Thanks for that really good summary Josh. Just to add, wordpress is also now saml compliant.
-----Original Message-----
From: Discussion list for Shibboleth developments <[log in to unmask]>
To: [log in to unmask] <[log in to unmask]>
Sent: Wed Dec 10 10:39:45 2008
Subject: Re: JISC OpenID Report
Hi Mari,
> I don't know which one is better from a technical point of
> view, but my impression as that shibboleth authentication is
> very much limited to national frontiers, where OpenID is
> totally decentralized and independently of the country where
> the user is.
It is true that Research and Education federations, such as the UK
Access Management Federation, are currently being organised along
national lines, but this is simply an artifact of use-cases, policy and
funding.
There is nothing in the technology that restricts the use of Shibboleth
(or more generally SAML, which is the technical standard Shibboleth
implements) within national jurisdictions!
> As a supporter of the Open Source philosophy, I
> believe that OpenID belongs to its community of users, where
> Shibboleth somehow "frames" you in the "jurisdiction" of your
> regional or national federation.
For the reason given above, again this isn't a technical property of
Shibboleth or SAML but reflects how federations are *presently*
constituted.
> Another aspect that concerns me is that the shibboleth
> federations are growing very much organically but they don't
> seem to know what other federations are being doing.
In fact, the national federations liaise very closely, primarily though
the TERENA REFEDS working group:
http://www.terena.org/activities/refeds
If you're interested in this area, I would encourage you to attend the
TERENA EuroCAMP meetings which provides an opportunity for Institutions
from across Europe to network and talk middleware.
http://www.terena.org/activities/eurocamp
> At
> least, that was the outcome from the online MoodeMoot 2008 in
> Barcelona. However, many EU-funded projects involve a
> consortium of different European universities working
> together. I would like to know how the authentication via
> Shibboleth would work in this case.
There is already work underway to facilitate 'inter-federation' between
the many of the Research and Education federations in the world.
In the EU context, this work ('eduGAIN') has been conducted within
Dante's GN2 programme and an experimental service is already in place. A
production service is planned within a year or two.
As it happens, I will be involved in this work from April 2009 and so if
you're aware of any projects who need this type of service, please let
me know! We are actively looking for use-cases.
> I think that, in the context of education, Shibboleth has
> become popular because of its easy integration with Moodle.
> However, in the case of the e-portfolios platforms -Wordpress
> and Google apps are being currently used as eportfolios
> platforms de facto-, OpenID can play a crucial role.
Google Apps supports SAML, and there are already Institutions using it
with Shibboleth.
best regards, josh.
JANET(UK) is a trading name of The JNT Association, a company limited
by guarantee which is registered in England under No. 2881024
and whose Registered Office is at Lumen House, Library Avenue,
Harwell Science and Innovation Campus, Didcot, Oxfordshire. OX11 0SG
|