edugain-discuss AT lists.geant.org
Subject: An open discussion list for topics related to the eduGAIN interfederation service.
List archive
- From: Peter Schober <peter.schober AT univie.ac.at>
- To: edugain-discuss AT geant.net
- Subject: Re: [eduGAIN-discuss] Locations for 'local' eduGAIN metadata
- Date: Tue, 13 Jan 2015 17:51:13 +0100
- Authentication-results: prod-mail.geant.net (amavisd-new); dkim=pass header.i= AT univie.ac.at
- List-archive: <http://mail.geant.net/pipermail/edugain-discuss/>
- List-id: "An open discussion list for topics related to the eduGAIN interfederation service." <edugain-discuss.geant.net>
- Organization: ACOnet
* Niels van Dijk <niels.vandijk AT surfnet.nl> [2015-01-13 16:31]:
> Oh, and does "(don't use without verification!)" require any
> explanation of what is expected of potential user?
Lukas added that in response to my reservations finding one of our
metadata URLs published there with no further info on (secure) use.
I know from long discussions with e.g. CLARIN that some people think
automatically and regularly pulling plain text files over the internet
is a sane (safe, secure, proper, etc.) way to bootstap a PKI.
While I can acknowledge that SPs may want to try to help their
potential customers getting access to their services, I do think that
none of our other metadata and security specifics are any of eduGAIN's
business (not to document and not to re-publish), esp if that leads to
unsuspecting but clueless people copying metadata URLs from such lists
and provising those into their software, thinking they are using (secure)
federation technology (as intended). When all they have is a 1st row
seat in security theater.
-peter
- Re: [eduGAIN-discuss] Locations for 'local' eduGAIN metadata, (continued)
- Re: [eduGAIN-discuss] Locations for 'local' eduGAIN metadata, Tomasz Wolniewicz, 15-Jan-2015
- Re: [eduGAIN-discuss] Locations for 'local' eduGAIN metadata, Tom Scavo, 15-Jan-2015
- Re: [eduGAIN-discuss] Locations for 'local' eduGAIN metadata, Tomasz Wolniewicz, 15-Jan-2015
- Re: [eduGAIN-discuss] Locations for 'local' eduGAIN metadata, Peter Schober, 15-Jan-2015
- Re: [eduGAIN-discuss] Locations for 'local' eduGAIN metadata, Tomasz Wolniewicz, 15-Jan-2015
- Re: [eduGAIN-discuss] Locations for 'local' eduGAIN metadata, Tom Scavo, 15-Jan-2015
- Re: [eduGAIN-discuss] Locations for 'local' eduGAIN metadata, Tomasz Wolniewicz, 15-Jan-2015
- Re: [eduGAIN-discuss] Locations for 'local' eduGAIN metadata, Tomasz Wolniewicz, 16-Jan-2015
- Re: [eduGAIN-discuss] Locations for 'local' eduGAIN metadata, Tom Scavo, 16-Jan-2015
- Re: [eduGAIN-discuss] Locations for 'local' eduGAIN metadata, Niels van Dijk, 13-Jan-2015
- Re: [eduGAIN-discuss] Locations for 'local' eduGAIN metadata, Peter Schober, 01/13/2015
- Re: [eduGAIN-discuss] Locations for 'local' eduGAIN metadata, Peter Schober, 13-Jan-2015
- Re: [eduGAIN-discuss] Locations for 'local' eduGAIN metadata, Niels van Dijk, 15-Jan-2015
- Re: [eduGAIN-discuss] Locations for 'local' eduGAIN metadata, Peter Schober, 15-Jan-2015
- Re: [eduGAIN-discuss] Locations for 'local' eduGAIN metadata, Tomasz Wolniewicz, 26-Jan-2015
- Re: [eduGAIN-discuss] Locations for 'local' eduGAIN metadata, Peter Schober, 26-Jan-2015
- Re: [eduGAIN-discuss] Locations for 'local' eduGAIN metadata, Tomasz Wolniewicz, 26-Jan-2015
- Re: [eduGAIN-discuss] Locations for 'local' eduGAIN metadata, Lukas Hämmerle, 26-Jan-2015
- Re: [eduGAIN-discuss] Locations for 'local' eduGAIN metadata, Peter Schober, 26-Jan-2015
- Re: [eduGAIN-discuss] Locations for 'local' eduGAIN metadata, Tom Scavo, 26-Jan-2015
- Re: [eduGAIN-discuss] Locations for 'local' eduGAIN metadata, Tom Scavo, 26-Jan-2015
Archive powered by MHonArc 2.6.19.