An open discussion list for topics related to the eduGAIN interfederation service.

[Tom Scavo <trscavo AT internet2.edu>]

On Wed, Jan 14, 2015 at 8:08 AM, Lukas Hämmerle
<lukas.haemmerle AT switch.ch> wrote:
> On 14.01.15 13:51, Tom Scavo wrote:
>>> Voilà: https://wiki.edugain.org/isFederatedCheck/Federations/
>>
>> "The assumption is that each organisation operates one Identity Provider."
>>
>> Not true, I'm afraid, and this will become "less true" going forward.
>
> And why is that in your opinion?

The recent release of Shib IdP V3 and new use cases for proxies and
gateways will increase the number of requests we receive for multiple
IdPs in metadata.

> Would be interested in some examples.

Well, InCommon has 385 IdPs spread across 366 organizations. The only
thing that keeps those two numbers relatively close to each other is
our habit of gently pushing back on a request for a second IdP.

Sorry if all this sounds like a crusade but I guess it is :-) Lack of
good entity names makes it difficult to design rational user
interfaces. Equating "Organization" with "Identity Provider" has led
to the awful situation we find ourselves in now, namely, the
widespread inappropriate use of the md:OrganizationDisplayName
element. We need to reverse that trend, and the best way to do that
(in my experience) is to stubbornly display the entityID (if
necessary) on the UI.

Tom