edugain-discuss AT lists.geant.org
Subject: An open discussion list for topics related to the eduGAIN interfederation service.
List archive
- From: Maarten Kremers <maarten.kremers AT surf.nl>
- To: Lukas Hämmerle <lukas.haemmerle AT switch.ch>
- Cc: "edugain-discuss AT lists.geant.org" <edugain-discuss AT lists.geant.org>
- Subject: Re: [eduGAIN-discuss] Guest and open IdPs in eduGAIN?
- Date: Mon, 16 May 2022 13:58:34 +0000
- Accept-language: nl-NL, en-US
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=surf.nl; dmarc=pass action=none header.from=surf.nl; dkim=pass header.d=surf.nl; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=f+3UCOmFuloA2DhPgB/8+5j5gIBXNA73EgqRI9bE5+o=; b=haZF4i7p3YRODWk7sZZSwbQ3FaQ86zu7xSrbxYha6R5N7TkBVCnmzexynk+o8ZV4JKHCIUclumiI866OBlglQS3JJN0E3HMxzMibPzpT+Ue1LLhhIHORw2FCG1UXYmm/0BUhUj4xk1z6lX71X8H0mpI380CFUFhiCNrc40vc8PrF5GywLnqkQ4oR/Jz7k8BDLpq7DSw0bFOXxRUPGUQD9rBbLLOcCZxSJNU9Ovrg7fEu4tUSkAiIvRA5/f8fCnD9+lxsjUHx65v17vTkCpZl1XL5+NA3470iJdd/Xz9XHjpRkwHtKFgq4KJY2xals3eRxEetvmM0MX4aeeKh4geZ/w==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=G49pxxxCSAaLKx3JPpEXxDmrHPQKI06a3bR5yX9Wh1IepSnK2yP8nBuyT7A7klXc38rhBWl1IQILoexSCpFLCwnLb8466h7RhlbdpGwpGyKTf2jrC5Y/reii/1HwHvQuqsrHld02dIqkHobynS7yiJAd834XD3bQp0LM8Fg50dio8DIOu/7yA7ndZrETi+gcgrViTf9JgT/S5WhF2ogoW1zi3u7eJU2FbewYhWj7wi57qvjQbhar4mJN2pdTq0Uso0pdRydgqzQocgSEHkev6ZWDHQMpHNfY89paRxsxKIl0pmLAJ0Kf17anAYrTm/LfQ4MjTO8SPFAmu80FtAMA3A==
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=surf.nl;
Hi Lukas
> On 16 May 2022, at 08:48, Lukas Hämmerle <lukas.haemmerle AT switch.ch> wrote:
>
> Hello all
>
> What is eduGAIN's current official policy and best-practice in terms of
> guest and open Identity Providers where just anyone can create an account?
>
> I as far as I see, there is nothing directly mentioned in the constitution
> and declaration regarding this point. One relevant document in this matter
> is the registration practice statement that each federation writes (and
> changes) on its own.
>
> The "Registration practice statement" of a federation declares which types
> of organisations are accepted in a federation. Assuming that a university
> or a federation operator itself would operate a guest IdP that allows just
> any user with a valid e-mail address to register an account, would this be
> ok? Or are there any limits on which attributes and values this IdP
> should/should not release?
>
> I know that there exist at least one guest IdP in eduGAIN (that releases
> just a limited set of attributes) and that probably more exist. Still, I'm
> interested in some current official response and view on this topic.
>
> The background of this question has to do with SWITCH edu-ID where we
> currently publish the university IdPs in eduGAIN but don't allow private
> identities (without university affiliation) to access eduGAIN services.
> There are library use cases where people (without university affiliation)
> need access to publisher resources (accessible via eduGAIN). Therefore, we
> are exploring the options how to allow access to these users.
How do you currently tackle the affiliation ? Which one do the institutional
users get (student AT university.ch ?) and which one guests (affiliate AT eduid.ch
?)
Cheers,
Maarten
>
>
> Best Regards
> Lukas
>
> --
> SWITCH
> Lukas Hämmerle, Trust & Identity
> Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland
> +41 44 268 15 64 lukas.haemmerle AT switch.ch http://www.switch.ch
—
Maarten Kremers
Technical Product Manager Trust & Identity
GÉANT Project Task Leader Trust & Identity Enabling Communities
SURF | E maarten.kremers AT surf.nl | T +31 30 88 787 3000 | Available: Mon -
Tue - Wed - Fri
SURF is the collaborative organisation for ICT in Dutch education and research
- Re: [eduGAIN-discuss] Guest and open IdPs in eduGAIN?, (continued)
- Re: [eduGAIN-discuss] Guest and open IdPs in eduGAIN?, Peter Brand, 16-May-2022
- Re: [eduGAIN-discuss] Guest and open IdPs in eduGAIN?, Lukas Hämmerle, 16-May-2022
- Re: [eduGAIN-discuss] Guest and open IdPs in eduGAIN?, Peter Brand, 16-May-2022
- Re: [eduGAIN-discuss] Guest and open IdPs in eduGAIN?, Davide Vaghetti, 16-May-2022
- Re: [eduGAIN-discuss] Guest and open IdPs in eduGAIN?, Lukas Hämmerle, 17-May-2022
- Re: [eduGAIN-discuss] Guest and open IdPs in eduGAIN?, Maarten Kremers, 16-May-2022
- RE: [eduGAIN-discuss] Guest and open IdPs in eduGAIN?, Pål Axelsson, 16-May-2022
- Re: [eduGAIN-discuss] Guest and open IdPs in eduGAIN?, Maarten Kremers, 16-May-2022
- RE: [eduGAIN-discuss] Guest and open IdPs in eduGAIN?, Pål Axelsson, 16-May-2022
- Re: [eduGAIN-discuss] Guest and open IdPs in eduGAIN?, Maarten Kremers, 16-May-2022
- RE: [eduGAIN-discuss] Guest and open IdPs in eduGAIN?, Pål Axelsson, 16-May-2022
- Re: [eduGAIN-discuss] Guest and open IdPs in eduGAIN?, Maarten Kremers, 16-May-2022
- RE: [eduGAIN-discuss] Guest and open IdPs in eduGAIN?, Pål Axelsson, 16-May-2022
- Re: [eduGAIN-discuss] Guest and open IdPs in eduGAIN?, Maarten Kremers, 05/16/2022
- Re: [eduGAIN-discuss] Guest and open IdPs in eduGAIN?, Lukas Hämmerle, 17-May-2022
- Re: [eduGAIN-discuss] Guest and open IdPs in eduGAIN?, Peter Brand, 16-May-2022
Archive powered by MHonArc 2.6.19.