On Fri, 22 Feb 2008, John Paschoud wrote:
>> But as John said microsoft are to be applauded for choosing
>> to use this mechanism for student verification (sic), it
>> would have been nice, though, to have had a "heads up" that
>> this was coming, were JISC or JANET expecting this or was it
>> as much a surprise as it was to me (who received a service
>
> When you get *really* famous, Bill will give you a personal call on your
> mobile to let you know what he's going to do, before he actually does
> it. The next time he calls me for advice, I'll try and let you know in
> time too ;->
Could you let me know too? :-)
Seriously, there is a communication issue here. Shib and other federated
identity technologies allow people to implement services without
necessarily having to consult identity providers (as happened here). Since
our users will be using our identity providers to access these services
they naturally hold us responsible if it doesn't work and refer their
queries (at least about authentication, and probably about everything
else) to our Help Desks. If we don't know the service is coming we can't
warn our Help Desks, and we can't test and if necessary configure
appropriate attribute releases to make things work.
Further, it would be really useful if new (and existing) services were
clear about what attribute and attribute values they require and/or can
use if provided. DreamSpark have gone some way to doing this (though
apparently only via an unlinked web page!), but it's still unclear what
attribute and attribute values they actually require. The same applies
more or less to other existing services. As a result IdP administrators up
and down the country are currently experimenting to try to work out what's
going on.
Since we can't expect people launching (or changing) services to contact
all IdPs individually could someone, perhaps JISC but probably better the
UK Federation, act as a clearinghouse for this sort of information and
actively encourage SPs (at least those representing large-scale services)
to contribute timely and complete information?
Jon.
--
Jon Warbrick
Web/News Development, Computing Service, University of Cambridge
|