[Openid-specs-ab] federation spec

Nick Roy nroy at internet2.edu
Tue Oct 30 18:34:03 UTC 2018

Taking this back to the list because I am not an expert at this point.

Good point about DoS - Roland and Andreas, it would be really nice to know what federation(s) you are working with before you have to walk the tree. Any thoughts about that?


On 30 Oct 2018, at 12:25, Tom Jones wrote:

> yes i know that it is possible to find the root, but i want to know before
> i even start doing any crypto.
> That method is too prone to dos attacks.
> I must get delayed email from oid as i have yet to see his response.
> Peace ..tom
> On Tue, Oct 30, 2018 at 11:22 AM Nick Roy <nroy at internet2.edu> wrote:
>> Hi Tom,
>> We won’t start implementing this within Internet2 quite yet. I need to
>> free up some of my time to work on federation operation
>> requirements/tooling needs, but I am still working on that (I hired two new
>> people to take over federation operations, but they are still getting up to
>> speed). I believe there are others at GÉANT who will implement it sooner.
>> Looping in Davide Vaghetti from Consortium GARR/GÉANT to let you know about
>> their plans.
>> As Roland said in his reply to you on the list, the Federation Operator
>> still exists in version 5. You discover the FO by walking the signed
>> statement tree to its root, if I recall.
>> Best,
>> Nick
>> On 30 Oct 2018, at 12:18, Tom Jones wrote:
>>> Nick: Nice chatting with you at IIW. I reviewed draft 5 again and could
>> not
>>> determine why they think trust model and federation office should be
>>> removed. I think we will stick with draft 4 now.
>>> I also didn't see any version or other doc id.
>>> I will use a mandatory field stating both version and FO in the body of
>> the
>>> json.
>>> something like this
>>> ver:OID FED 0.04
>>> fo:IDEF
>>> how has the internet 2 version progressed?
>>> Peace ..tom

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20181030/275b11f9/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 512 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20181030/275b11f9/attachment.asc>

More information about the Openid-specs-ab mailing list