Skip to Content.
Sympa Menu

metadata-support - Re: [Metadata-Support] SP Requesting DCV for On Prem Software

Subject: InCommon metadata support

List archive

Re: [Metadata-Support] SP Requesting DCV for On Prem Software


Chronological Thread 
  • From: Nick Roy <>
  • To: "" <>
  • Subject: Re: [Metadata-Support] SP Requesting DCV for On Prem Software
  • Date: Tue, 26 Mar 2019 14:08:03 +0000



On 26 Mar 2019, at 7:16, Cantor, Scott wrote:

> On 3/26/19, 8:02 AM, " on behalf of
> Garmer, Jack - garmercj" < on behalf
> of > wrote:
>>
>> So to clarify before passing this off to my manager, signing a DCV
>> provided by the vendor is not the same as giving them
>> rights to our domain (i.e, DCV != Power of Attorney), correct?
>
> Maybe I don't know what it is you're doing, because the fact that you'd ask
> that seems suspicious. What I'm talking about is InCommon asking you to
> place a TXT record on your DNS to serve as an approval that a given domain
> is authorized for use by another InCommon member asking to do so. If that's
> not what you're talking about, then I don't know what it is you're being
> asked to do.

Yes, you should not have to sign anything, and it's not remotely like a power
of attorney. The InCommon RA staff would contact the vendor with a nonce that
they'd ask them to place as a TXT record on the domain they intend to use in
the entityID of the SP. The vendor would then have to work with someone at
your organization to get the TXT record published. Then, InCommon staff
verifies the existence of the matching record on the domain specified. The
policy and process is described at:
https://spaces.at.internet2.edu/display/TI/TI.53.1

Nick

>
> -- Scott

Attachment: signature.asc
Description: OpenPGP digital signature




Archive powered by MHonArc 2.6.19.

Top of Page