Per-Entity Metadata Working Group

[Tom Scavo <>]

On Wed, Jul 27, 2016 at 12:27 PM, Cantor, Scott 
<>
 wrote:
>
> I heard the points being made about the system now tolerating short outages

Well, no, let's be clear: the system we have now can tolerate very
long outages, on the order of hours or days (not minutes). Our
(current) infrastructure is based on that fact.

> but I don't think the best solution is going to be to make every client 
> tolerate that.

That may be true, and I would like to discuss that more, if for no
other reason than to manage expectations.

I've had multiple people (whom I respect) respond in exactly the same
way: What's Plan B if the MDQ server fails? We (as deployers) want to
load the aggregate up front, right?

I didn't correct them when they reacted like that because honestly I'm
not sure what our goals are. That's why we're here, right?

> If we really, really don't think we can do this, then I think we need to 
> shift more radically toward metadata at the endpoints. That's never been 
> something I object to, though I do object to self-asserting it. But that 
> was something that a lot of us spent time thinking about, and at the time, 
> the conclusion was "that's just not practical for most deployers, they 
> don't want to bother with it". Maybe that's changed, but I wouldn't say 
> there's any actual evidence either way.

Well, that's the way the OIDC world is going, so I think it's worth
having a discussion on that topic if nothing else.

Tom