An open discussion list for topics related to the eduGAIN interfederation service.

[Martin Stanislav <ms AT uakom.sk>]

On Thu, Nov 07, 2019 at 04:51:27AM +0000, Chris Phillips wrote:
> Hi Terry and others.
> 
>  
> 
> It’s good to see the latest content being used for MRPS and leveraging the 
> SUNET tech profile.  I do have a question or two though..
> 
>  
> 
> Section 3 of the SafeID technology profile[1] has:
> 
>  
> All identity providers (home organizations and attribute authorities) MUST 
> fulfll the SAML V2.0 Interoperability Deployment Profle [3]. 
> All service providers SHOULD fulfll the SAML 2.0 Interoperability 
> Deployment Profle [3].
>  
> 
> Where [3] is http://saml2int.org/
> 
>  
> 
> Are you sure about the MUST statement around  *ALL* of saml2int.org for 
> IDPs?    

Peter's comment on how the reference to saml2int has made it into
the fed WebSSO technology profile is correct. But it's my mistake
I haven't amended the text on later edits (and the delayed joining
process itself as well). We'll change the profile and point to eduGAIN
SAML Profile as Pål has suggested as that's what matters in the interfed
context (and up the tech profile version to 1.1).

> While it sounds good and maybe early on safeID has the opportunity to 
> insist IdPs comply with this it may be challenging given how forward 
> looking saml2int.org is.

Yes, indeed. Going through the SAML2int 2.0 detail, demanding
it in full is very likely to raise the bar too high.

> SUNET’s latest tech profile[2] may be a good middle ground and uses a 
> SHOULD there and aligning would be much easier and guide IdPs to the right 
> direction overall.

Thanks for the guidance. SHOULD will be fine here.

Martin

> [1]  
> https://www.safeid.sk/doc/safeID-SAML-WebSSO-Technology-Profile-1.0.pdf 
> 
> [2] 
> https://www.sunet.se/wp-content/uploads/2015/12/SWAMIDSAMLWebSSOTechnologyProfile-1.0.pdf
> 
>  
> 
>  
> 
>  
> 
>  
> 
> From: <edugain-discuss-request AT lists.geant.org> on behalf of Terry Smith 
> <t.smith AT aaf.edu.au>
> Reply-To: Terry Smith <t.smith AT aaf.edu.au>
> Date: Thursday, October 24, 2019 at 4:20 AM
> To: "edugain-discuss AT lists.geant.org" <edugain-discuss AT lists.geant.org>
> Subject: [eduGAIN-discuss] Assessment of Slovenia / safeID
> 
>  
> 
> All, 
> 
>  
> 
> As eduGAIN Chair, I present to you the application of:
> 
> ·  Slovenia / safeID
> 
> You can find more detailed information about the federation under "eduGAIN 
> Candidates” at:
> 
>     https://technical.edugain.org/status.php
> 
> which contains links to their policy and MRPS.
> 
>  
> 
> I ask the following federations to specifically review the submission by 
> safeID:
> 
> ·  Canada/Canadian Access Federation (CAF)
> 
> ·  Chile/COFRe
> 
> ·  China/CARSI
> 
> ·  Colombia/ColFIRE
> 
> ·  Croatia/AAIEduHr
> 
>  
> 
> These federations might feel a sense of déjà vu. That's because back in 
> June 2015, CAF, COFRe and ColFIRE were part of the assessment of safeID 
> (along with Belnet & CAFe - but they are now working on the CSTCloud 
> assessment I sent recently).
> 
>  
> 
> For those with access to the eduGAIN Steering Group mailing list archive 
> you can see the original thread at:
> 
>    https://lists.geant.org/sympa/arc/edugain-sg/2015-06/msg00005.html
> 
> and
>    https://lists.geant.org/sympa/arc/edugain-sg/2017-05/msg00012.html
> 
>  
> 
> It would be great to finally end the chapter on the assessment of safeID 
> and complete their eduGAIN membership to support the SANET community.
> 
>  
> 
> All eduGAIN members can (and should) provide feedback but the above five 
> (5) federations have a specific responsibility. 
> 
>  
> 
> If you have any questions please contact the safeID team (Martin Stanislav 
> and Peter Kopáč) who are subscribed to this mailing list. 
> 
>  
> 
> Formal components of the membership process will be via the eduGAIN 
> Steering Group mailing list.  
> 
>  
> 
> Thanks,
> 
> Terry. 
> 
>  
> 
> Terry Smith | Technical Engagement and Support Manager | Australian Access 
> Federation Ltd 
> 
> Mob:  0414 692 424 | Email t.smith AT aaf.edu.au |  ORCID: 
> orcid.org/0000-0001-5971-4735
> 
> Web: http://www.aaf.edu.au | Support: http://support.aaf.edu.au  | Twitter: 
> http://twitter.com/ausaccessfed
> 
> Mail: Level 21 179 Turbot Street | Brisbane QLD 4000 | Australia
> 
>  
>