An open discussion list for topics related to the eduGAIN interfederation service.

[Thilina Pathirana - LEARN <thilina AT learn.ac.lk>]

Hi Vlad,

The changes to MPRS was as a new revision but my numbering and dating
had an issue, so the correct one should be, version 1.2 on 8th May 2019
for the MPRS, my apologies for that.

Therefore, the changes were as follows,

> (1) Process for membership (Service Providers)
>
> In my earlier assessment (email of March 15th), I pointed out a
> mismatch between the MRPS (where section 3 says "The checks are
> conducted with a number of official databases including LEARN Member
> registry.") and the Federation Policy (where "any party" can join as
> Service Provider).
>
> These sections have not changed and it is still not clear how the
> legal name of the federation member would be checked.
Mismatch on documents were corrected, kept it as any party and now it
says that "LEARN management will decide the eligibility of the
applicant". This is also reflected on the webpage https://liaf.ac.lk/#join

> (2) Entity Management: using email vs FR
>
> This has not changed either - still, the MRPS says changes should be
> emailed to noc AT learn.ac.lk, while https://liaf.ac.lk/#join points to
> the Federation Registry.
>
>
> And, federated Login to Federation Registry still gives Internal
> Server Error... 
I kept the sole responsibility with the email address but the issue with
the federated login were corrected.

> (3) Getting the MRPS
>
> Still, the MRPS points to  https://liaf.ac.lk as the authoritative
> URL, but one has to navigate through "Join" -> "Federation Registry" -
> this is not at all obvious.
>
MPRS is now hosted at https://liaf.ac.lk/#metadata
> (4) And if possible, please make links in the MRPS PDF clickable (had
> to select the link text and paste into a browser)
This, I am not sure what the technical issue is with, for me it is
loading on the browser. For the safe side I fixed all those url's  to
open in a new tab.

> PS: Not sure if it's part of the website changes, but I now see it's
> quite hard to see links on the website - they're underlined with a
> very subtle color style - perhaps this could be made somewhat more
> visible?
changed the style.


Please let me know if I had missed or misunderstood anything.


