edugain-discuss AT lists.geant.org
Subject: An open discussion list for topics related to the eduGAIN interfederation service.
List archive
- From: Wolfgang Pempe <pempe AT dfn.de>
- To: edugain-discuss AT lists.geant.org
- Subject: Re: [eduGAIN-discuss] R&S and Proxy IdP/SP
- Date: Wed, 31 May 2017 13:22:51 +0200
Hi,
some of the issues mentioned below are being addressed by the Snctfi framework, cf.
https://aarc-project.eu/wp-content/uploads/2017/05/AARC-Deliverable-DNA3.4-final.pdf
Cheers,
W.
Am 31.05.2017 um 12:59 schrieb Niels van Dijk:
Hi Jan,
As far as I am aware there is nothing in the spec that says that you
cannot. However, the owner/operator of that proxy *must* uphold R&S
regardless what the services behind the proxy are doing. Typically one
would need to lay out the exact or at least similar rules as described
in R&S to any of the parties behind the proxy. Another thing which might
help is if the proxy is not 1 entity(id) for all of the services, but
exposes a specific entity for each connected service in metadata. In
that way the individual services behind the proxy could signal R&S
compliance. Bottom line I think is that your fellow fed ops trust you to
make a judgement call on if you feel you can indeed allow the proxu to
carry R&S on the metadata you publish.
Cheers,
Niels
On 31-05-17 11:15, Jan Oppolzer wrote:
Hi,
I have a question about R&S entity category. Is it possible that a Proxy
IdP/SP in a federation is assigned R&S entity category?
From my point of view, as a federation operator, I don't like the idea
that we have a proxy entity assigned R&S and that the entity can "hide"
more services. I'm not sure that this is allowed, anyway.
Thank you,
Jan
--
---------------------------------------------------------------------
Wolfgang Pempe Phone : +49 30 884299-308
DFN-Verein Fax : +49 30 884299-370
Alexanderplatz 1 E-Mail : pempe AT dfn.de
D-10178 Berlin WWW : http://www.dfn.de
---------------------------------------------------------------------
--------------------- Deutsches Forschungsnetz ----------------------
--------- Germany's National Research and Education Network ---------
---------------------------------------------------------------------
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
- [eduGAIN-discuss] R&S and Proxy IdP/SP, Jan Oppolzer, 31-May-2017
- Re: [eduGAIN-discuss] R&S and Proxy IdP/SP, Niels van Dijk, 31-May-2017
- Re: [eduGAIN-discuss] R&S and Proxy IdP/SP, Wolfgang Pempe, 05/31/2017
- Re: [eduGAIN-discuss] R&S and Proxy IdP/SP, Niels van Dijk, 31-May-2017
Archive powered by MHonArc 2.6.19.