An open discussion list for topics related to the eduGAIN interfederation service.

[Nick Roy <nroy AT internet2.edu>]

"A protocol should be conservative in its transmissions and clients should be 
liberal in their acceptance of incoming messages." or words to that effect. - 
Jon Postel.

Nick

On 23 Sep 2019, at 16:32, Peter Schober wrote:

> * Tomasz Wolniewicz <twoln AT umk.pl> [2019-09-23 22:12]:
>> eduGAIN validator was using a newer xml.xsd and the validation passed.
>>
>> So what is the correct approach here?
>
> As I said, the current Shibboleth SP release fails to load such
> metadata. Sure, we can try to get that changed upstream and then wait
> a few years until it's deployed everwhere where a Shib SP is running
> today, hoping such XML will never occur in the meantime. And even when
> it does and things break (SPs failing to update, leading to expired
> metadata days or weeks later) we can still tell the SP owners that
> we've let this error (or "former error") through on purpose because we
> don't consider it an error any more and they should get their software
> fixed. Let's see how that goes.
>
> Or... we could be as conservative as possible in what we publish to
> avoid any such breakage (to me that means not being liberal in what I
> accept, too), esp. in cases that make no sense at all (such as empty
> xml:lang="" XML attributes or other effects of improper tooling or
> human errors, not concious decisions that the XML should in fact look
> exactly like that).
>
> But I've already made those choices for my (or our federation), it's
> up to us all to decide how the MDS should behave being the man in the
> middle. If the MDS allows it that doesn't mean we can't filter it out
> in our local feeds, that merely raises the bar a bit further what it
> means to particiate in eduGAIN for member federations.
>
> Cheers,
> -peter [ offline for the next days ]

Attachment: signature.asc
Description: OpenPGP digital signature