Everyone,
A number of us at UCOP have a conflict tomorrow morning, so I'm
canceling tomorrow's call. Our next call will be December 15.
In lieu, here's some status.
- As most of you probably know,
the ITLC decided that we should not proceed with a version of the
UCFY/Shib interface that prompts for the UCFY password. While
this will cause some delay, I hope it will not be long, and the result
will be a stronger UCTrust. As the result of this, Kris will be
asking the Council of Vice Chancellors of Administration next week to
designate a group of people to resolve the business issues. We're
working on a statement of those issues that I will share with all of
you, probably early next week.
- I've been doing some research
into the issue of how we can share metadata about UC-only
targets. The issue is we will receive regular updates of an XML
file from InCommon containing a <SiteGroup> object that, in turn,
contains <OriginSites>s and <DestinationSite>s. Our
targets would be <DestinationSite>s. I think we have the
following alternative strategies we could follow:
- Distribute
UC-only <DestinationSites>s separately and write a program that
merges UCTrust sites into the list provided by InCommon. That
merge program would need to be executed after updates of either
InCommon files or UCTrust files.
- Register UCTrust targets in
InCommon.
- Treat UCTrust as a
completely separate federation. I don't like this one as well, as
it probably means a separate WAYF, requiring people (or their portals)
to declare their origin sites twice, once for InCommon and once for
UCTrust.
Assuming we end up with a lot of UC-only targets, option A is probably
best. While we have only a few targets, B is a lot less
work. I'm leaning toward B for now, reassessing in the future;
how do others feel?
David |
|