Sirtfi is a means to enable a coordinated response to a security incident in a federated context that does not depend on a centralised authority or governance structure to assign roles and responsibilities for doing so. It defines a modest set of security protections for federated entities and a standard means of publishing security contact information for them. A party participates in Sirtfi by first ensuring that they implement those security protections, then coordinating with their Federation Operator to publish this self-attestation together with their security contact information.
This presenation will discuss what Sirtif is, the participants and their roles and how it benefits the global federation space. We will also discribe the traffic light protocol that is central to Sirtfi.
