Hi all,
after the workshop we've been trying to deploy a 'national' trust router
that has multiple RPs and IdPs, and what could be connected to the Janet
TR (and to other parts of the world), but for some reason it came to a
dead end.
I thought the trust router had been invented to implement this kinds of
trust flows, the diagrams by Rhys also imply it, however after reading
the recent -dev archives ("Downstream IdPs" [1]), I'm not so sure about it.
Could someone please summarise the thread and the current situation to
us non-devs? Do I understand the proposed solution [2] right that if we
split every trust router into two: one for IdPs and one for RP proxies,
it would work now? Is this a design decision or a workaround?
Thanks for enlightening this,
Kristof
[1]
https://www.jiscmail.ac.uk/cgi-bin/webadmin?A2=moonshot-dev;1719785a.1410
[2]
https://www.jiscmail.ac.uk/cgi-bin/webadmin?A2=moonshot-dev;bccd2e0e.1410
|