edugain-discuss AT lists.geant.org

Subject: An open discussion list for topics related to the eduGAIN interfederation service.

List archive

Re: [eduGAIN-discuss] ALL eduGAIN entities in UK federation?

From: Jan Tomášek <jan.tomasek AT cesnet.cz>
To: edugain-discuss AT geant.net
Subject: Re: [eduGAIN-discuss] ALL eduGAIN entities in UK federation?
Date: Wed, 05 Feb 2014 17:06:39 +0100
List-archive: <https://mail.geant.net/mailman/private/edugain-discuss/>
List-id: eduGAIN discussion list <edugain-discuss.geant.net>

On 02/05/2014 03:43 PM, Ian Young wrote:

Almost, but not quite true. We do filter out a number of entities
(currently 36) which don't meet our metadata quality checks. For
example, if an entity has a 1024-bit key, it will not be republished.
I'm working on resolving these quality issues with the other
participant federations but I'm sure you can imagine that some of
them take a long time... obviously we will prioritise work for any
entity that we have a specific request for from either side.

I know, you have already contacted me in role of eduID.cz admin, there were some http only logo in our metadata... it's truly longterm work.

Is this intentional or is this a bug?

I'd describe this differently than Brook and Alex: it's not
"intentional" but it is "expected". It's not a "bug" but it is
"undesirable behaviour".

Well, that is too soft diference for a person with my English. ;)

The behaviour you see is a predictable consequence of these things:

* Scran have not opted in to inter-federation metadata exchange. If
you actually want to use their services, you and perhaps we should
talk to them about doing that. If you're just looking for something
to test against, try this:

https://test.ukfederation.org.uk/

Scran was the first entity where I managed to understand where to click to try login. Actualy none of our users have requested access there.

Thanks for UK testing site, it works for me :) And I realize that we do not publish ours into eduGAIN.

I still do not understand why is opt-in only in direction UK -> eduGAIN and not in opposite. It breaks automatic discovery and admin still has to do something (to choose opt-in).

At this point I have to admit that my interest come from fact that this broke our automatic central discovery we are running here. We had complain from some SP admin that we are offering IdP which are not in eduGAIN metadata stream.

--
--------------------------------------------------------------
Jan Tomasek aka Semik work: CESNET, z.s.p.o.
http://www.tomasek.cz/ Zikova 4, 160 00 Praha 6
Czech Republic
phone(work): +420 234 680 279 http://www.cesnet.cz/

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Re: [eduGAIN-discuss] ALL eduGAIN entities in UK federation?, (continued)
- Re: [eduGAIN-discuss] ALL eduGAIN entities in UK federation?, Ian Young, 05-Feb-2014
  - Re: [eduGAIN-discuss] ALL eduGAIN entities in UK federation?, Thomas Lenggenhager, 05-Feb-2014
    - Re: [eduGAIN-discuss] ALL eduGAIN entities in UK federation?, Ian Young, 05-Feb-2014
      - Re: [eduGAIN-discuss] ALL eduGAIN entities in UK federation?, Leif Johansson, 05-Feb-2014
      - [eduGAIN-discuss] Skating to where the puck is gona be (was Re: ALL eduGAIN entities in UK federation?), Leif Johansson, 05-Feb-2014
        
        Re: [eduGAIN-discuss] Skating to where the puck is gona be (was Re: ALL eduGAIN entities in UK federation?), Miroslav Milinovic, 06-Feb-2014
  - Re: [eduGAIN-discuss] ALL eduGAIN entities in UK federation?, Jan Tomášek, 02/05/2014
    - Re: [eduGAIN-discuss] ALL eduGAIN entities in UK federation?, Brook Schofield, 05-Feb-2014
      - Re: [eduGAIN-discuss] ALL eduGAIN entities in UK federation?, Jan Tomášek, 05-Feb-2014
        
        Re: [eduGAIN-discuss] ALL eduGAIN entities in UK federation?, Nicole Harris, 05-Feb-2014
        
        Re: [eduGAIN-discuss] ALL eduGAIN entities in UK federation?, Peter Schober, 05-Feb-2014
        
        Re: [eduGAIN-discuss] ALL eduGAIN entities in UK federation?, Jan Tomasek, 05-Feb-2014