metadata-support - Re: [Metadata-Support] UK Federation and InCommon
Subject: InCommon metadata support
List archive
- From: Mike Flynn <>
- To:
- Subject: Re: [Metadata-Support] UK Federation and InCommon
- Date: Thu, 25 Feb 2016 10:46:49 -0800
- Authentication-results: mail322.prod x-tls.subject="/C=US/ST=California/L=Mountain View/O=Google Inc/CN=smtp.gmail.com"; auth=pass (cipher=ECDHE-RSA-AES128-GCM-SHA256)
- Authentication-results: mail322.prod.linkedin.com; iprev=pass policy.iprev="209.85.220.172"; spf=softfail smtp.mailfrom="" smtp.helo="mail-qk0-f172.google.com"; dkim=none (message not signed) header.d=none; tls=pass (verified) key.ciphersuite="TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256" key.length="128" tls.v="tlsv1.2" cert.client="C=US,ST=California,L=Mountain View,O=Google Inc,CN=smtp.gmail.com" cert.clientissuer="C=US,O=Google Inc,CN=Google Internet Authority G2"
I thought I was subscribed. I was still getting the emails. Anyway, resubscribed now. I guess my home would be InCommon. So are you saying I can drop the UK fed metadata loading on my SP as I will pick up all the UK Fed's IDPs via the new InCommon metadata that has eduGAIN in it?
On Thu, Feb 25, 2016 at 9:53 AM, Tom Scavo <> wrote:
[Mike, can you please subscribe to this mailing list?]
On Thu, Feb 25, 2016 at 12:26 PM, Mike Flynn <> wrote:
> Well... as an SP, I load UK Federation and incommon which include edugain.
> InCommon is my home since I am US based. It's just taking a really long
> time to load this stuff now. if there is redundancy I want to eliminate it
> if possible.
We're talking about two different things here. Ian and I were
discussing the metadata you publish to the world. Currently you have
at least two metadata sources to maintain. Ideally you should have ONE
global metadata source.
OTOH, you're asking how to configure your SP for metadata refresh (I
think). If you are currently loading both the UKf metadata file and
the InCommon metadata file, yes, your system is doing a bunch of
unnecessary work. You should load just one of those files. Which one
depends on your "home" federation.
Hope this helps,
Tom
> On Thu, Feb 25, 2016 at 9:18 AM, Ian Young <> wrote:
>>
>>
>> On 25 Feb 2016, at 16:48, Mike Flynn <> wrote:
>>
>> Since the UK federation now includes InCommon, can I drop the separate
>> loading of InCommon?
>>
>>
>> You almost certainly don't need to load both, but you can probably pick
>> either to load as both federations have an opt-out policy for IdPs.
>>
>> There will be some IdPs that appear in one federation aggregate but not
>> the other, and you should check those against your customer list before
>> deciding. For example, there are still a number of SAML 1 only IdPs in the
>> UKf which don't appear in InCommon at this point, but the great majority of
>> those are part of a service run by Eduserv which are being converting to
>> SAML 2 at a pretty rapid rate. So within the next couple of months, the UKf
>> and InCommon aggregates will have very similar IdP collections.
>>
>> In the long run, obviously what we all want is that you'd pick the
>> federation which is most obviously your "home" federation, register with
>> that and get global reach by just consuming metadata from that single
>> source. We're probably closer to that point than you might think.
>>
>> -- Ian
>>
>
>
>
> --
> Mike Flynn
>
> linkedIn / lynda.com
>
> Internal Extension: 359
> O. 805-755-1515
> C. 805-990-4566
- [Metadata-Support] UK Federation and InCommon, Mike Flynn, 02/25/2016
- Re: [Metadata-Support] UK Federation and InCommon, Ian Young, 02/25/2016
- Re: [Metadata-Support] UK Federation and InCommon, Mike Flynn, 02/25/2016
- Re: [Metadata-Support] UK Federation and InCommon, Tom Scavo, 02/25/2016
- Re: [Metadata-Support] UK Federation and InCommon, Mike Flynn, 02/25/2016
- Re: [Metadata-Support] UK Federation and InCommon, Ian Young, 02/25/2016
- Re: [Metadata-Support] UK Federation and InCommon, Tom Scavo, 02/25/2016
- Re: [Metadata-Support] UK Federation and InCommon, Nick Roy, 02/25/2016
- Re: [Metadata-Support] UK Federation and InCommon, Mike Flynn, 02/25/2016
- Re: [Metadata-Support] UK Federation and InCommon, Nick Roy, 02/25/2016
- Re: [Metadata-Support] UK Federation and InCommon, Mike Flynn, 02/25/2016
- Re: [Metadata-Support] UK Federation and InCommon, Tom Scavo, 02/25/2016
- Re: [Metadata-Support] UK Federation and InCommon, Mike Flynn, 02/25/2016
- Re: [Metadata-Support] UK Federation and InCommon, Tom Scavo, 02/25/2016
- Re: [Metadata-Support] UK Federation and InCommon, Ian Young, 02/25/2016
Archive powered by MHonArc 2.6.16.