Skip to Content.

edugain-discuss - Re: [eduGAIN-discuss] eduGAIN Connectivity Check Service for individual SPs

edugain-discuss AT lists.geant.org

Subject: An open discussion list for topics related to the eduGAIN interfederation service.

List archive


Re: [eduGAIN-discuss] eduGAIN Connectivity Check Service for individual SPs


Chronological Thread 
    < Chronological >      < Thread >
  • From: Peter Schober <peter.schober AT univie.ac.at>
  • To: edugain-discuss AT lists.geant.org
  • Subject: Re: [eduGAIN-discuss] eduGAIN Connectivity Check Service for individual SPs
  • Date: Fri, 3 Mar 2017 14:08:17 +0100
  • Authentication-results: prod-mail.geant.net (amavisd-new); dkim=pass (1024-bit key) header.d=univie.ac.at
  • Organization: ACOnet
* Jozef Misutka <misutka AT ufal.mff.cuni.cz> [2017-03-03 11:43]:
> we just resolved an issue with metadata and key rollover process in
> several federations.

From Ondřej's description of that experience:
http://shibboleth.net/pipermail/users/2017-March/034578.html
it is clear that some federations (on this list) are to blame for any
problems you ran into, since they denied you the possibility to
perform a proper key rollover (by not allowing more than one
certificate for the SP, at least according to Ondřej).

So if that is in fact true then someone will have to work with those
federations to get them to stop creating problems for their own members!

Jozef, could you please identify (e.g. to Brook or to the eduGAIN
Operations Team, https://technical.edugain.org/contact) those
federations that only allow for a single key in metadata, and we can
work with them to getting that fixed.
-peter

Attachment: signature.asc
Description: Digital signature


Archive powered by MHonArc 2.6.19.

Top of Page