SDSS Federation Policy V1.0

All members of the federation must:

  • Observe best practice in the handling and use of your digital certificates and private keys

All identity providers (origins) must:

  • Make reasonable attempts to ensure that only members of your institution are provided with credentials permitting authentication to your handle server, and that the assertions made to service providers by your attribute authority are correct.

All service providers (targets) must:

  • Agree not to aggregate, or disclose to other parties, attributes supplied by identity providers.