
- Liberty Alliance
- OpenID Foundation
- OASIS (Various OASIS TCs)
- OSIS (we have an agreement to coordinate meetings to reduce overlap and sync up on scenarios to learn from each other)
- InCommon (higher education federation)
- Identity Commons
- Higgins
These resources compare various sets of technologies:
- Technical Comparison: OpenID and SAML paper by Jeff Hodges
- Federated Identity Technologies slide deck by Eve Maler comparing SAML, OpenID, and CardSpace
These resources describe efforts that combine technologies in new ways:
- perfSONAR OAuth Profile proposal combining OAuth and SAML2
- RESTful identity services approach leveraging ID-WSF: intro, core scenario, service registration
Press Releases
From time to time, Project Concordia will issue press releases to update the public about significant activities and progress against stated goals.
[March 24, 2008]--Press release detailing interop workshop at RSA Conference against two scenarios RSA IOP Scenarios, with participation from FuGen Solutions, Internet2, Microsoft, Oracle, Ping Identity, Sun Microsystems and Symlabs.
[June 4, 2008]--Press release detailing the policy and entitlements management workshop taking place at the Burton Catalyst Conference in San Diego on June 23, 2008. The workshop is sponsored by Liberty Alliance and Burton Group and is the first Concordia event to focus on policy and entitlements management and associated standards such as XACML and WS-Policy.
Participants
Participants in Concordia telecons and workshops are usually recorded in the notes from those meetings. Participants in the Concordia mailing list can be reached at community@projectconcordia.org.
License
|
Content that violates any copyright will be deleted. You agree to license the copyrights in your contributions under Creative Commons Public License Attribution 2.5. When quoting, reproducing or re-using the entire documents or parts thereof, attribution shall include the name of the paper and a link to the location of the paper (where possible). Other than the copyright rights licensed above, participating in this discussion list does not grant any other intellectual property rights, particularly patent rights, or provide any other commitment by the participants of the content discussed to the Liberty Alliance or any other organization. |
|
