Refeds


Subject Re: an SP's home federation with respect to R&S
From Tom Scavo <trscavo@xxxxxxxxxxxxx>
Date Tue, 7 Oct 2014 13:06:01 -0400

On Tue, Oct 7, 2014 at 8:35 AM, Ian Young <ian@xxxxxxxxxx> wrote:
>
> On 7 Oct 2014, at 13:23, Tom Scavo <trscavo@xxxxxxxxxxxxx> wrote:
>
>> This is a question about Research & Scholarship (R&S). If a particular
>> SP registers metadata in multiple federations (with the same
>> entityID), which one of the federations determines the SP's
>> eligibility for R&S (if any)?
>
> I think it's fairly obvious that in that situation, each of the registrars will make their own determination.

I must be missing something then, because that's not at all obvious to
me. Only one federation can export an entity's metadata to eduGAIN, so
that federation in effect determines the SP's eligibility for R&S. The
rest is wasted time and effort, I think.

>> Exactly the above has happened. An SP has applied for R&S in the
>> InCommon federation but that same SP is already exported to eduGAIN by
>> another federation, without the R&S designation.
>>
>> Another way of asking the question is: does each SP have a home
>> federation with respect to R&S? If so, how is the home federation
>> determined?
>
> This isn't specifically about R&S, really, the same question could be asked about any other aspect of the metadata for the entity.

That's true but it doesn't diminish my original question.

> The question should really be whether we move to a general situation where SPs have a single home registrar rather than making multiple registrations.

Agreed.

> In this case, because I know you're talking about the UKf in the second paragraph, a simplified version of the question would be whether we should resolve this by working with the entity owner so that one or other of the federations takes responsibility for them, applies the R&S label (if appropriate) and exports to eduGAIN for the benefit of the other (and everyone else).

I think you're oversimplifying the problem. As of last Friday (10/3),
there were 10 R&S SPs in eduGAIN metadata. Using the MET tool (which
is barely usable, btw), I was able to determine that each R&S SP
belonged to the following number of federations:

 5 https://box-idp.nordu.net/simplesaml/module.php/saml/sp/metadata.php/default-sp
 5 https://connect.sunet.se/shibboleth
 6 https://connect-beta.sunet.se/shibboleth
17 https://e5.onthehub.com
 4 https://gw-astronomy.org/lists/shibboleth-sp
 4 https://gw-astronomy.org/shibboleth-sp
 5 https://gw-astronomy.org/wiki/shibboleth-sp
 5 https://sp.swamid.se/shibboleth
 4 https://sp-test.swamid.se/shibboleth
 5 https://webinar.nordu.net/shibboleth

Without investigating further, I can't tell which of these federations
are "source federations" for the SP in question or which are simply
importing the SP metadata from eduGAIN but clearly the problem is more
widespread than just a single SP, and it can only get worse.

My original questions still stands: Does each SP have a home
federation with respect to R&S? If so, how is the home federation
determined?

Tom