By Albert Wu, InCommon Federation Service Manager
InCommon participants established the InCommon Baseline Expectations for Trust in Federation in 2018 as a means to increase trust and interoperability among InCommon federation participants and to define what they expect of each other, and of InCommon Operations.
The second iteration of Baseline Expectations (Baseline Expectations 2, or BE2) was ratified by the InCommon Steering Committee in late 2020. BE2 officially went into effect on July 19, 2021. All InCommon Participants are expected to update their registered entities to meet BE2 requirements by December 17, 2021.
What Are The New Requirements in BE2?
The second set of Baseline Expectations adds three technical requirements aimed at improving security and the user experience. The InCommon Federation transitioned to BE2 on July 19, 2021. More than 83% of InCommon Federation participants already meet BE2 requirements. CTAB and InCommon operations are continuing to work with everyone to meet BE2 requirements in 2021.
1. Each Identity Provider and Service Provider must secure its connection endpoints with current and trusted encryption (TLS).
2. All Identity Providers and Service Providers must comply with the SIRTFI international security response framework.
3. All Identity Providers must include an error URL in metadata.
Baseline Expectations 2 Resources
Need more information? Visit the BE2 wiki to learn more about Baseline Expectations 2 and InCommon Federation best practices. You can also read the Baseline Expectations 2 Frequently Asked Questions.
As of December 10, 2021, 83% of InCommon Participant Organizations have met BE2 requirements:
Contact a Representative
If your organization has not made the necessary changes to meet BE2, it’s time to do so. If you would like assistance, please contact firstname.lastname@example.org.