An open discussion list for topics related to the eduGAIN interfederation service.

[Andy Bennett <andyjpb AT knodium.com>]

Hi,

>> At best this violates the minimality principle and at worst causes
>> breakage since the RequestedAttribute practice of one federation is
>> often incompatible with that of the next federation. Experience shows
>> that breakage occurs after only a small number of connected
>> federations (I have example breakage at <3 federations).
> 
> I'd be interested in more (any, really) concrete examples of that kind
> of breakage, to substantiate the claim of the massive scope of that
> problem.  (I'm probaby just lacking that experience, and imagination.)

I documented our (Knodium's) experience of this in a message to this
list (eduGAIN-discuss) entitled 'RequestedAttribute "in the field"' on
2014/05/03.

The underlying problem is to do with mutually conflicting requirements
and assumptions. Some federations insist on releasing all the requested
attributes and if you request one they're not happy with then they
release nothing. Others insist on you enumerating everything you can use
and then only sending you what they're happy to release. i.e. if you
don't ask for it they won't send it to you even if they'd be happy to if
you asked.


>> The reason the problem occurs is that federations don't agree on the
>> semantic and use of attributes. Furthermore it seems unlikely that
>> we'll be able to align attribute semantics globally.
> 
> Personally I'd very much prefer to tackle harmonization and alignment
> (possibly at the same time, given concrete problems to chew on) as
> doing that would also solve the problem for the SP, which in the
> proposal still is stuck having to deal with all the incompatible crap
> that seems to be floating around, as you acknoledge:

I'm not sure how I feel at the moment. Certainly, if more
recommendations and practices are introduced I'd like the existing ones
to be deprecated and officially denounced in eduGAIN.

OTOH, I agree with harmonization and alignment of the use of existing
methods. It'd be nice for eduGAIN to try to offer some guidance on this
but I understand they're in a difficult position as they want to
maximise interfederation so need to keep the barriers to entry low.
There is also a good case to be made for eduGAIN remaining at the
"fabric" layer and not worrying about the policies at all.





Regards,
@ndy

-- 
andyjpb AT knodium.com
http://www.knodium.com/