Comment Details - National Information Standards Organization

Comment #00119 - various - RP-11-201x_ESPReSSO_for_comment.pdf

<< Previous Comment in Document | Next Comment in Document >> Document Details

Comment 119

New (Unresolved)

ESPReSSO: Establishing Suggested Practices Regarding Single Sign-On (Revision 0)

Comment Submitted by Tod Olson 2011-06-18 10:06:12	1. It seems like this is very library-oriented. We're also using the federated SSO to broker access to a large number of internal services, both for research and administrative uses. Most of the access scenarios and recommendations are the same in the non-Library context, but it would be nice to see an acknowledge that there are these other contexts, and the the SSO can apply more broadly to institutional authentication needs. 2. Among the user interface recommendations, it would be good to see a reminder that these forms and pages need to be designed with accessibility in mind. For example, it is not obvious that branding of the IdP login page that effectively informs sighted users which credentials to use would necessarily also work well for visually impaired users. Though accessibility is orthogonal to the point of the paper, given the current legal activity around accessibility, a gentle reminder to the reader may be appropriate. 3. in Section 4.5.2, Institution Menu Page, what about the case where someone from a different institution uses our menu pages and goes to an SP with our session initiator? They wind up at our IdP login page, with no way to get to their institution's login page. Should there be a way to bail out and go to the SP discovery page?

Comment Submitted by
Tod Olson
2011-06-18 10:06:12

1. It seems like this is very library-oriented. We're also using the federated SSO to broker access to a large number of internal services, both for research and administrative uses. Most of the access scenarios and recommendations are the same in the non-Library context, but it would be nice to see an acknowledge that there are these other contexts, and the the SSO can apply more broadly to institutional authentication needs.

2. Among the user interface recommendations, it would be good to see a reminder that these forms and pages need to be designed with accessibility in mind. For example, it is not obvious that branding of the IdP login page that effectively informs sighted users which credentials to use would necessarily also work well for visually impaired users. Though accessibility is orthogonal to the point of the paper, given the current legal activity around accessibility, a gentle reminder to the reader may be appropriate.

3. in Section 4.5.2, Institution Menu Page, what about the case where someone from a different institution uses our menu pages and goes to an SP with our session initiator? They wind up at our IdP login page, with no way to get to their institution's login page. Should there be a way to bail out and go to the SP discovery page?

Submitter Proposed Solution	Included in comments.

Submitter Proposed Solution

Included in comments.

Title	ESPReSSO: Establishing Suggested Practices Regarding Single Sign-On
File Name	RP-11-201x_ESPReSSO_for_comment.pdf	State	Draft
Date Added	2011-05-22 18:46:54	Revision Number	0
Submitter Name	Cynthia Hodgson	Size	1MB

Summary	various	State (Disposition)	New (Unresolved)
Date Added	2011-06-18 10:06:12	Last Updated	2011-06-18 10:06:12
Submitter Name	Tod Olson	Assigned To	Unassigned
Company Name	University of Chicago	Response	None
Interest Category		Category	Substantive
Origin	Public Review	Section, Page, Line
Item		Item Description

Comment #00119 - various - RP-11-201x_ESPReSSO_for_comment.pdf

Document Information

Comment Information