[mdx] Publisher authorisation
Josh Howlett
Josh.Howlett at ja.net
Tue Apr 28 15:58:34 PDT 2009
> And to be explicit: I think we should not define the "updload
> of elements tot the aggregator" which I think is the wrong
> approach until the day when we build a full bidirectional protocol.
Agreed. For the particular case of eduGAIN, I think the metadata
signature will suffice for authentication in the case of the 'pull'
model, and I think this is trivally satisified by the proposed
architecture.
(In the context of eduGAIN, we need to worry about how we bind the
signing key to the known/unknown publisher, but that's clearly an
implementation consideration and out-of-scope here.)
However, I guess this might be complicated if we think we choose to be
concerned about provenance where we have a chain of aggregators. If we
decide to care about this, then this might have profiling and/or
protocol considerations.
josh.
JANET(UK) is a trading name of The JNT Association, a company limited
by guarantee which is registered in England under No. 2881024
and whose Registered Office is at Lumen House, Library Avenue,
Harwell Science and Innovation Campus, Didcot, Oxfordshire. OX11 0SG
More information about the mdx
mailing list