edugain-discuss AT lists.geant.org

Subject: An open discussion list for topics related to the eduGAIN interfederation service.

List archive

RE: [eduGAIN-discuss] Question about federations' IdP members

From: Geoffroy ARNOUD <geoffroy.arnoud AT renater.fr>
To: edugain-discuss AT lists.geant.org
Subject: RE: [eduGAIN-discuss] Question about federations' IdP members
Date: Thu, 18 Nov 2021 08:41:42 +0100 (CET)
Dkim-filter: OpenDKIM Filter v2.10.3 zmtaout04.partage.renater.fr A732B140016

We had the same approach in France before: connecting to the NREN network allows to join Identity Federation and access to other services.

This changed, and now institutions can subscribe to a « services package », that allows to use our services – including identity federations, but also eduroam, and other digital services we propose.

Regards

Geoffroy

De : edugain-discuss-request AT lists.geant.org <edugain-discuss-request AT lists.geant.org> De la part de Leif Johansson
Envoyé : mercredi 17 novembre 2021 22:08
À : edugain-discuss AT lists.geant.org
Objet : Re: [eduGAIN-discuss] Question about federations' IdP members

On 2021-11-17 20:16, Valeriu Vraciu wrote:
> Hello,
>
> Please help us understand and act the best possible way in the following matter, maybe there are/were similar cases in other federations:
>
> EduGain is a service supported by GEANT, gathering identity federations established mainly by NRENs, so a reasonable conclusion is that beneficiary IdP institutions are members of NRENs or have some
> sort of relation with NREN. Please correct me if it is a wrong assumption.

Yeah mostly, although in some countries the NREN remit extend a bit beyond "traditional"
higher education to include related govt agencies, k12 etc.

>
> We have a request to join eduGain as an IdP from an accredited by the Ministry of Education private university, with which we did not have any relation (until this request). They are not connected to
> our network and do not use any service from us, so first reaction seems to be a no go. Any information regarding how other federations deal with such cases can help us to decide further.
> Our policy does not cover this case, maybe an update will be worth too.
>

In Sunet we would probably take a similar approach: the SWAMID federation is part of
the NREN service infra and as such requires that the customer is connected to the
network. I would not go as far as saying that there would *never* be a case when we
might bend that rule... but that would then probably be a decision at the board level
in our case.

As always ymwv, hope this helps.

Cheers Leif

[eduGAIN-discuss] Question about federations' IdP members, Valeriu Vraciu, 17-Nov-2021
- Re: [eduGAIN-discuss] Question about federations' IdP members, Leif Johansson, 17-Nov-2021
  - RE: [eduGAIN-discuss] Question about federations' IdP members, Geoffroy ARNOUD, 11/18/2021
    - Re: [eduGAIN-discuss] Question about federations' IdP members, Davide Vaghetti, 18-Nov-2021
    - Re: [eduGAIN-discuss] Question about federations' IdP members, Janos Mohacsi, 18-Nov-2021
      - Re: [eduGAIN-discuss] Question about federations' IdP members, Jan Oppolzer, 18-Nov-2021
- Re: [eduGAIN-discuss] Question about federations' IdP members, Peter Schober, 18-Nov-2021
- Re: [eduGAIN-discuss] Question about federations' IdP members, Guy Halse, 18-Nov-2021
- Re: [eduGAIN-discuss] Question about federations' IdP members, Albert Wu, 18-Nov-2021