February 18, 2021
The move to adoption of the second set of Baseline Expectations for Trust in Federation (BE2) is underway. The new expectations include three technical requirements aimed at improving security and the user experience that all InCommon Federation participants must meet during 2021:
- Each Identity Provider and Service Provider will secure its connection endpoints with current and trusted encryption (TLS)
- All Identity Providers and Service Providers will comply with the SIRTFI international security response framework
- All Identity Providers will include an error URL in metadata
InCommon operations will generate regular reports on the progress towards 100% adherence and will communicate directly with those organizations with entities (identity providers and/or service providers) that have not met the expectations.
The following data is current as of February 17, 2021
InCommon Federation by the numbers
Total organizations in the Federation: 786
Total Identity Providers in the Federation: 583
Total Service Providers in the Federation: 5,562
| Category | Count | Percent |
| Organizations adhering to BE2 | 55 out of 786 | 7% |
| Identity Providers adhering to BE2 | 63 out of 583 | 11% |
| Service Providers adhering to BE2 | 586 out of 5,562 | 11% |
| IdPs adopting SIRTFI | 119 out of 583 | 20% |
| SPs adopting SIRTFI | 592 out of 5,562 | 11% |
| IdPs with Error URL | 230 out of 583 | 39% |
The InCommon community adopted the first round of Baseline Expectations for Trust in Federation in 2018. The effort concluded successfully in February 2019, when 100 percent of Federation participants met those expectations.