An open discussion list for topics related to the eduGAIN interfederation service.

[Lukas Hämmerle <lukas.haemmerle AT switch.ch>]

On 29.10.14 16:16, Andy Bennett wrote:
> Some federations insist on releasing all the requested attributes and
> if you request one they're not happy with then they release nothing.

I wonder how many federations are in this category... Any numbers?
Wouldn't it be easier to kindly ask them to change their behaviour
instead of investing a lot of time in
specification/implementation/deployment of a new meta attribute that is
only mitigating and not solving the problem really (see below)?


> Others insist on you enumerating everything you can use and then only
> sending you what they're happy to release.

Isn't that the most reasonable approach, combined with some logic on the
SP that throws an error message e.g. if neither displayName, commonName
or givenName+sn is available even though the name is crucial for the
operation of the service?



On 29.10.14 16:39, Leif Johansson wrote:
> the nordunet webinar service is a good example:
> 
> https://md.nordu.net/metadata/%7Bsha1%7D8854e4c7125335a1a6b3ff9354f4f1b2ba8707af.html
>
> The list of requested attributes is the union of all
> requested attributes that is needed by uninett and wayf. Now what 
> happens if uninett can send edupersonscopedaffiliation but not 
> eduersonaffiliation wayf can send eduersonaffiliation but not 
> edupersonscopedaffiliation
> 
> My guess is that wayf and uninett decide to ignore required 
> attributes they can't actually release - or this would never work.
> 
> The mari proposal is trying to make that problem a little less 
> egregious.

But there still will be a problem with mari, right. Namely, if the
webinar service requests a name and an identifier attribute and if an
organisation can only provide an identifier attribute. I have heard that
in some countries/federations, many IdPs can release hardly more than
affiliation and ePPN.


Best Regards
Lukas



-- 
SWITCH
Lukas Hämmerle, Central Solutions
GÉANT Project Task Leader "Enabling Users"
Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland
phone +41 44 268 15 05, direct +41 44 268 15 64
lukas.haemmerle AT switch.ch, http://www.switch.ch