An open discussion list for topics related to the eduGAIN interfederation service.

[Niels van Dijk <niels.vandijk AT surfnet.nl>]

Hi Ian, all,

On 03/27/2014 11:28 AM, Ian Young wrote:
> 
> On 27 Mar 2014, at 10:13, Niels van Dijk <niels.vandijk AT surfnet.nl> wrote:
> 
>> eduGAIN policy states:
>> (http://www.geant.net/service/eduGAIN/resources/Documents/eduGAIN_metadata_profile_v3.doc)
>>
>> "NOTE on <md:RequestedAttribute>: Whenever a Service Provider needs
>> attributes it should list them as <md:RequestedAttribute> in the
>> <md:AttributeConsumingService> of its <md:SPSSODescriptor> element to
>> increase the chance that Identity Providers really release them."
>>
>> Based on the above I assume that I can connect to this SP not releasing
>> any attributes.
> 
> I doubt that. It's more likely that the entity comes from a federation 
> which hasn't traditionally required this metadata to be provided by SPs. 
> The UKf is in that category, for example, but I think quite a few others 
> are as well. We do ask people opting SPs in to eduGAIN to provide this, but 
> it is a bit of an uphill struggle in some cases and it is optional.
> 

Naive me was sort of hoping that combining CoC and attribute
requirements in metadata at some point would lead to something that
scales better as compared to what we have now. As joining eduGAIN as an
SP is a deliberate step anyway, I could imagine at that point requiring
better metadata from the SP.

Should this be be something the eduGAIn community should consider? I
mean, contacting the SP is always the default option of last resort,
can't we work towards improving that?

Cheers,
Niels