Skip to Content.
Sympa Menu

edugain-discuss - Re: [eduGAIN-discuss] IdP without DNS records

edugain-discuss AT lists.geant.org

Subject: An open discussion list for topics related to the eduGAIN interfederation service.

List archive

Re: [eduGAIN-discuss] IdP without DNS records


Chronological Thread 
  • From: Scott Koranda <skoranda AT gmail.com>
  • To: Peter Schober <peter.schober AT univie.ac.at>
  • Cc: edugain-discuss AT lists.geant.org
  • Subject: Re: [eduGAIN-discuss] IdP without DNS records
  • Date: Tue, 8 May 2018 10:53:48 -0500
  • Authentication-results: prod-mail.geant.net (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com

> * Scott Koranda <skoranda AT gmail.com> [2018-05-08 17:36]:
> > In the meantime, we use pyFF to create our own MDQ service and we
> > filter those IdPs out ourselves.
>
> What "those IDPs"?

IdPs that do not have endpoints and/or logos that are resolvable in DNS.

> Those whose endpoints are reachable by 100% of
> their user community, and whose logos are reachable globally?

That user community is not my user community.

> Or any IDP where the logo does not resolve at the time you test it?

We generally begin to filter them out after they have not resolved for
some time and the effect on the discovery service has been noticed by
humans. We do some due diligence, notify the IdP registrar, and then
begin filtering them out.

> Or yet again some other set of entities that you feel violate some rule?

I don't feel they violate some rule.

I observe that we find these IdPs from time-to-time in the metadata
aggregates and it degrades the performance of our discovery service so
we take action to provide our users a better experience.

As part of that effort we try to partner with registrars and work with
the community. I have not made any demands of eduGAIN. I asked if you
would consider the "hide from discovery" tag. You explained why you
would not. I appreciate that dialogue.

Thanks,

Scott K



Archive powered by MHonArc 2.6.19.

Top of Page