[Openid-specs-ab] federation spec
Michael.Jones at microsoft.com
Tue Oct 30 18:59:26 UTC 2018
Tom, since you wrote that you don’t know the Connect call schedule, you can find it in the publicly-available calendar on the working group page at https://openid.net/wg/connect/. The next call is on Thursday, November 8th at 7am Pacific Time (9pm Bangkok Time).
From: Openid-specs-ab <openid-specs-ab-bounces at lists.openid.net> On Behalf Of Nick Roy via Openid-specs-ab
Sent: Tuesday, October 30, 2018 11:34 AM
To: Tom Jones <thomasclinganjones at gmail.com>; Artifact Binding/Connect Working Group <openid-specs-ab at lists.openid.net>
Cc: Nick Roy <nroy at internet2.edu>
Subject: Re: [Openid-specs-ab] federation spec
Taking this back to the list because I am not an expert at this point.
Good point about DoS - Roland and Andreas, it would be really nice to know what federation(s) you are working with before you have to walk the tree. Any thoughts about that?
On 30 Oct 2018, at 12:25, Tom Jones wrote:
yes i know that it is possible to find the root, but i want to know before i even start doing any crypto.
That method is too prone to dos attacks.
I must get delayed email from oid as i have yet to see his response.
On Tue, Oct 30, 2018 at 11:22 AM Nick Roy <nroy at internet2.edu<mailto:nroy at internet2.edu>> wrote:
We won’t start implementing this within Internet2 quite yet. I need to free up some of my time to work on federation operation requirements/tooling needs, but I am still working on that (I hired two new people to take over federation operations, but they are still getting up to speed). I believe there are others at GÉANT who will implement it sooner. Looping in Davide Vaghetti from Consortium GARR/GÉANT to let you know about their plans.
As Roland said in his reply to you on the list, the Federation Operator still exists in version 5. You discover the FO by walking the signed statement tree to its root, if I recall.
On 30 Oct 2018, at 12:18, Tom Jones wrote:
> Nick: Nice chatting with you at IIW. I reviewed draft 5 again and could not
> determine why they think trust model and federation office should be
> removed. I think we will stick with draft 4 now.
> I also didn't see any version or other doc id.
> I will use a mandatory field stating both version and FO in the body of the
> something like this
> ver:OID FED 0.04
> how has the internet 2 version progressed?
> Peace ..tom
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Openid-specs-ab