[Tf-aai] check CPH SAML metadata

André Moreira andre at clarin.eu
Thu Apr 6 11:48:57 CEST 2017 

Dear all,

The CoCo Entity Category has now been added to the metadata feeds of both DFN-AAI and eduGAIN.

Hope this helps.
Regards,
André

> On 3 Apr 2017, at 14:54, André Moreira <andre at clarin.eu> wrote:
> 
> Hi Jozef and all,
> 
> I could not follow the whole conversation so I can’t say anything about the original problem.
> 
> As about the missing CoCo attribute in the DFN and eduGAIN versions of the metadata, it turns out that DFN is removing the CoCo SAML attribute because according to them:  the document referenced by the “PrivacyStatementURL” attribute does not contain a link to http://www.geant.net/uri/dataprotection-code-of-conduct/v1 (as mandated by the guidelines). I have checked this document and I see that this link is in fact there so I just requested DFN to reinsert the missing CoCo attribute.
> 
> I hope this helps to clarify what’s going on.
> 
> Kind regards,
> ----
> André Moreira
> CLARIN ERIC
> https://www.clarin.eu
> 
>> On 3 Apr 2017, at 08:33, Jozef Misutka <misutka at ufal.mff.cuni.cz> wrote:
>> 
>> 
>> 
>> On 3 April 2017 at 04:19, Mitchell Seaton <seaton at hum.ku.dk> wrote:
>> Dear AAI-TF,
>> 
>> On 04/01/2017 02:04 AM, Jozef Misutka wrote:
>>> 
>>> 
>>> On 31 March 2017 at 16:49, Daan Broeder <daan.broeder at meertens.knaw.nl> wrote:
>>> Dear AAI-TF
>>> Could you please check if the CPH centre SAML metadata has a valid link to a privacy policy statement.
>> Yes, the privacy link is valid.
>>> 
>>> Yes.
>>> 
>>> 
>>> But it does not have a CoCo conforming saml:AttributeValue, see
>>> http://monitor.edugain.org/coc/?show=list_sps
>>> entityId -> https://infra.clarin.dk/shibboleth
>> 
>> This is incorrect the necessary entity SAML attributes are there in the metadata - see https://infra.clarin.eu/aai/prod_md_about_spf_sps.xml
>> 
>> <saml:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
>> <saml:AttributeValue>  http://www.geant.net/uri/dataprotection-code-of-conduct/v1 </saml:AttributeValue>
>> </saml:Attribute>
>> 
>>> 
>>> To see real xml metadata from various federations, see
>>> https://met.refeds.org/met/entity/https%253A%252F%252Finfra.clarin.dk%252Fshibboleth/
>>> 
>> To me the problem seems to be AAI-DFN as the register - is using different SP metadata.
>> Does someone know what is going on here with AAI-DFN?
>> 
>> CCing SPF, can you find out why the following differ for infra.clarin.dk?
>> 
>> Metadata from DFN
>> https://met.refeds.org/met/entity/https%3A//infra.clarin.dk/shibboleth/?viewxml=true&federation=dfn-aai
>> and infra.clarin.dk metadata from SPF
>> https://infra.clarin.eu/aai/prod_md_about_spf_sps.xml
>> 
>> Thank you,
>> Jozef
>> 
>> 
>> 
>> 
>> SP metadata is updated and valid within CLARIN SPF - pushed to eduGAIN and WAYF is currently pulling from eduGAIN as of this year.
>> 
>>> Best,
>>> Jozef
>>> 
>>> Please send me a copy of the metadata.
>>> 
>>> Thanks,
>>> Daan
>>> 
>>> Daan Broeder
>>> Tel. +31 20 4628625
>>> Daan.broeder at meertens.knaw.nl
>>> Meertens Instituut (Afdeling Technische Ontwikkeling)
>>> Oudezijds Achterburgwal 185
>>> 1012 DK Amsterdam
>>> 
>>> Postbus 10855
>>> 1001 EW Amsterdam
>>> ----
>>> 
>>> 
>>> _______________________________________________
>>> Tf-aai mailing list
>>> Tf-aai at lists.clarin.eu
>>> https://lists.clarin.eu/cgi-bin/mailman/listinfo/tf-aai
>>> 
>>> 
>> 
>> 
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Message signed with OpenPGP
URL: <https://lists.clarin.eu/cgi-bin/mailman/private/tf-aai/attachments/20170406/9bd591da/attachment.sig>

More information about the Tf-aai mailing list