[Tf-aai] Fwd: Please test WAYF's new federation hub platform with your web service

Mitchell Seaton seaton at hum.ku.dk
Wed Jul 11 13:38:41 CEST 2018 

My apologies that link should be in English - 
https://www.wayf.dk/en/new-wayf-user-experience-2-july

Kind Regards,

Mitchell Seaton


On 07/11/2018 01:37 PM, Mitchell Seaton wrote:
>
> Dear CLARIN SPF group,
>
> FYI, https://wayf.dk/da/ny-brugeroplevelse-i-wayf-fra-2-juli WAYF-DK 
> has as of 2nd July migrated to their new platform.
>
> Kind Regards,
>
> Mitchell Seaton
>
>
> On 04/19/2018 03:55 PM, Mitchell Seaton wrote:
>>
>> Dear CLARIN SPF group,
>>
>> A test using the WAYF Orphange IdP (through the CLARIN SPF discovery 
>> service) against the new WAYF-DK platform installation shows no 
>> problems with SAML2 attributes, as far as I can see for our 
>> infra.clarin.dk Service Provider. If anyone else wishes to test 
>> against their SP for any issues with the new platform, a developer 
>> account can be created and approved fiarly quickly - see the 
>> instructions at 
>> https://wayf.dk/en/testing-wayfs-new-hub-platform-your-web-service
>>
>> Kind Regards,
>>
>> Mitchell Seaton
>>
>>
>>
>> -------- Forwarded Message --------
>> Subject: 	Please test WAYF's new federation hub platform with your 
>> web service
>> Date: 	Tue, 10 Apr 2018 12:31:16 +0200
>> From: 	WAYF <campaign at wayf.dk>
>> To: 	Mr. Mitchell Seaton <seaton at hum.ku.dk>
>>
>>
>>
>> Please test WAYF's new federation hub platform with your web service
>>
>> *FOR ENGLISH, PLEASE SEE BELOW*
>>
>> Kære WAYF-ansvarlige!
>>
>> Du modtager mailen her fordi WAYF har dig registreret som 
>> kontaktperson for din WAYF-tilsluttede webtjeneste. WAYF har brug for 
>> at du snarest gennemfører en simpel login-test — læs herunder:
>>
>> Din webtjeneste kommunikerer med WAYFs centrale servere hver gang en 
>> bruger logger ind på tjenesten via WAYF. Det er vores plan i maj 2018 
>> at erstatte den nuværende software på de servere med en helt ny 
>> software som vi selv har udviklet.
>>
>> Det har i udgangspunktet ingen betydning for din tjeneste at WAYF 
>> skifter software på sine centrale servere: I burde ikke behøve 
>> foretage jer noget — ikke behøve ændre noget i jeres egen opsætning. 
>> Vi laver nemlig ikke om på den tekniske grænseflade mellem din 
>> tjeneste og WAYFs servere — kun på softwaren bag grænsefladen.
>>
>> Vores nye software er blevet sikkerhedsgennemgået af eksperter fra 
>> det tyske firma Hackmanit GmbH og er ifølge dem meget sikker. 
>> Programkoden er velafprøvet og har langt mindre omfang og langt 
>> mindre kompleksitet end vores nuværende software og bliver derfor 
>> markant nemmere for os at vedligeholde.
>>
>> Men for at kunne være helt sikre på at WAYFs nye software virker 
>> sammen med din tjenestes WAYF-opsætning, vil vi bede dig gennemføre 
>> en simpel login-test. Hvis du ikke har en brugerkonto ved en 
>> institution som er tilsluttet WAYF, kan du bruge en testkonto fra 
>> WAYF Orphanage <https://orphanage.wayf.dk>. Du kan lave testen 
>> allerede nu — ved at følge den korte vejledning her 
>> <https://wayf.dk/da/test-af-wayfs-kommende-platform-0>.
>>
>> Med den nye software på serverne vil WAYF i princippet have helt 
>> samme adfærd udadtil som med den nuværende software.
>>
>> Bemærk at vores nye software protokolmæssigt sigter på at overholde 
>> KANTARAs deployment-profil for føderations-interoperabilitet — se 
>> https://kantarainitiative.github.io/SAMLprofiles/fedinterop.html. Dét 
>> giver begrundet håb om at softwaren vil fungere sammen med de fleste 
>> eller alle institutioner og webtjenester i WAYF og i eduGAIN. 
>> KANTARA-profilen forventes at ville afløse den SAML2-profil som WAYF 
>> og eduGAIN bygger på nu, nemlig 
>> https://saml2int.org/profile/current/. Den software som WAYF har 
>> brugt hidtil, tilgiver muligvis visse profilafvigelser fra jeres side 
>> som vores nye software ikke tilgiver. Bl.a. derfor er det vigtigt at 
>> I får testet jeres tjeneste op imod WAYFs kommende platform inden vi 
>> sætter den rigtigt i drift.
>>
>> Mange venlige hilsner
>> WAYF-sekretariatet
>> WAYF <https://wayf.dk>
>>
>> ------------------------------------------------------------------------
>>
>> Dear WAYF contact!
>>
>> You receive thie e-mail because WAYF <https://wayf.dk/en> has you 
>> registered as a contact point for the web service you have connected 
>> to WAYF. WAYF needs you to perform a simple login test as soon as you 
>> can please see below:
>>
>> Your webservice communicates with WAYF's central servers whenever a 
>> user attempts to log in at your service through WAYF. We plan to 
>> replace the software currently running on those servers with an 
>> entirely new software that we've developed ourselves.
>>
>> It shouldn't be of any significance to your webservice that WAYF 
>> replaces the software on its servers: It shouldn't be necessary for 
>> you to do anything — shouldn't be necesary for you to make any 
>> changes to the configuration on your own servers. For we're not 
>> changing the interface between WAYF and your webservice — only the 
>> software behind that interface.
>>
>> Our new software has been penetration tested by experts from German 
>> IT security company Hackmanit GmbH and found by them to be very 
>> secure. The program code is being tested thoroughly and is far 
>> smaller than the code base of our current platform, and so will be 
>> markedly easier for us to maintain.
>>
>> But to be sure that WAYF's new software works with your web service, 
>> we kindly ask you to perform a simple login test. If you don't hold a 
>> user account with one of the identity providers connected to WAYF, 
>> you can use a testing from the WAYF Orphanage 
>> <https://orphanage.wayf.dk>. You can do the test now already — by 
>> following the instructions published here 
>> <https://wayf.dk/en/testing-wayfs-new-hub-platform-your-web-service> .
>>
>> With the new software running on its servers, WAYF will, in 
>> principle, display the same behaviour externally as with the current 
>> software platform.
>>
>> Please note that our new software aims to comply with KANTARA's 
>> Deployment Profile for Federation Interoperability 
>> <https://kantarainitiative.github.io/SAMLprofiles/fedinterop.html>. 
>> This justifies our hope that the platform will work well with most or 
>> all service and identity providers in both WAYF and eduGAIN. This 
>> KANTARA profile is expected to replace the SAML2 profile currently 
>> adhered to by WAYF, i.e. https://saml2int.org/profile/current/. The 
>> software currently running on WAYF's servers may be forgiving wrt. a 
>> number of deviations from the profile on your part that our new 
>> platform may be less forgiving about. For this reason, too, it is 
>> important that you test your webservice with WAYF's new platform 
>> before we deploy it in production.
>>
>> Many kind regards,
>> WAYF Secretariat
>> WAYF <https://wayf.dk/en>
>>
>>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clarin.eu/cgi-bin/mailman/private/tf-aai/attachments/20180711/40b7c985/attachment.htm>

More information about the Tf-aai mailing list