Identity Assurance

The reliability of digital identities is an essential factor in the trust fabric of an identity federation like DFN-AAI.

The REFEDS Assurance Framework defines how identity assurance information can be transported via values of the eduPersonAssurance attribute. It enables service providers to address particularly relevant reliability criteria separately (if necessary), depending on individual protection requirements. As a internationally recognized standard, the REFEDS Assurance Framework is a key factor for the connectivity of the DFN-AAI in the international context. This particularly concerns the support of research communities that depend on cross-federation collaboration via eduGAIN.

A more detailed presentation (in German) of the facts can be found in DFN-Mitteilungen Nr. 100 starting on page 42.

  • February 2022: Workshop(s) on the technical implementation of the REFEDS Assurance Frameworks - dates to be announced soon.
  • May, 20th end of April 2022, the separate metadata sets for the Degrees of Reliance Advanced and Basic will be abolished. For the productive environment of the DFN-AAI, only two metadata files will then be available, each containing the metadata of all productive IdPs and SPs. The metadata administration tool of the DFN-AAI will continue to support the two Degrees Advanced and Basic. However, the IdP-side conformance to a Degree of Reliance and the related requirements of a Service Provider will then only be available via corresponding Entity Attributes in the IdP and SP metadata. This type of labeling has already been implemented for some time.
  • end of 2022 January, 12th, 2023, support for the Degrees of Reliance on the part of the DFN-AAI metadata registry and metadata administration tool will be discontinued. As of January 2023, information on the reliability of digital identities in the DFN-AAI will be transported exclusively via the mechanisms of the REFEDS Assurance Framework..
  • Last modified: 15 months ago