Skip to Content.
Sympa Menu

participants-research - RE: IdP discovery - list 'em all?

Subject: InC Research Participants

List archive

RE: IdP discovery - list 'em all?


Chronological Thread 
  • From: Paul Caskey <>
  • To: Scott Koranda <>, Tom Barton <>
  • Cc: "" <>
  • Subject: RE: IdP discovery - list 'em all?
  • Date: Thu, 1 Sep 2016 20:14:03 +0000
  • Accept-language: en-US
  • Authentication-results: spf=none (sender IP is ) ;
  • Ironport-phdr: 9a23:up9Iuh/V7W9ddP9uRHKM819IXTAuvvDOBiVQ1KB90OkcTK2v8tzYMVDF4r011RmSAtWdtqkP0reempujcFJDyK7JiGoFfp1IWk1NouQttCtkPvS4D1bmJuXhdS0wEZcKflZk+3amLRodQ56mNBX660e/5j8KGxj5KRE9ZqGsQtaT3IyL0LWJ8JrPf01rgyC0Z797ZEGtrgLLv88aiKNtL68wzl3CpX4eP6xqwmYgD1uJgxH6rpOs9pd57yNWk+8q989LWKr9Oak0UOoLIi4hNjUN7dDv/TLKVgiC9zNISm4fiRlFEiDE6g33RJH8rnG8u+ZgjnrJdfbqRKw5DGzxp5xgTwXl3WJeb2Y0
  • Spamdiagnosticmetadata: NSPM
  • Spamdiagnosticoutput: 1:99
The new/emerging baselines practices, in its current draft, will require
metadata accuracy, including contact addresses.

Now let the dialogue resume on what to do in cases on continued
non-compliance... :)

Sorry if this has already been discussed, just joined this list a few minutes
ago (didn't know it existed)...




> -----Original Message-----
> From:
>
> [
> ]
> On Behalf Of Scott Koranda
> Sent: Thursday, September 01, 2016 3:10 PM
> To: Tom Barton
> <>
> Cc:
>
> Subject: Re: IdP discovery - list 'em all?
>
> Hi,
>
> Thinking about it from the other direction, can we learn from the InCommon
> people on the list what processes are in place now or in the future to find
> and fix contact email addresses in metadata (for InCommon Participants) that
> bounce?
>
> It seems less than optimal to have users working through failed
> authentication flows with SPs as the only mechanism for finding problems
> with contact email addresses.
>
> Thanks,
>
> Scott K for LIGO
>
> > I'm interested to understand, if possible, what impedes resolution
> > when the user is given a reasonable error message and an email address
> > to communicate with about it (Jim, you said this has *never* yet been
> > successful, I think - yikes).
> >
> > Which address(es) is the user provided for contacting their IdP operator?
> > And what message text are they given in hopes that the two will lead
> > to resolution? Are those presented as "press here to send this message
> > to these addresses" or as instruction to send a message to those
> > addresses including the suggested text, or something else?
> >
> > Thanks,
> > Tom
> >
> > On 9/1/2016 2:37 PM, Basney, Jim wrote:
> > >On 9/1/16, 12:32 PM, Tom Mitchell wrote:
> > >>Yes, I like this. This allows a user to recognize that their
> > >>institution needs to do some work to support their research goals,
> > >>and possibly causes them to request of their institution that they
> > >>support these categories.
> > >>
> > >>Taking the other approach, where the identity provider doesn't show
> > >>up in discovery, will probably make the user go away or use an
> > >>unaffiliated identity provider for access. It does nothing to prompt
> > >>the identity provider to support these categories.
> > >Agreed. It helps when the contact email addresses in IdP metadata
> > >don't bounce. I learned today that one of the downsides of having the
> > >user send the email to their IdP operators is they give up when the email
> bounces...
> > >Good thing we have the user also CC us so we can follow-up.
> > >
> > >FWIW, I've reported the bouncing contact email addresses in InCommon
> > >metadata to
> > >.
> > >
> > >-Jim
> > >
> >
> >
>


Archive powered by MHonArc 2.6.19.

Top of Page