Skip to Content.
Sympa Menu

edugain-discuss - Re: [eduGAIN-discuss] opt-out federations promoting opt-out

edugain-discuss AT lists.geant.org

Subject: An open discussion list for topics related to the eduGAIN interfederation service.

List archive

Re: [eduGAIN-discuss] opt-out federations promoting opt-out


Chronological Thread 
  • From: Glenn Wearen <glenn.wearen AT heanet.ie>
  • To: Ian Young <ian AT iay.org.uk>
  • Cc: edugain-discuss AT geant.net
  • Subject: Re: [eduGAIN-discuss] opt-out federations promoting opt-out
  • Date: Mon, 1 Dec 2014 08:20:05 +0000
  • List-archive: <https://mail.geant.net/mailman/private/edugain-discuss/>
  • List-id: eduGAIN discussion list <edugain-discuss.geant.net>

Well, I don’t know, save for asking Caleb I never will. However, I’ve looked
at a few of these services and accessing them takes you straight NCL’s IdP
with no DS, furthermore you can judge for yourself by the entityID’s that
many of these are internal apps.
I’ve taken account of the national data centres (e.g mimas entities in
Manchester’s domain) and agree that NCL are exceptional - I wish it were the
norm that an institution should have some many entities. However, there are
exceptions like NCL in other federations, which brings me back on topic. Are
Federations encouraging institutions to take their private services out of
eduGAIN where the federation operates on the opt-out model?

Regards
Glenn


HEAnet Limited, Ireland's Education and Research Network -
1st Floor, 5 George's Dock, IFSC, Dublin 1
Registered in Ireland, no 275301 tel: +353-1-6609040 fax: +353-1-6603666

> On 28 Nov 2014, at 14:35, Ian Young <ian AT iay.org.uk> wrote:
>
>
>> On 28 Nov 2014, at 13:49, Glenn Wearen <glenn.wearen AT heanet.ie> wrote:
>>
>> Take for example Newcastle University, it has exposed 100 entities, most
>> of which are used by Newcastle only.
>
> I'm not saying you're wrong (I suspect you're right) but I'd be interested
> to hear how you know that to be the case. Newcastle don't tell us which
> entities are Newcastle-only, and we don't try to guess.
>
> Newcastle were an early and enthusiastic adopter of federated identity,
> long before there were really any tools available to help with local
> metadata management. We used to joke that the UK federation was really the
> "federation of Cal (Racey)" in the early days. So I'm sure that it was true
> then that Newcastle registered entities with the UKf in the early days that
> they really didn't need to, because that simplified their adoption process.
>
> There are only a few other institutions in the UKf where you might be
> likewise suspicious, and most of those are down to being national data
> centres and the like (i.e., legitimately running services for the
> community). It isn't a widespread practice.
>
> -- Ian
>
>
>
>






Archive powered by MHonArc 2.6.19.

Top of Page