An open discussion list for topics related to the eduGAIN interfederation service.

[Ian Young <ian AT iay.org.uk>]

On 7 Jul 2014, at 12:27, Peter Schober <peter.schober AT univie.ac.at> wrote:

> While I do think that listing any non-UKf IDP in /the/ UKf DS is
> "wrong" to some degree (not that I have any issues with that; we just
> run several "fallback" DSs for that case[1]) I defintively wouldn't
> agree with conflating eduGAIN IDPs with IDPs that chose to be "less
> discoverable".

I would like to separate those issues, actually. How a standardised "less 
discoverable" entity category might interact with how we treat imported 
entities *by default* is not obvious to me right now. That is one reason one 
of my proposals in that area was a "discoverability" attribute with a 
controlled vocabulary rather than just an entity category. The former would 
allow us to distinguish between entities which had made an explicit choice to 
be discoverable and those which simply didn't say anything at all, so 
resolving the default case could be done a bit more subtly.

> Neither do I intend to use the UKf proprietary metadata extension in
> our eduGAIN upstream only to prevent them from showing up there.

To be clear, I wasn't suggesting that you do. We don't export any of our 
proprietary extensions to eduGAIN or elsewhere, and we silently discard any 
that we might receive. I don't want to treat what we did internally as 
anything other than a temporary (ha!) stop-gap until a proper standardised 
version can be agreed.

What I was suggesting was that we could make it possible for you as a 
registrar to request that the UKf CDS treat your entities differently by 
default, by an out of band request to the UKf registrar. That might involve 
us adding our local marker for "hidden" or it might not; the details might be 
a bit tricky because of the way our CDS works today but I don't think we need 
to focus on those.

> But those having problems with the current situation might just do
> that, actually, because it won't have any effect on any one else.

Adding the UKf extension won't change any behaviour today as we'll filter it 
out before republication.  I guess we could change that if people thought it 
would help, but I'd rather not.

Not all of the UKf SPs who run their own DS actually honour it anyway, so it 
might not even have any effect on the SPs people might care about.

> It will just break (i.e., return to the current status quo) if/once
> the Ukf switches to a standardized flag to signal "less disco".

If we had a standardized exact equivalent, we'd probably make them equivalent 
for an extended period. So, entities acquiring either indicator from any 
source would also be given the other indicator.

        -- Ian

Attachment: smime.p7s
Description: S/MIME cryptographic signature