An open discussion list for topics related to the eduGAIN interfederation service.

[Peter Schober <peter.schober AT univie.ac.at>]

* Peter Schober <peter.schober AT univie.ac.at> [2018-04-13 17:53]:
> And while you still might find quite a few Filesender instances in
> eduGAIN almost all of them are unusable by default, on a scale that
> warrants its own posting (forthcoming).

Here goes:

There currently are 11 Filesender instances published via eduGAIN.
I managed to successfully log in into exactly 1 of them (InCommon).
(2 more could possibly have worked by adding manual attribute release
rules to my IDP.)

The reasons for 10 failures out of 11 are as follows:

* Doesn't allow choice of not-local-federation IDPs (Haka,
  Renater, AFIRE/ASNET, RENU, IRFED) or only lists a handful of IDPs
  that may or may not involve entities from other federations (URAN).
  All except maybe the last one (URAN) have no business being
  in eduGAIN, IMO.

* Doesn't have an Entity Category to motivate attribute release
  (RedCLARA), or has neither an internationally recognised Entity
  Category nor any RequestedAttribute elements at all (CESNET).
  Those are not errors per se, but I'd still question why those are
  exposed to eduGAIN at all.

* Doesn't load eduGAIN metadata (RENAM, CESNET's v2 instance)
  Clearly errors. Load eduGAIN-enabled metadata or remove the entity
  from eduGAIN.
 
Personally I hope that this rather sorry state of affairs is more due
to my previous claim that Filesender does not lend itself well to
inter-federated access (as you'll want a fast and therefore often
local network connection to the filesender instance, especially for
the upload part, which also is the part where authentication is
required) and that this is therefore not representative for eduGAIN in
general.
Realising that doesn't change the bad aftertaste left from such a
simple excercise, with a rather epic fail (1 out of 11 working for
me, 2 out of 22 for people who release whatever an SP states in
RequestedAttributes).

-peter