An open discussion list for topics related to the eduGAIN interfederation service.

[Ian Young <ian AT iay.org.uk>]

On 7 Jul 2014, at 11:38, Tomasz Wolniewicz <twoln AT umk.pl> wrote:

> What if they want to use an SP that does point to this WAIF and that SP 
> would actually work for them?

For background, our federation CDS (which of course we recommend SPs not use 
because they should be running their own DS to give their users a better 
experience) has two modes of operation:

* The default UI includes all IdPs present in the UKf production metadata 
(which includes entities imported from eduGAIN) *except* those marked as 
<ukfedlabel:HideFromWAYF>, which has more or less the same semantics as the 
proposed "less discoverable" entity category.

* There's a link at the bottom of the default UI marked "Search over All 
Sites" which changes it to show all IdPs in the UKf production metadata 
regardless of whether they are "less discoverable".

This means that IdPs have some choice over whether they appear in the default 
UI (but no choice in whether they appear in the "all sites" UI). We recommend 
that IdPs not intended for general use (for whatever reason) are marked to be 
excluded from the default UI.

Today, 138 of the 726 IdPs registered with the UKf have chosen this option 
(about 19%).

IdPs imported from eduGAIN are currently treated as *not* hidden. Our 
thinking was that if they have made it into eduGAIN -- which most 
participants are operating as an opt-in system -- then they are probably 
intended to be visible.

We considered marking eduGAIN entities as hidden by default, but as I 
mentioned in the previous post to Glenn, decided it was (probably) not the 
right thing to do for all eduGAIN IdPs. I'd be interested to hear whether 
other federation operators felt that was the correct decision (a) for all 
eduGAIN IdPs in the UKf CDS but more interestingly (b) specifically for 
*their* IdPs.

> I really think that if we now start bilateral agreements on who exports 
> what, then we may just as well shut eduGAIN down.

Absolutely, but I think this part of the discussion is about CDS visibility, 
not export as such.

        -- Ian

Attachment: smime.p7s
Description: S/MIME cryptographic signature