Internet2

close
Use Internet2 SiteID

Already have an Internet2 SiteID?
Sign in here.

Internet2 SiteID

Your organization not listed? Create a local account to use Internet2 services.

Create SiteID

Blogs

Health Checks: Helping You Meet Baseline Expectations

May 25, 2018, by Dean Woodbeck
Tags: InCommon, InCommon Federation, Recent Posts, Trust & Identity

In February 2018, InCommon operations started to send monthly metadata "health checks" to site administrators and those in the role of InCommon Exec. This is part of the process to help organizations meet the Baseline Expectations for Trust in Federation. The expectations require each entity to include several elements in its metadata, including:

  • Display name
  • Technical contact
  • Administrative contact
  • Security contactPrivacy URL
  • Logo
  • Error URL

The health checks let site admins and execs know which elements are missing from their metadata, and thus are preventing that entity from meeting the Baseline Expectations.

Thanks to cooperation from site administrators, the health checks are working and more organizations are meeting the expectations. In just four months (starting in February), we’ve seen some dramatic improvements. Overall, the percentage of those meeting Baseline Expectations has risen from 16% to 46% (for identity providers) and 5% to 33% (for service providers). 

Here are the improvements for some of the individual metadata requirements:

  • Security contacts have risen from 17% to 40% 
  • Administrative contacts have risen from 42% to 57%
  • Technical contacts (which were already required) have gone from 91% to 95%
  • Logos have risen from 19% to 42%
  • Privacy policy URLs have risen from 21% to 41%

While there is still a ways to go, this represents significant progress. InCommon will continue to send health checks to all organizations with entities that do not include all of the metadata elements required by Baseline Expectations. Health check graphs with month-to-month results are published on the wiki.

The latest version of the Federation Manager (which is used by site admins to manage their metadata) will include messages that strongly encourage including all of the required metadata elements. In six months, the Federation Manager will require a site administrator to include all required metadata.