CAF Newsletter: September 2019

Eduroam Visitor Access is Coming Soon!

Stay tuned for the launch of eduroam Visitor Access (eVA) for Canadian Access Federation (CAF) participants this Fall! eVA allows you to grant visitors secure, time-limited access to eduroam through your campus’s existing eduroam Wi-Fi network. eVA can strengthen Wi-Fi security at your institution and significantly simplify IT operations related to the management of Wi-Fi access for your campus visitors.

eVA Requirements

To be able to offer eVA on your campus, there are a few requirements that need to be met:

  • Your campus or institution must have eduroam deployed
  • Your institution needs to have Federated Identity Management (FIM) deployed

If you do not meet these two requirements, please update your CAF Participation Agreement to add the required services. Please use the button below to amend services if you already know which services need to be added or contact us at if you have any questions about your existing Agreement.

If both services are currently deployed, expect the CAF Primary Technical contact at your institution to receive an email invitation to eVA when the service launches.

Amend Services Here

eVA Webinars

We will be hosting webinars to explain eVA in greater detail and to answer all of your questions regarding the service. Please watch your inbox for a notification closer to eVA’s launch date to register for these webinars.

eVA and the R&S Entity Category

The eVA service will be a part of the Research and Scholarship (R&S) Entity Category. We highly encourage all post-secondary institutions to apply to join this Entity Category, as it will allow access to the service without having to configure the custom release of attributes for this and all other R&S services. More on the R&S Entity Category below.

Sirtfi now Supported in CAF

The Canadian Access Federation is pleased to have launched our online form for Sirtfi, the Security Incident Response Trust Framework for Federated Identity. We encourage all CAF Participants to assess their current practices in operation security, incident response, and traceability and compare those against the practices championed by Sirtfi.

What this framework enables is a higher standard of trust among federation participants. By attesting that your organization and/or service follows certain security best practices and provides contact information for the individual responsible for your organization’s security incident response, each member of the CAF federation will be assured of a stronger security posture and be able to respond in an agile and coordinated manner in case of a security incident.

The credibility gained by asserting Sirtfi compliance opens doors globally for your user community to access useful services for the research and education (R&E) community, as more organizations choose to enable authentication based on this enhanced trust.

For more information regarding Sirtfi, please visit this page.

To attest to the Sirtfi requirements for your organization, please use the button below. This form must be completed by an authorized CAF contact at your organization (CAF Signing Authority, Primary Business Contact or Primary Technical Contact). Once you have attested to these requirements for your organization’s identity provider and/or services, we will update your metadata to include the Sirtfi tag, as well as information for your organization’s security response contact.

Attest to Sirtfi Requirements

Authorized Contact Forms

The CAF team has been working hard over the past year to improve our operational practices to ensure a seamless service experience for CAF participants. We have engaged with all of our CAF Signing Authorities over the past few months to confirm the authorized contacts for each organization. This exercise ensures that we are communicating with the appropriate individuals and that certain actions are limited to individuals that have the appropriate level of authority at the organization.

We thank you very much for your support and engagement in this activity.

Authorized Contact Changes

It is your organization’s responsibility to ensure that authorized contacts remain up-to-date. If there are any changes to an authorized CAF contact at your organization, please inform us using our newly launched CAF Contact Change Form.

Use Contact Change Form

Join the Research and Scholarship Entity Category

We continue to encourage all CAF Participants to apply to the Research and Scholarship (R&S) Entity Category.

The R&S Entity Category simplifies access to R&S Services for your users by allowing automatic attribute release to services that belong to this category. Once your organization has joined this category, users will be able to access R&S services such as ORCID and the Open Science Data Cloud, among others, without your organization needing to configure for each R&S service individually. As new R&S services are introduced, for example eVA, they will be automatically configured and begin working immediately.

We also encourage all R&S focused services to apply for this Entity Category, as it reduces service integration efforts by ensuring consistency of attribute release from other participating IdPs supporting R&S.

To learn more about the R&S Entity Category, please follow this link.

Apply to Join the R&S Entity Category