[mdx] [gn3-jra3-t2] Querying a list of Identity Providers from the Metadata Aggregator
Leif Johansson
leifj at sunet.se
Mon Jul 26 08:06:52 PDT 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 07/26/2010 04:46 PM, Andreas Åkre Solberg wrote:
> OK; I see my proposal was moved to this list, so I'll follow up with an introduction.
>
> I see at least two issues with the current inter-federation model [1], that I'd like to see fixed:
>
> 1) Scalability in the sense of the large bulk signed XML message sent back and forth.
> 2) The fact that the whole architecture depends on a "central" point.
>
> [1] All entities share metadata through a central aggregator.
>
> I think that MDX is a welcome solution, that partly solves 1). By partly I mean that the SP and the IdP may now only grab one-by-one enitydescriptors; but the DS will still need to bulk download the whole federation.
>
The DS only needs to bulk dl the IDPs right? For SAML2 it may need to
look at extensions for the SP but those can be looked up using MDX
right?
Cheers Leif
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAkxNpIwACgkQ8Jx8FtbMZnd7jQCgtQw4CE5ATCtLQ48Jp9sCJR90
wJ0AniNOXw1MSCg0pxSP2TfbkFalrTDK
=7DbI
-----END PGP SIGNATURE-----
More information about the mdx
mailing list