Thanks,

Thilina


On 5/15/19 10:33 AM, Vladimir Mencl wrote:
>
> Hi Thilina,
>
> Sorry, I can't exactly see the changes - could you please let me know
> what you changed on the website and how it addresses my concerns?
>
> I was expecting (at least some of the issues) to be addressed by a
> newer revision of the MRPS - so please help me see how they're
> addressed by the website changes.
>
> Thanks a lot in advance!
>
> Cheers,
> Vlad
>
> PS: Not sure if it's part of the website changes, but I now see it's
> quite hard to see links on the website - they're underlined with a
> very subtle color style - perhaps this could be made somewhat more
> visible?
>
>
> On 9/05/19 22:09, Thilina Pathirana - LEARN wrote:
>> Dear Vlad,
>>
>> I have done those changes in the website ( https://liaf.ac.lk ) and can
>> you please check it.
>>
>>
>> Thanks
>>
>> Thilina
>>
>>
>> On 5/1/19 10:32 AM, Vladimir Mencl wrote:
>>>
>>> Hi Thilina,
>>>
>>> Thanks for all this work - and sorry about the delay in getting back
>>> to you; just got back from holidays.
>>>
>>> I see most of my concerns have been addressed.
>>>
>>> However, I still see several are still pending:
>>>
>>> (1) Process for membership (Service Providers)
>>>
>>> In my earlier assessment (email of March 15th), I pointed out a
>>> mismatch between the MRPS (where section 3 says "The checks are
>>> conducted with a number of official databases including LEARN Member
>>> registry.") and the Federation Policy (where "any party" can join as
>>> Service Provider).
>>>
>>> These sections have not changed and it is still not clear how the
>>> legal name of the federation member would be checked.
>>>
>>> (2) Entity Management: using email vs FR
>>>
>>> This has not changed either - still, the MRPS says changes should be
>>> emailed to noc AT learn.ac.lk, while https://liaf.ac.lk/#join points to
>>> the Federation Registry.
>>>
>>>
>>> And, federated Login to Federation Registry still gives Internal
>>> Server Error...
>>>
>>> (3) Getting the MRPS
>>>
>>> Still, the MRPS points to  https://liaf.ac.lk as the authoritative
>>> URL, but one has to navigate through "Join" -> "Federation Registry" -
>>> this is not at all obvious.
>>>
>>> (4) And if possible, please make links in the MRPS PDF clickable (had
>>> to select the link text and paste into a browser)
>>>
>>>
>>> Otherwise, I'm glad to see the progress made - and look forward to
>>> hearing from you on the remaining points.
>>>
>>> Cheers,
>>> Vlad
>>>
>>>
>>> On 10/04/19 17:22, Thilina Pathirana - LEARN wrote:
>>>> Dear Vlad and all,
>>>>
>>>> I did some changes to the policy and mrps as per the recommendations
>>>> and the unpublished documents are
>>>>
>>>> https://liaf.ac.lk/docs/Identity%20Federation%20Policy%20-LIAF%20v1.1.pdf
>>>>
>>>>
>>>>
>>>> https://liaf.ac.lk/docs/MRPS-LIAF1.2.pdf
>>>>
>>>> Please check them and if they are ok then I'll publish them.
>>>>
>>>> Also I have updated the key to 4K and the issue with the
>>>> md:EntitiesDescriptor / Name
>>>>
>>>> But I am stuck and will need some advice on updating the pyff script
>>>> to add mdrpi:PublicationInfo which gets stripped out during the
>>>> signing
>>>>
>>>>
>>>> Thanks,
>>>>
>>>> Thilina
>>>>
>>>> On 3/29/19 6:00 AM, Vladimir Mencl wrote:
>>>>>
>>>>> Hi Thilina,
>>>>>
>>>>> Sorry about not getting back to you on this earlier.
>>>>>
>>>>> On 18/03/19 23:33, Thilina Pathirana - LEARN wrote:
>>>>>>> * Section "5. Entity Eligibility and Validation"
>>>>>>>      I see this section deviates from the MRPS template,
>>>>>>> dropping any
>>>>>>> mention of IdP scope - both the clause in 5.1, and the whole
>>>>>>> section
>>>>>>> "5.3 Scope Format".
>>>>>>>
>>>>>>>       Was there a particular reason for omitting scope from the
>>>>>>> MRPS?
>>>>>> I was following the guidelines from
>>>>>> https://wiki.refeds.org/download/attachments/1605645/MRPS-templatev1.pdf?version=2&modificationDate=1516014622994&api=v2
>>>>>>
>>>>>>
>>>>>> and I am not sure there were any dropped parts. Please advice more
>>>>>> on this.
>>>>>
>>>>> Ah, I see - you've used a slightly earlier template, while I was
>>>>> looking at the latest (1.1) - as available e.g. at
>>>>>
>>>>> https://github.com/REFEDS/MRPS/blob/master/MRPS-templatev1.1.pdf
>>>>>
>>>>> As the master document is tracked on github, you can see the changes
>>>>> - the ones I'm referring to are essentially pull request #5:
>>>>>
>>>>> https://github.com/REFEDS/MRPS/pull/5/files
>>>>>
>>>>>
>>>>> I'd recommend adjusting to the latest template.
>>>>>
>>>>> Overall, I'll now leave the feedback with you and I'll wait to hear
>>>>> from you once the documents are ready for a new round of review.
>>>>>
>>>>> Cheers,
>>>>> Vlad
>>>>>
>>>>>
>>>> -- 
>>>> Thilina Pathirana
>>>> Network/Systems Engineer
>>>> Technical Assistance Center (TAC)
>>>> Lanka Education And Research Network (LEARN)
>>>> T: +94812003036 | M: +94770055755 | F: +94812385715
>>>> www.learn.ac.lk  |www.thilinapathirana.xyz
>>>>
>>>
>
-- 
Thilina Pathirana
Network/Systems Engineer
Technical Assistance Center (TAC)
Lanka Education And Research Network (LEARN)
T: +94812003036 | M: +94770055755 | F: +94812385715
www.learn.ac.lk | www.thilinapathirana.xyz

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature