Versions Compared

Old Version 6

changes.mady.by.user Frank Tamás

Saved on

compared with

New Version 7

changes.mady.by.user Frank Tamás

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Service Description: Service to allow a user to see if his eduGAIN IdP is releasing attributes properly, not too many and not too few. Service URL is http https://release-check.edugain.org/)

Components: Uses a LAMP stack with PHP (using Laravel 5.4 framework) and MySQL.

Code Repository: https://code.geant.net/stash/projects/GN4SA2T2/repos/edugain-attribute-release-check/browse

Infrastructure:

Operational Information: No regular operational maintenance needed as far as we know

Roadmap/ToDos:

  • Changes  MDUI DisplayName:REFEDS Research and Scholarship NG, what does the NG stand for? Locally change test names in code to:
  • EARC - REFEDS Research and Scholarship Test -> REFEDS R&S Test with Requested Attributes
  • EARC - REFEDS Research and Scholarship NG -> REFEDS R&S Test
  • EARC - GEANT Data Protection Code of Conduct Test -> GEANT Data Protection Code of Conduct Test
  • EARC - No Entity Category Test -> No Entity Category Test Changes SP MDUI DisplayName to
    • EARC - REFEDS Research and Scholarship Test -> EARC - REFEDS Research and Scholarship with Requested Attributes Test
    • EARC - REFEDS Research and Scholarship NG -> EARC - REFEDS Research and Scholarship Test
  • Provide REST/JSON API to query results (asked by Tomasz and Maja) or sync database to technical.edugain.org
    • API should allow to query results of a particular IdP and to ask which grades an IdP would get if releasing certain attributes to a test SP. Some API calls need yet to be defined and then documented somewhere (e.g. wiki.edugain.org). Should not have high priority as Tomasz/Maja asked for this based on false assumptions about EARC initially. However, others (e.g. Niels) also have some use for an API.
    No distinction between ePTID and persistentID NameID format (Wolfgang)
    • See above, should not play a role anymore if both are treated the same way (= without penalty)
  • Provide (shib) idp admin hints on where to fix things
    • Add links to existing R&S, CoCo documentation if grade is worse than an A.
  • Why have the no-EC-test? (Pal Axelsson)
    • We don't have a good idea how to grade the results of this test because we don't know what should have more precedence: usability or data privacy or a mix of both.
    • Remove grading as it is not easily possible to do a proper grading but keep information on what is released.
    • Replace verdict with a hint (no attributes = good data privacy but bad usability, all attributes = the other way around)
  • Ask for local federation-specific attribute release check in next email to eduGAIN Steering group. Then add them to EARC.
  • Remove old (with requestedAttributes in its metadata) R&S test SP