InC Research Participants

["Cantor, Scott" <>]

On 9/1/16, 12:09 PM, 
"
 on behalf of Basney, Jim" 
<
 on behalf of 
>
 wrote:

>    CILogon will soon be listing all InCommon IdPs, except those tagged
>    hide-from-discovery, on our discovery interface at 
> <https://cilogon.org/>.
>    We're also going to start whitelisting eduGAIN IdPs using the
>    research-and-scholarship and sirtfi tags. Details at
>    <http://www.cilogon.org/news/expanding-idps>. I'm interested in any
>    comments on our plans.

The page there says "The R&S and Sirtfi prerequisites are in place to satisfy 
IGTF traceability and uniqueness requirements.", and I was curious why that 
applies only to eduGAIN and not InCommon IdPs.

 
>   I fear our requirement, from IGTF, to whitelist only eduGAIN IdPs with
>   both the research-and-scholarship and sirtfi tags is sending us down the
>   whitelisting path again, when we should be listing all IdPs and handling
>   the errors. Maybe we should list all the eduGAIN IdPs then show an error
>   page if users select an IdP that doesn't support research-and-scholarship
>   and sirtfi? Maybe that's something we can do when sirtfi is more widely
>   adopted.

Maybe related to my question above. I noticed the same disconnect, but it 
sounds like there's a policy reason you can't let them succeed anyway, so 
it's more a case of error behavior. I would agree that it seems confusing to 
hide those IdPs in a way that doesn't clarify to the user what's going on.

In that vein, maybe it makes more sense, if you're going to whitelist on the 
basis of an attribute on-boarding process, to still give people the chance to 
select a non-boarded IdP and then simply say "not boarded, this is what's got 
to happen first..."
 
-- Scott