Skip to Content.
Sympa Menu

edugain-discuss - Re: [eduGAIN-discuss] Cryptographic strength of UK federation eduGAIN upstream

edugain-discuss AT lists.geant.org

Subject: An open discussion list for topics related to the eduGAIN interfederation service.

List archive

Re: [eduGAIN-discuss] Cryptographic strength of UK federation eduGAIN upstream


Chronological Thread 
  • From: Alex Stuart <Alex.Stuart AT jisc.ac.uk>
  • To: "edugain-discuss AT lists.geant.org" <edugain-discuss AT lists.geant.org>
  • Subject: Re: [eduGAIN-discuss] Cryptographic strength of UK federation eduGAIN upstream
  • Date: Tue, 7 Jun 2022 08:51:38 +0000
  • Accept-language: en-GB, en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=jisc.ac.uk; dmarc=pass action=none header.from=jisc.ac.uk; dkim=pass header.d=jisc.ac.uk; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=/H9zm1qkjx7Bkg2LW4HEiyPaxYNpoRcQ1zljmyEY8ng=; b=IxlIcfHLlFHgI0C323DCCsdR5kGscUqpX8mWC6y0npOi3pASwhM0508ZIdEHCNYKiCAmQnnRwGYiNcTXEIkj0n4AH+vHwUclgFrU2DlCeriU8cyz2Af2wCR3DQ83RlUwiQMYrEm2ZSuwkxz8jkrMpwXs1CqPX+NvafzpcBem8zBzLjjGXocT9R9eOinz9RQa034RrvJvYwZgHUp3qipDfjIVU+GGl8kFDSOyGozzyJM9IGWoiocUBikL2ZW51fdk2SBg0WKYTHLriiATgfPGRXQOFZx6R5M7+u2V3WctjIr/GMFKIOYLrUIIrZqpRDKsN7RDhZU8KZve4T0fXAUm1g==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=WFH5bWl+6k7PCIkvENjkN4e3kWGTdd39zNOopKPeLK9z8VZgs+lVnqRCHWLFytjfKQg2KNloFCLKXu7xil0TILzlREfVrp/2ua55L98YLU6vhHuQGIti7xXyFqB4AdKUoBdtfstV2wZKfDhDXGTdBQUPVrZMnqEFIzs5I+iWEboWeTGE1LalZwhQ7JpnLS5I/oIvcstzu5TNmQH8HG041mmzz+1E3v2kVtVNy2t3rP6njvoYYhYNBnEEZGy6+0xJELZQb2xTfM4xAX8bs6QhsfF5eKVx3M3FCJ54xF1IDgSlg2VznCgIh7PFHqFo9+43EtA4R5ZVPyhShLNIRVxbHg==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=jisc.ac.uk;

Hi Peter,

> On 4 Jun 2022, at 15:30, Peter Brand <peter.brand AT univie.ac.at> wrote:
>
> * Alex Stuart <Alex.Stuart AT jisc.ac.uk> [2022-06-03 16:48]:
>> We in the UK federation team are reviewing the cryptographic
>> strength of our metadata publication service. Integrity &
>> authenticity of our aggregates (including our eduGAIN upstream feed)
>> is provided by a 2K RSA key, SHA-256 signature and digest
>> algorithms.
>
> Note that your (or anyone's) eduGAIN upstream feed is the least of
> your concerns here as it should be able to be changed at any time,
> really, involving only the eduGAIN Operations Team and your own
> signing infrastructure.
>

It's actually a mid-level concern for us :-) We generate a few metadata feeds
that are used by our services and which are not published service endpoints.

Ian's 2012 post describing UK federation metadata aggregation
(https://iay.org.uk/blog/2012/08/uk-federation-metadata-aggregation/) doesn't
describe these newer XML metadata feeds nor the experimental JSON discovery
feeds, so it's probably worthwhile if I write a short blog on that.

Regards,
Alex


Alex Stuart (he/him)
Technical Development Manager (Trust and Identity)
alex.stuart AT jisc.ac.uk









Jisc is a registered charity (number 1149740) and a company limited by
guarantee which is registered in England under company number. 05747339, VAT
number GB 197 0632 86. Jisc’s registered office is: 4 Portwall Lane, Bristol,
BS1 6NB. T 0203 697 5800.


Jisc Services Limited is a wholly owned Jisc subsidiary and a company limited
by guarantee which is registered in England under company number 02881024,
VAT number GB 197 0632 86. The registered office is: 4 Portwall Lane,
Bristol, BS1 6NB. T 0203 697 5800.


Jisc Commercial Limited is a wholly owned Jisc subsidiary and a company
limited by shares which is registered in England under company number
09316933, VAT number GB 197 0632 86. The registered office is: 4 Portwall
Lane, Bristol, BS1 6NB. T 0203 697 5800.


For more details on how Jisc handles your data see our privacy notice here:
https://www.jisc.ac.uk/website/privacy-notice



Archive powered by MHonArc 2.6.19.

Top of Page