[Openid-specs-ab] federation spec
thomasclinganjones at gmail.com
Tue Oct 30 18:39:39 UTC 2018
there is also the point about multi roots. I would like to choose which
root to proceed with early so i don't waste cycles.
On Tue, Oct 30, 2018 at 11:34 AM Nick Roy <nroy at internet2.edu> wrote:
> Taking this back to the list because I am not an expert at this point.
> Good point about DoS - Roland and Andreas, it would be really nice to know
> what federation(s) you are working with before you have to walk the tree.
> Any thoughts about that?
> On 30 Oct 2018, at 12:25, Tom Jones wrote:
> yes i know that it is possible to find the root, but i want to know before
> i even start doing any crypto.
> That method is too prone to dos attacks.
> I must get delayed email from oid as i have yet to see his response.
> Peace ..tom
> On Tue, Oct 30, 2018 at 11:22 AM Nick Roy <nroy at internet2.edu> wrote:
>> Hi Tom,
>> We won’t start implementing this within Internet2 quite yet. I need to
>> free up some of my time to work on federation operation
>> requirements/tooling needs, but I am still working on that (I hired two new
>> people to take over federation operations, but they are still getting up to
>> speed). I believe there are others at GÉANT who will implement it sooner.
>> Looping in Davide Vaghetti from Consortium GARR/GÉANT to let you know about
>> their plans.
>> As Roland said in his reply to you on the list, the Federation Operator
>> still exists in version 5. You discover the FO by walking the signed
>> statement tree to its root, if I recall.
>> On 30 Oct 2018, at 12:18, Tom Jones wrote:
>> > Nick: Nice chatting with you at IIW. I reviewed draft 5 again and could
>> > determine why they think trust model and federation office should be
>> > removed. I think we will stick with draft 4 now.
>> > I also didn't see any version or other doc id.
>> > I will use a mandatory field stating both version and FO in the body of
>> > json.
>> > something like this
>> > ver:OID FED 0.04
>> > fo:IDEF
>> > how has the internet 2 version progressed?
>> > Peace ..tom
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Openid-specs-ab