Skip to Content.
Sympa Menu

edugain-discuss - Re: [eduGAIN-discuss] Sizes of inline logos in eduGAIN metadata

edugain-discuss AT lists.geant.org

Subject: An open discussion list for topics related to the eduGAIN interfederation service.

List archive

Re: [eduGAIN-discuss] Sizes of inline logos in eduGAIN metadata


Chronological Thread 
  • From: Guy Halse <guy AT tenet.ac.za>
  • To: Alex Stuart <Alex.Stuart AT jisc.ac.uk>, Peter Schober <peter.schober AT univie.ac.at>
  • Cc: "edugain-discuss AT lists.geant.org" <edugain-discuss AT lists.geant.org>
  • Subject: Re: [eduGAIN-discuss] Sizes of inline logos in eduGAIN metadata
  • Date: Fri, 13 Mar 2020 11:23:38 +0200
  • Organization: Tertiary Education & Research Network of South Africa NPC

Hi

On 2020/03/10 19:29, Alex Stuart wrote:
# Number of inline logos, registrationAuthority
 241 https://federation.renater.fr/
 153 http://rr.aai.switch.ch/
  94 https://www.wayf.dk
  88 http://aai.grnet.gr/
  20 https://safire.ac.za

We're relatively high in that list, so I thought it worth sharing the bit from our aggregation practice statement that explains what we're doing:
To ensure the availability of logos within the Federation hub’s user interface (and in particular, on the user consent page) and on discovery pages, the aggregator caches logos specified by SAML-Metadata-MDUI-V1.0 metadata extensions. The local logo cache is used to replace logo URLs in metadata with their equivalent using the RFC 2397 data: URI scheme. Only logos whose file size is smaller than 50KiB and whose dimensions are declared as being larger than 48 and smaller than 305 pixels are cached.
In practice we now also verify the dimensions explicitly and fix up the height and width on the mdui:Logo elements where they disagree.

The original reason for this is really what Nick Roy said here:

On 2020/03/10 19:50, Nicholas Roy wrote:
+1 - the only reason to allow them IMO is for discovery services that are incapable of prefetching them.
but also because things don't degrade gracefully when the original entities' hosted logo is unavailable. This is a bigger problem in developing countries where connectivity can be more unreliable, and where change control procedures are more lax.

Nevertheless, we primarily do this for our own internal operations. If consensus is we should not publish them into eduGAIN, we can readily consider removing the caching from the eduGAIN feed.

I have considered an alternative, which I may implement in future -- rather than converting them to data: URLS, we could cache them and make them available via https:// from our own CDN (thus replacing the original URL with a new https:// one).

- Guy
--
Guy Halse
Executive Officer: Trust & Identity Tertiary Education & Research Network of South Africa NPC Fault Reporting: +27(21)763-7147 or support AT tenet.ac.za
Office: +27(21)763-7102
http://www.tenet.ac.za/contact
https://orcid.org/0000-0002-9388-8592

PNG image

PNG image

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature




Archive powered by MHonArc 2.6.19.

Top of Page