edugain-discuss AT lists.geant.org

Subject: An open discussion list for topics related to the eduGAIN interfederation service.

List archive

Re: [eduGAIN-discuss] Locations for 'local' eduGAIN metadata

From: Tom Scavo <trscavo AT internet2.edu>
To: Tomasz Wolniewicz <twoln AT umk.pl>
Cc: "edugain-discuss AT geant.net" <edugain-discuss AT geant.net>
Subject: Re: [eduGAIN-discuss] Locations for 'local' eduGAIN metadata
Date: Fri, 16 Jan 2015 10:53:43 -0500
Authentication-results: prod-mail.geant.net (amavisd-new); dkim=pass header.i= AT gmail.com
List-archive: <http://mail.geant.net/pipermail/edugain-discuss/>
List-id: "An open discussion list for topics related to the eduGAIN interfederation service." <edugain-discuss.geant.net>

On Fri, Jan 16, 2015 at 8:27 AM, Tomasz Wolniewicz <twoln AT umk.pl> wrote:
>
> W dniu 2015-01-15 o 19:37, Tom Scavo pisze:
>>
>>> For each of the languages I will show MDUI DisplayName if exists in a
>>> given language and OrganizationDisplayName (for the given language)
>>> otherwise.
>>
>> For IdPs, this makes sense, but for SPs, it does not. Falling back to
>> OrgDisplayName for SPs only serves to perpetuate a very bad practice
>> IMO.
>
> I have counted exactly 800 SPs which have nothing but
> OrganizationDisplayName and only 328 that do have MDUI DisplayName
> therefore I will have no option but to proceed the way I proposed, I think.

Why not just display entityID if there is no MDUI DisplayName?

This is a golden opportunity to actually make a dent in this problem.
Displaying metadata on web page is a powerful motivation for change.

For the record, the suggested precedence "algorithms" are:

IdPs: mdui:DisplayName => md:OrgDisplayName => entityID
SPs: mdui:DisplayName => md:ServiceName => entityID

See section 2.4 of the OASIS SAML V2.0 Metadata Extensions for Login
and Discovery User Interface:

https://wiki.oasis-open.org/security/SAML2MetadataUI

Hope this helps,

Tom

Re: [eduGAIN-discuss] Locations for 'local' eduGAIN metadata, (continued)