Current UK fed position• Current cost benefit analysis is not favourable.• eduGain will not meet all of our interfederation requirements.• Want to achieve metadata ecosystem with variable trust models.• Interfederation should be a bridge for sharing.• Remain committed to ‘fixing’ eduGain, but it is costing a lot of staff time.
eduGain Policy Approach eduGain insists that an entity must know and understand about eduGain. You must opt- in, you must agree to the policy, you must download the metadata separately. This haseffectively established eduGain as an additional federation, not a bridge.
Policy Issue: Policy Declaration"Publications under clause 1 above will be at the request of the Member who controls each Entity."• Over constrained management of metadata inclusion. An upstream issue.• Requires members to understand they are using eduGain.• Requires a specific aggregate for eduGain.
Trusted Intermediary• For interfederation to work, the facilitating service needs to be a trusted intermediary.• Integrity and accountability are key.• Consuming federation needs to be able to (and should be trusted to) make these judgment calls.• eduGain persistently addressing the wrong non-problems.
Technical Issues (1)• Source aggregate must be signed, and signature verified.• Source aggregate must include a validUntil value with a sensible time limit, and this must be verified.• Source aggregate must include registrationInfo, and this must be verified (against registrationAuthority).
Technical Issues (2)• Output aggregate must include a validUntil value in its aggregate to protect against replay attacks.• Output aggregate must be signed (eduGain actually do this one!).
In Good News• Code of Conduct no longer proposed as a signed agreement but as a self-declared profile style statement.• Basically long and over-specified way of saying ‘populate PrivacyStatement URL’.