edugain-discuss AT lists.geant.org
Subject: An open discussion list for topics related to the eduGAIN interfederation service.
List archive
- From: Glenn Wearen <glenn.wearen AT heanet.ie>
- To: Niels van Dijk <niels.vandijk AT surfnet.nl>
- Cc: edugain-discuss AT geant.net
- Subject: Re: [eduGAIN-discuss] Machine readable and 'trusted' interfederation metadata
- Date: Fri, 1 Aug 2014 10:33:20 +0100
- List-archive: <https://mail.geant.net/mailman/private/edugain-discuss/>
- List-id: eduGAIN discussion list <edugain-discuss.geant.net>
Hi Neils
> We currently seem to have no machine readable way of expressing metadata
> on the interfederation federations themselves.
I presume you mean “metadata contacts” when you say “metadata”?
Glenn
On 1 Aug 2014, at 10:25, Niels van Dijk <niels.vandijk AT surfnet.nl> wrote:
> Hi all,
>
> We currently seem to have no machine readable way of expressing metadata
> on the interfederation federations themselfs. The edugain metadata does
> publish a statement on RegistrationInfo
>
> e.g.:
> <mdrpi:RegistrationInfo
> registrationAuthority="http://www.surfconext.nl/"
> registrationInstant="2013-03-20T12:22:05Z"><mdrpi:RegistrationPolicy
> xml:lang="en">https://wiki.surfnetlabs.nl/display/eduGAIN/EduGAIN</mdrpi:RegistrationPolicy></mdrpi:RegistrationInfo>
>
> or
> <mdrpi:RegistrationInfo
> registrationAuthority="http://ukfederation.org.uk"
> registrationInstant="2014-07-01T15:25:50Z"><mdrpi:RegistrationPolicy
> xml:lang="en">http://ukfederation.org.uk/doc/mdrps-20130902</mdrpi:RegistrationPolicy></mdrpi:RegistrationInfo>
>
> The information on the registrationAuthority is not machine readable.
> Also, there is no machine readable information available on the
> 'authoritative contacts' for a federation. (comparable to the contact
> data we publish in our metadata for SPs and IdPs).
>
> I can think of a number of use cases:
> 1) We are building trust frameworks like e.g. CoCo and the R&S bundle
> which rely on the federation operator to issue statements on the
> 'trustworthiness' of an entitie. I have however no means to contact the
> federation operator that issued that statement based on the information
> provided. I could try to find these details on the page of the
> registrationAuthority, but these pages are mostly targeted at the local
> audience, so e.g. primarily available in the local language. Browsing
> these pages does however also reveal that most federations do provide
> such contact details at some place on these websites as public data. So
> there seems to be no reason not to have these in a public metadata
> registry as well.
> 2) If we want to automate incident response of cause primarily the SP or
> IdP is involved. There are however scenarios where the federation
> operator is/should be involved as well. How can these be reached, other
> then via the 'old boys' network (which is very good for trust, but
> scales rather poorly)?
> 3) In this grand age of community cloud <irony detection off>, I want to
> offer a service to fellow federations. Suppose I want federation
> operators to be able to do stuff, how do I get an authoritative
> statement on who these people are?
>
> I think therefore, federation operator contact data (admin/tech/support)
> should be contained in signed metadata, just as we have contact data for
> SPs and IdPs. Perhaps as part of the eduGAIN metadata stream, perhaps
> (my preference) as part of a separate stream that simply publishes
> participating federations and data on these.
>
> Any thoughts or comments?
>
> Cheers,
> Niels
>
- [eduGAIN-discuss] Machine readable and 'trusted' interfederation metadata, Niels van Dijk, 01-Aug-2014
- Re: [eduGAIN-discuss] Machine readable and 'trusted' interfederation metadata, Glenn Wearen, 08/01/2014
- Re: [eduGAIN-discuss] Machine readable and 'trusted' interfederation metadata, Peter Schober, 01-Aug-2014
- Re: [eduGAIN-discuss] Machine readable and 'trusted' interfederation metadata, Ian Young, 01-Aug-2014
- Re: [eduGAIN-discuss] Machine readable and 'trusted' interfederation metadata, Tomasz Wolniewicz, 01-Aug-2014
- Re: [eduGAIN-discuss] Machine readable and 'trusted' interfederation metadata, Niels van Dijk, 04-Aug-2014
- Re: [eduGAIN-discuss] Machine readable and 'trusted' interfederation metadata, Tomasz Wolniewicz, 04-Aug-2014
- Re: [eduGAIN-discuss] Machine readable and 'trusted' interfederation metadata, Niels van Dijk, 04-Aug-2014
- Re: [eduGAIN-discuss] Machine readable and 'trusted' interfederation metadata, Peter Schober, 04-Aug-2014
- Re: [eduGAIN-discuss] Machine readable and 'trusted' interfederation metadata, Niels van Dijk, 04-Aug-2014
- Re: [eduGAIN-discuss] Machine readable and 'trusted' interfederation metadata, Niels van Dijk, 04-Aug-2014
- Re: [eduGAIN-discuss] Machine readable and 'trusted' interfederation metadata, Tomasz Wolniewicz, 04-Aug-2014
- Re: [eduGAIN-discuss] Machine readable and 'trusted' interfederation metadata, Niels van Dijk, 04-Aug-2014
- Re: [eduGAIN-discuss] Machine readable and 'trusted' interfederation metadata, Tomasz Wolniewicz, 01-Aug-2014
- Re: [eduGAIN-discuss] Machine readable and 'trusted' interfederation metadata, Ian Young, 01-Aug-2014
- Re: [eduGAIN-discuss] Machine readable and 'trusted' interfederation metadata, Tomasz Wolniewicz, 01-Aug-2014
Archive powered by MHonArc 2.6.19.