An open discussion list for topics related to the eduGAIN interfederation service.

[Peter Schober <peter.schober AT univie.ac.at>]

* Niels van Dijk <niels.vandijk AT surfnet.nl> [2018-05-08 16:23]:
> While testing with the eduGAIN metadata, I note the entity
> https://idp.vle.ase.md/saml/saml2/idp/metadata.php  has no DNS records,
> hence is totally not functional.

Also note that your conclusion above is incorrect: An entityID is a
name (of xsd:type anyURI), not a location. (Counter example:
"urn:mace:incommon:osu.edu" has no DNS record, so it must be totally
unfunctional, too?)

Such an entity could function perfectly fine if the protocol endpoints
were reachable.

Of course in this specific case it's obvious to humans that have
experience with SAML federations that the entityID here clearly is
using the auto-generated value from the deployed SAML implementation
(SimpleSAMLphp) and as such /will/ be based on its actual host name,
meaning it will /share/ that host name portion with its own protocol
endpoints, meaning those protocol endpoints will be just as
unreachable, resulting in the actual problem: Unreachable protocol
endpoints.

-peter