With this solicitation we kindly ask your organisation to consider supporting the SimpleSAMLphp (SSP) project. For many of you this software product comprises a vital piece of your AAI infrastructure that merits maintenance, care and attention. Sustaining SSP will help you to continue to be able to use this software in a secure and trusted way, and may lead to future features and capabilities for the benefit of your organisation. While this solicitation focusses on financial contributions, the project of course also very much welcomes structural in-kind contributions from your organisation that would help sustain SSP. If you have suggestions, please contact us also.
In 2020, UNINETT announced a strong willingness and interest to continue supporting the project financially, but indicated that internal organizational shifts would make ongoing operational support and maintenance of the SSP no longer viable. Several community representatives stepped up in an effort to safeguard the future of the SSP project.
To provide the project with a new legal body, the project joined the the Commons Conservancy1. This provides SSP with a legal status, the ability to raise funds and take care of other legal affairs like for example to hire staff to work on the project. A board was formed to govern the project in the conservancy..
Project governance and strategy is published [in the project github governance repository]. To sustain and support this work, the board aims to hire and sustain two roles:
-
Lead Maintainer who manages the SSP project in close collaboration
with the developer community, maintains and develops code as well as handes community contributions.
-
Lead Communications who manages general communications and
outreach on behalf of the SSP project, including the web presence (website, blog updates, use case stories, etc), organizes in-person and/or virtual SSP project meetings, including hackathons and gatherings at conferences and similar.
It is the opinion of the board that both roles need significant amounts of time, and as such warrant dedicated resourcing. It is the intent of the board to solicit the resources for these roles through an open and transparent procedure.
With the aid of the Commons Conservancy, the SSP project already has mechanisms in place to solicit funds and use those funds to hire dedicated staff to support and extend the project. To allow the board to fill the proposed positions, we are asking core users and members of the community to contribute financially to the sustainability of the SimpleSAMLphp project.
The board estimates that this effort requires an initial financial backing of EUR 100.000 (1 FTE) on a yearly basis for both Lead Maintainer and Lead Communications roles.
Additional short term engagements may be used for specific, not continuously occurring tasks that typically are well (enough) standardised to capture in a simple description of work or tasks requiring specialised skills and knowledge we can not or do not want to maintain in the Programme. Examples of such tasks are:
- code security audits, crypto security audits
- designing a new UI
- creating promotional material
At this point we have already received very kind commitments to contribute from UNINETT (NO) and Cirrus Identity (US), which have allowed us to hire a developer for the Lead Maintainer role.
We welcome contributions of any kind, both financial as well as in kind.
If you want to contribute financially, we kindly suggest the following yearly contribution levels:
-
Platinum - euro 30.000 and above
-
Gold - euro 20.000
-
Silver - euro 10.000
-
Bronze - euro 5000 and below
Please know we can send formal invoices for this contribution agreement if your organization so wishes. If you would like to contribute in kind, please join the developer community.
The SimpleSAMLphp (SSP) project (https://simplesamphp.org) was launched in 2008 by Andreas Åkre Solberg from UNINETT, the Norwegian National Research and Education Network. The project provides a range of options to support authentication with multiple protocols, support for multilateral federation and proxied authentication services.
The project has been offered as open source software from its beginnings and over the years a broad community of at least 170 developers from within the Research and Education (R&E), and beyond, has contributed to the product, resulting in over 100 releases.
The SSP project is widely adopted and deployed around the world and is an essential component in many R&E identity federations. In the global eduGAIN interfederation for example, SSP is the second largest deployment, in use with more than 1100 entities, making up for almost 14% of Identity providers and Service provider implementations.
If you have the ability to contribute, please contact the SimpleSAMLphp board at SSAML.board@commonsconservancy.org..