[Surfconext-sp-newsletter] SURFconext News SP-edition including; SP-Dashboard | Hackathon | Webinar: user identifiers | Personal data in metadata

SURFconext Nieuws no-reply at surfconext.nl
Tue Jun 5 15:37:10 CEST 2018 

SURFconext News SP-edition 2018 #1



		

This newsletter will bring you information regarding new developments, 
plans for the future, tips and tricks and will appear on an irregular basis.

Who receives this newsletter?
All technical and administrative contacts of a service connected to 
SURFconext will receive this newsletter. Subscribe here 
<https://list.surfnet.nl/mailman/listinfo/surfconext-sp-newsletter> and 
unsubscribe here 
<https://list.surfnet.nl/mailman/options/surfconext-sp-newsletter>.

For an overview of all mailings by the SURFconext team, see the 
following page. 
<https://wiki.surfnet.nl/pages/viewpage.action?pageId=60701393>

In this edition:

 1. Hackathon: connect your SP to SURFconext
 2. Webinar: best identifier for your job!
 3. SURFconext will migrate to SHA-265 in 2018
 4. Personal data in your metadata?
 5. SP-Dashboard live


  Hackathon: connect your SP to SURFconext

June 25th we organize a hackathon/workshop for everyone needing some 
help connecting their service to SURFconext, either using SAML or Open 
ID Connect, SURFsecureID (formerly known as Strong Authentication), 
groups/teams/VOOT etc. Members of our team will be at hand to solve any 
hurdles on the spot. At the end of the hackathon, your SP should be 
(nearly) connected. Register here! 
<https://www.surf.nl/agenda/2018/06/hackathon-%E2%80%93-sluit-je-dienst-aan-op-surfconext/index.html> 
Any questions? Mail raoul.teeuwen at surfnet.nl.


  Webinar: best identifier for your job!

What identifiers are available when connecting to SURFconext? What are 
the pros and cons of them all? In the 25 minute webinar on identifiers, 
June 26th, we'll tell you all about it. We'll record it so you can also 
watch it later.

Keep an eye on the SURF agenda <https://www.surf.nl/agenda/>. More 
information and watch link will be available soon.


  SURFconext will migrate to SHA-256 in 2018

The SHA-1 hashing algorithm used by SURFconext to cryptographically 
certify assertions it sends to Service Providers, is considered 
deprecated. In order to be able to keep guaranteeing the security of our
service, SURFconext will migrate to the more secure SHA-256 hashing 
algorithm.

The switchover is planned for the fourth quarter of 2018. When the 
concrete deadline is known, it will be announced to the Service 
Provider's listed technical contact.

Any reasonably recent SAML 2.0 Service Provider implementation should 
already support SHA-256. If you are using a very old version of an 
implementation or library you may need to upgrade. The SURFconext "test"
and "staging" environments will be configured so you can verify that 
your Service Provider is indeed compatible with the SHA-256 algorithm.

The concrete timeline will be announced soon. For more information, 
please refer to our documentation <https://wiki.surfnet.nl/x/nwCtB>.


  Personal data in your metadata?

Service providers and Identity providers provide contact details in 
metadata to help manage technical support, administrative support and 
security management. eduGAIN strongly recommends that these contacts 
should be a role-based name and email address and NOT personal data 
wherever practical. A Best Current Practice document will be issued by 
eduGAIN to all federation operators.

So you might want to check your metadata. Check the following page for 
more GDPR related tips 
<https://blog.geant.org/2018/04/02/edugain-gdpr-advice-published>.


  SP-Dashboard live

We’re happy to announce that the Service Provider Dashboard is live. 
This dashboard enables you to independently manage your service(s) on 
the SURFconext platform. It allows to create, test and edit entities 
before promoting them to production.


        New functionalities

-Your own dashboard behind SURFconext login.
-Create unlimited entities per SP.
-Manage multiple SP’s.
-Answer GDPR questions within the dashboard.
-Request production connection.


        Future functionalities

-Compatible with OpenID Connect (at this moment SP-Dashboard is SAML-only).
-What institutions will use your service?
-Single-/multi-tenant.


        SP-Dashboard vs SP-Form

At this moment the SP-Form will be available alongside the SP-Dashboard. 
In the coming months we will say goodbye to the SP-Form and the SP’s and 
IdP’s that exist there. If you want to migrate please let us know.

Refer to the documentation for more information 
<https://wiki.surfnet.nl/display/surfconextdev/SP+Dashboard>.



------------------------------------------------------------------------

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://list.surfnet.nl/pipermail/surfconext-sp-newsletter/attachments/20180605/e7429e15/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: foamecjiegbjlegb.png
Type: image/png
Size: 196654 bytes
Desc: not available
URL: <https://list.surfnet.nl/pipermail/surfconext-sp-newsletter/attachments/20180605/e7429e15/attachment-0001.png>

More information about the Surfconext-sp-newsletter mailing list