An open discussion list for topics related to the eduGAIN interfederation service.

[Lukas Hämmerle <lukas.haemmerle AT switch.ch>]

On 10.08.16 15:02, Tom Scavo wrote:
>> Do you have an idea of how many organisations in InCommon
>> operate several IdPs and how many such organisations operate?
> 
> Yes, this is documented on our (dynamic) org info page:
> 
> https://incommon.org/federation/info/all-orgs.html

Looking at that page there are 12 IdPs with more than one IdP. 7 of them
have a second IdP with zTest in the name. Assuming that they also have
the hide-from-discovery EC set, some of the others have have an
additional guest/alumni/sub-organisation IdP. All in all, the number of
Orgs with multiple (non-test) IdPs is relatively low given the total
number of InCommon IdPs. So, I think this case might not considerably
distort the isFederatedCheck results.



> But I think I've (unintentionally) lured you into a rathole. All I'm
> really asking for is:
> 
> s^Organisations/Identity Providers^Identity Providers^
> 
> Do you agree?

It depends a bit on the question if we are talking about a "SAML
Identity Provider (in a SAML2 metadata file)" or about an "Identity
Provider" in general  :-)

Would you (and others) say that a federation like FEIDE with one single
SAML IdP should list 1 even though more than 400 organisations are
attached to it? Should we count these organisations whose LDAP/AD
directories are used by that one single SAML IdP also als "Identity
Provider". If your answer is "yes", then your proposed change would be
very easy to implement.



>>> - Can you add a row of totals at the bottom?
>>
>> What would you be most interested in? Just calculating the total would
>> be easy but in case you are interested in the total number of (unique)
>> IdPs in production federations, this would not be the total of the above
>> columns (some IdPs probably are in multiple federations).
> 
> Yes, I'm sure that's true but there can't be many such IdPs, right?

You are right, there are only the following such IdPs that are
registered in multiple federations (not counting eduGAIN as federation):

* https://idp.ens-lyon.fr/idp/shibboleth
* https://shibboleth.unifi.it/idp/shibboleth
* https://idp.dante.net/idp/shibboleth
* https://idp.unitedid.org/idp/shibboleth
* https://idp.infn.it/saml2/idp/metadata.php
* https://idp.hebis.de/uni-frankfurt
* urn:mace:incommon:internet2.edu


> (that's a rhetorical question) In any case, I think a total would be
> helpful. It gives an estimate of "all the IdPs in the world."

Ok, it's on the todo list.

Best Regards
Lukas


-- 
SWITCH
Lukas Hämmerle, Central Solutions
GÉANT Project Task Leader of
eduGAIN Service Development - Research and Service Providers
Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland
phone +41 44 268 15 05, direct +41 44 268 15 64
lukas.haemmerle AT switch.ch, http://www.switch.ch