An open discussion list for topics related to the eduGAIN interfederation service.

[Vladimir Mencl <vladimir.mencl AT reannz.co.nz>]

Hi Thilina,

Sorry, I can't exactly see the changes - could you please let me know 
what you changed on the website and how it addresses my concerns?

I was expecting (at least some of the issues) to be addressed by a newer 
revision of the MRPS - so please help me see how they're addressed by 
the website changes.

Thanks a lot in advance!

Cheers,
Vlad

PS: Not sure if it's part of the website changes, but I now see it's 
quite hard to see links on the website - they're underlined with a very 
subtle color style - perhaps this could be made somewhat more visible?


On 9/05/19 22:09, Thilina Pathirana - LEARN wrote:
> Dear Vlad,
>
> I have done those changes in the website ( https://liaf.ac.lk ) and can
> you please check it.
>
>
> Thanks
>
> Thilina
>
>
> On 5/1/19 10:32 AM, Vladimir Mencl wrote:
> > Hi Thilina,
> >
> > Thanks for all this work - and sorry about the delay in getting back
> > to you; just got back from holidays.
> >
> > I see most of my concerns have been addressed.
> >
> > However, I still see several are still pending:
> >
> > (1) Process for membership (Service Providers)
> >
> > In my earlier assessment (email of March 15th), I pointed out a
> > mismatch between the MRPS (where section 3 says "The checks are
> > conducted with a number of official databases including LEARN Member
> > registry.") and the Federation Policy (where "any party" can join as
> > Service Provider).
> >
> > These sections have not changed and it is still not clear how the
> > legal name of the federation member would be checked.
> >
> > (2) Entity Management: using email vs FR
> >
> > This has not changed either - still, the MRPS says changes should be
> > emailed to noc AT learn.ac.lk, while https://liaf.ac.lk/#join points to
> > the Federation Registry.
> >
> >
> > And, federated Login to Federation Registry still gives Internal
> > Server Error...
> >
> > (3) Getting the MRPS
> >
> > Still, the MRPS points to  https://liaf.ac.lk as the authoritative
> > URL, but one has to navigate through "Join" -> "Federation Registry" -
> > this is not at all obvious.
> >
> > (4) And if possible, please make links in the MRPS PDF clickable (had
> > to select the link text and paste into a browser)
> >
> >
> > Otherwise, I'm glad to see the progress made - and look forward to
> > hearing from you on the remaining points.
> >
> > Cheers,
> > Vlad
> >
> >
> > On 10/04/19 17:22, Thilina Pathirana - LEARN wrote:
> > > Dear Vlad and all,
> > >
> > > I did some changes to the policy and mrps as per the recommendations
> > > and the unpublished documents are
> > >
> > > https://liaf.ac.lk/docs/Identity%20Federation%20Policy%20-LIAF%20v1.1.pdf
> > >
> > >
> > > https://liaf.ac.lk/docs/MRPS-LIAF1.2.pdf
> > >
> > > Please check them and if they are ok then I'll publish them.
> > >
> > > Also I have updated the key to 4K and the issue with the
> > > md:EntitiesDescriptor / Name
> > >
> > > But I am stuck and will need some advice on updating the pyff script
> > > to add mdrpi:PublicationInfo which gets stripped out during the signing
> > >
> > >
> > > Thanks,
> > >
> > > Thilina
> > >
> > > On 3/29/19 6:00 AM, Vladimir Mencl wrote:
> > > > Hi Thilina,
> > > >
> > > > Sorry about not getting back to you on this earlier.
> > > >
> > > > On 18/03/19 23:33, Thilina Pathirana - LEARN wrote:
> > > > > > * Section "5. Entity Eligibility and Validation"
> > > > > >      I see this section deviates from the MRPS template, dropping any
> > > > > > mention of IdP scope - both the clause in 5.1, and the whole section
> > > > > > "5.3 Scope Format".
> > > > > >
> > > > > >       Was there a particular reason for omitting scope from the MRPS?
> > > > > I was following the guidelines from
> > > > > https://wiki.refeds.org/download/attachments/1605645/MRPS-templatev1.pdf?version=2&modificationDate=1516014622994&api=v2
> > > > >
> > > > > and I am not sure there were any dropped parts. Please advice more
> > > > > on this.
> > > >
> > > > Ah, I see - you've used a slightly earlier template, while I was
> > > > looking at the latest (1.1) - as available e.g. at
> > > >
> > > > https://github.com/REFEDS/MRPS/blob/master/MRPS-templatev1.1.pdf
> > > >
> > > > As the master document is tracked on github, you can see the changes
> > > > - the ones I'm referring to are essentially pull request #5:
> > > >
> > > > https://github.com/REFEDS/MRPS/pull/5/files
> > > >
> > > >
> > > > I'd recommend adjusting to the latest template.
> > > >
> > > > Overall, I'll now leave the feedback with you and I'll wait to hear
> > > > from you once the documents are ready for a new round of review.
> > > >
> > > > Cheers,
> > > > Vlad
> > > --
> > > Thilina Pathirana
> > > Network/Systems Engineer
> > > Technical Assistance Center (TAC)
> > > Lanka Education And Research Network (LEARN)
> > > T: +94812003036 | M: +94770055755 | F: +94812385715
> > > www.learn.ac.lk  |www.thilinapathirana.xyz

--
Vladimir Mencl
Senior Software Engineer

Research & Education
Advanced Network NZ Ltd

M +64 21 997352
E  vladimir.mencl AT reannz.co.nz
www.reannz.co.nz