An open discussion list for topics related to the eduGAIN interfederation service.

[Leif Johansson <leifj AT sunet.se>]

On 12/05/2013 12:34 PM, Peter Schober wrote:
> * Ian Young <ian AT iay.org.uk> [2013-12-05 12:27]:
>> That aside, I don't think the general case -- which is what you
>> would need to address the sort of issue Dick is facing -- is
>> soluble. I could be wrong, of course, but the way to demonstrate
>> that would be to show me an algorithm. This is not the first time
>> "just merge them" has been proposed as a solution to this problem,
>> but I've never seen anything more specific proposed.
> Just to clarify: What do you both mean with "merging"? Personally I
> read Leif's "merge" to mean what I said before (pick one
> EntityDescriptor over the other, e.g. based on its source).
That is *one* mechanism for merging.

Another policy might be to assign authority over parts of the
EntityDescriptor to different signing authorities, for instance Kantara
is allowed to override certain entity attribute values.
>
> From the above I have the impression Ian's "merge" actually means
> "combine the content of several EntityDescriptors into a single
> EntityDescriptor", which I would agree sounds like a recipe for
> unpredictale behaviour and failure modes.
> -peter
>