per-entity - RE: [Per-Entity] implementing a cache on the client
Subject: Per-Entity Metadata Working Group
List archive
- From: "Cantor, Scott" <>
- To: David Walker <>, "" <>
- Subject: RE: [Per-Entity] implementing a cache on the client
- Date: Thu, 4 Aug 2016 20:19:17 +0000
- Accept-language: en-US
- Authentication-results: spf=pass (sender IP is 164.107.81.210) smtp.mailfrom=osu.edu; incommon.org; dkim=none (message not signed) header.d=none;incommon.org; dmarc=bestguesspass action=none header.from=osu.edu;
- Spamdiagnosticmetadata: NSPM
- Spamdiagnosticoutput: 1:99
> * IdP and SP administrators will need to do something to take
> advantage of per-entity metadata distribution. Even assuming we don't ask
> them (or their institutions) to run the distribution layer, they still have
> significant work to do.
I would not agree that a few config changes is significant work. Getting
people to do it is a hassle, but that's not because it's hard, it takes a
couple of minutes to do the change. If you're thinking in terms of some kind
of large scale testing activity by every site, we can't go into this with
that expectation.
The most significant work would be if we change the signing key, but that's
work "in theory" since in practice people don't carefully validate trust
anchors just because they should.
> * If we did ask them to run their part of the distribution layer, we
> could
> provide them with an instrumented VM container.
Still a non-starter IMHO. What you'd have to do is force us to built it into
the software, essentially.
-- Scott
- Re: [Per-Entity] implementing a cache on the client, Thomas Lenggenhager, 08/04/2016
- RE: [Per-Entity] implementing a cache on the client, Cantor, Scott, 08/04/2016
- Re: [Per-Entity] implementing a cache on the client, Tom Scavo, 08/04/2016
- RE: [Per-Entity] implementing a cache on the client, Cantor, Scott, 08/04/2016
- Re: [Per-Entity] implementing a cache on the client, Walter Forbes Hoehn (wassa), 08/04/2016
- Re: [Per-Entity] implementing a cache on the client, Chris Phillips, 08/04/2016
- RE: [Per-Entity] implementing a cache on the client, Cantor, Scott, 08/04/2016
- Re: [Per-Entity] implementing a cache on the client, Chris Phillips, 08/04/2016
- Re: [Per-Entity] implementing a cache on the client, David Walker, 08/04/2016
- RE: [Per-Entity] implementing a cache on the client, Cantor, Scott, 08/04/2016
- Re: [Per-Entity] implementing a cache on the client, David Walker, 08/04/2016
- Re: [Per-Entity] implementing a cache on the client, Nick Roy, 08/04/2016
- Re: [Per-Entity] implementing a cache on the client, Tom Mitchell, 08/05/2016
- Re: [Per-Entity] implementing a cache on the client, Cantor, Scott, 08/05/2016
- Re: [Per-Entity] implementing a cache on the client, Tom Mitchell, 08/05/2016
- RE: [Per-Entity] implementing a cache on the client, Cantor, Scott, 08/05/2016
- Re: [Per-Entity] implementing a cache on the client, Patrick Radtke, 08/08/2016
- Re: [Per-Entity] implementing a cache on the client, Nick Roy, 08/08/2016
- Re: [Per-Entity] implementing a cache on the client, Patrick Radtke, 08/08/2016
- RE: [Per-Entity] implementing a cache on the client, Cantor, Scott, 08/04/2016
- Re: [Per-Entity] implementing a cache on the client, David Walker, 08/04/2016
- Re: [Per-Entity] implementing a cache on the client, Chris Phillips, 08/04/2016
- RE: [Per-Entity] implementing a cache on the client, Cantor, Scott, 08/04/2016
- Re: [Per-Entity] implementing a cache on the client, Tom Scavo, 08/04/2016
- RE: [Per-Entity] implementing a cache on the client, Cantor, Scott, 08/04/2016
Archive powered by MHonArc 2.6.19.