[Tf-aai] check CPH SAML metadata
André Moreira
andre at clarin.eu
Thu Apr 6 11:48:57 CEST 2017
Dear all,
The CoCo Entity Category has now been added to the metadata feeds of both DFN-AAI and eduGAIN.
Hope this helps.
Regards,
André
> On 3 Apr 2017, at 14:54, André Moreira <andre at clarin.eu> wrote:
>
> Hi Jozef and all,
>
> I could not follow the whole conversation so I can’t say anything about the original problem.
>
> As about the missing CoCo attribute in the DFN and eduGAIN versions of the metadata, it turns out that DFN is removing the CoCo SAML attribute because according to them: the document referenced by the “PrivacyStatementURL” attribute does not contain a link to http://www.geant.net/uri/dataprotection-code-of-conduct/v1 (as mandated by the guidelines). I have checked this document and I see that this link is in fact there so I just requested DFN to reinsert the missing CoCo attribute.
>
> I hope this helps to clarify what’s going on.
>
> Kind regards,
> ----
> André Moreira
> CLARIN ERIC
> https://www.clarin.eu
>
>> On 3 Apr 2017, at 08:33, Jozef Misutka <misutka at ufal.mff.cuni.cz> wrote:
>>
>>
>>
>> On 3 April 2017 at 04:19, Mitchell Seaton <seaton at hum.ku.dk> wrote:
>> Dear AAI-TF,
>>
>> On 04/01/2017 02:04 AM, Jozef Misutka wrote:
>>>
>>>
>>> On 31 March 2017 at 16:49, Daan Broeder <daan.broeder at meertens.knaw.nl> wrote:
>>> Dear AAI-TF
>>> Could you please check if the CPH centre SAML metadata has a valid link to a privacy policy statement.
>> Yes, the privacy link is valid.
>>>
>>> Yes.
>>>
>>>
>>> But it does not have a CoCo conforming saml:AttributeValue, see
>>> http://monitor.edugain.org/coc/?show=list_sps
>>> entityId -> https://infra.clarin.dk/shibboleth
>>
>> This is incorrect the necessary entity SAML attributes are there in the metadata - see https://infra.clarin.eu/aai/prod_md_about_spf_sps.xml
>>
>> <saml:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
>> <saml:AttributeValue> http://www.geant.net/uri/dataprotection-code-of-conduct/v1 </saml:AttributeValue>
>> </saml:Attribute>
>>
>>>
>>> To see real xml metadata from various federations, see
>>> https://met.refeds.org/met/entity/https%253A%252F%252Finfra.clarin.dk%252Fshibboleth/
>>>
>> To me the problem seems to be AAI-DFN as the register - is using different SP metadata.
>> Does someone know what is going on here with AAI-DFN?
>>
>> CCing SPF, can you find out why the following differ for infra.clarin.dk?
>>
>> Metadata from DFN
>> https://met.refeds.org/met/entity/https%3A//infra.clarin.dk/shibboleth/?viewxml=true&federation=dfn-aai
>> and infra.clarin.dk metadata from SPF
>> https://infra.clarin.eu/aai/prod_md_about_spf_sps.xml
>>
>> Thank you,
>> Jozef
>>
>>
>>
>>
>> SP metadata is updated and valid within CLARIN SPF - pushed to eduGAIN and WAYF is currently pulling from eduGAIN as of this year.
>>
>>> Best,
>>> Jozef
>>>
>>> Please send me a copy of the metadata.
>>>
>>> Thanks,
>>> Daan
>>>
>>> Daan Broeder
>>> Tel. +31 20 4628625
>>> Daan.broeder at meertens.knaw.nl
>>> Meertens Instituut (Afdeling Technische Ontwikkeling)
>>> Oudezijds Achterburgwal 185
>>> 1012 DK Amsterdam
>>>
>>> Postbus 10855
>>> 1001 EW Amsterdam
>>> ----
>>>
>>>
>>> _______________________________________________
>>> Tf-aai mailing list
>>> Tf-aai at lists.clarin.eu
>>> https://lists.clarin.eu/cgi-bin/mailman/listinfo/tf-aai
>>>
>>>
>>
>>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Message signed with OpenPGP
URL: <https://lists.clarin.eu/cgi-bin/mailman/private/tf-aai/attachments/20170406/9bd591da/attachment.sig>
More information about the Tf-aai
mailing list