• There was a working group in Incommon on Federation Proxies and what their roles and responsibilities are
  • This was triggered by some concern that proxies required 2FA or requested attributes for services that didn't need it (because they operate others that did need it)
  • The payment model of some federations may also contribute to suspicion over SP proxies (i.e. if SPs have to pay or not)
• For now it is paused
• There was a feeling in the room that this was written from the perspective of federation operators trying to control Federation Proxies, rather than federations trying to connect users to services that happen to be behind gateways that provide single sign on to a set of related services 
• More discussion is needed