Interfederation

[Tom Scavo <>]

This message is a response to ScottK's comments added to the document
"New InCommon IdPs":

https://docs.google.com/document/d/1hxuabtoj-AVArPWKPgbGrpYIDKTip_pIdZpBLapvoB8/edit?usp=sharing

I wanted to address those here, on the mailing list, to avoid diving
into the weeds on Wednesday's interfed call.

In reverse order:

1) A security contact is not required in metadata and there are no
plans to change that. Honestly, I think Federated Security Incident
Response needs its own working group.

2) I know about the LIGO use case involving SAML artifact. It's a
legitimate use case but AFAIK it's very much the exception rather than
the rule, and so requiring artifact support of all IdPs in the
Federation doesn't seem to be justified. If you really need artifact
at your SP, put a simple IdP Proxy in front of your service that
supports artifact.

3) I don't know about the LIGO use case involving attribute query. Can
you explain that briefly?

Thanks Scott.

Tom