Published on

Update on the UK position on eduGain

Published in: Education, Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide


  1. 1. eduGain Update Nicole and Ian
  2. 2. Current UK fed position• Current cost benefit analysis is not favourable.• eduGain will not meet all of our interfederation requirements.• Want to achieve metadata ecosystem with variable trust models.• Interfederation should be a bridge for sharing.• Remain committed to ‘fixing’ eduGain, but it is costing a lot of staff time.
  3. 3. eduGain Policy Approach eduGain insists that an entity must know and understand about eduGain. You must opt- in, you must agree to the policy, you must download the metadata separately. This haseffectively established eduGain as an additional federation, not a bridge.
  4. 4. Policy Issue: Metadata Profile "Any metadata file which makes use of parts of metadata published by eduGAIN MUST include either a reference with a URL to the eduGAIN Metadata Terms of Use [ToU] or the entire ToU text. It MUST be placed at the top of the metadata file formatted as an XML comment.”• Over-specification of downstream metadata.• eduGain metadata must be managed separately.• Cannot be managed as part of a hierarchical aggregate, which is our preferred method.
  5. 5. Policy Issue: Policy Declaration"Publications under clause 1 above will be at the request of the Member who controls each Entity."• Over constrained management of metadata inclusion. An upstream issue.• Requires members to understand they are using eduGain.• Requires a specific aggregate for eduGain.
  6. 6. Policy Issue: Terms of Use• eduGain requires you to apply their terms of use to any metadata you republish.• Fundamental misunderstanding of how metadata is managed and signed.• Should only apply to the public metadata file.• Don’t tell federations it is mandatory to protect themselves in a certain way.
  7. 7. Trusted Intermediary• For interfederation to work, the facilitating service needs to be a trusted intermediary.• Integrity and accountability are key.• Consuming federation needs to be able to (and should be trusted to) make these judgment calls.• eduGain persistently addressing the wrong non-problems.
  8. 8. Technical Issues (1)• Source aggregate must be signed, and signature verified.• Source aggregate must include a validUntil value with a sensible time limit, and this must be verified.• Source aggregate must include registrationInfo, and this must be verified (against registrationAuthority).
  9. 9. Technical Issues (2)• Output aggregate must include a validUntil value in its aggregate to protect against replay attacks.• Output aggregate must be signed (eduGain actually do this one!).
  10. 10. In Good News• Code of Conduct no longer proposed as a signed agreement but as a self-declared profile style statement.• Basically long and over-specified way of saying ‘populate PrivacyStatement URL’.