Subject Re: The Most Important Attribute
From Ian Young <ian@xxxxxxxxxx>
Date Thu, 7 Jul 2011 09:17:29 +0100

On 6 Jul 2011, at 23:37, David Chadwick wrote:

> They were asked about this, and the WAYF was mentioned.

I agree with Scott on this one: problems with central discovery services don't equate to "Shibboleth is too hard to use", this is a general problem with any system where there are more than a handful of IdPs.  We have always tried to push SPs to do their own discovery to try and take the edge off this problem, and the newer SP-embedded discovery work everyone is doing will help to some extent.  It has always been obvious that the "where are you from" model would get to be a serious problem at scale, though.

> The old one the UK used was difficult to find out where to go to - it presented a long list of over a 100 IDPs which you had to manually trawl through. I suspect that this was the primary cause.

The original, first-generation, UK federation WAYF did in fact have a (non-incremental) search box you could type in, although I suspect most people just used the drop-down list.  I think everyone agrees that got to be pretty bad even fairly early on: even in mid-2008 we had >275 IdPs in the list, not just "over 100", and now we have 675 IdPs.  Enumerating those just makes no sense at all any more.

What's interesting about this is that very few people (it's not just you) remember that the original UK WAYF did in fact have search.  Part of this seems to have been that it wasn't incremental, part of it that the search box was placed below the drop-down list.  It's surprising how much difference just moving things around changes the way UIs work for people.

> (The new WAYF is much better and has a search capability but is quite recent.)

The second-generation UK federation WAYF currently in use arrived last year, and as you say improves things a fair bit by adding incremental search, although the drop-down list is still there for die-hard traditionalists.  Honestly, though, I suspect the biggest change is that we moved the search box up above the drop-down list so that people are more likely to try it first and can discover that it's incremental.

The third-generation design I posted about here a few days back is now available for preview[1][2] and will go live in August.  As well as the MDUI support and removal of some decorative elements people just found distracting, a big change in this revision is to remove the drop-down list entirely unless you specifically ask for it by clicking on a link.  I dare say very few people will feel the need to do that.

	-- Ian



Attachment: smime.p7s
Description: S/MIME cryptographic signature