Beep, beep, beep, beep busy line?

We kick off a mamouth day on federations with David Simonsen talking about the place for federation operators. He uses the telephone as a metaphor – we used to need to talk to an operator before connecting to other people via phone. This is very similar to the role currently played by federations. It immediately makes me more comfortable with the idea of self publication of federation metadata – I think it is somewhere we want to go, we need the centralised provder right now to help us get there.

David then goes on to describe how WAYF is looking at decentralising their federation model by building a ‘hub and spoke model’ that allows for multiple aggregations o9f identity providers. They then make use of Corto, a tool which allows you to collect attributes from a variety of sources. The important part in this whole process is scoping – the essence of where I am from.

Next we move on to Josh Howlett and begin to shoot for the moon. Josh is trying to take the federated world out of the browser and beyond web single sign-on. A key relationship between his talk and David’s is the concept of scaleable trust. Federations need to develop their trust model to cope with more sophisticated environments.

Josh’s architecture has grown significantly more mature since TNC 2009 in Malaga when he asked several of us to act out the parts of supplicants, providers and clients. It is a credit to the amount of work that he has put in to making this vision work. The tech is a little heavy for a blog piece, but if that is the sort of thing that floats your boat have a look at Josh’s presentation to TF-mobility in Vienna.

The important thing to note is that although it looks complex (and is!) it is somewhat similar to eduroam which has achieved production status. I worry about the layers of supplicants involved given the issues these create for end users and the difficulties in diagnosing login failures. A question I posed to Josh, who promises that usability will be built in to the project plan. Oops did I just get myself involved in Moonshot?

2 thoughts on “Beep, beep, beep, beep busy line?

  1. Ingrid Melve

    I wonder how oauth, and especially oauth2 will impact the problem area where Moonshot is playing. One of the things I would really like to see, is a good user authentication solution for SASL-based services

  2. Rod Widdowson

    > He uses the telephone as a metaphor

    Very aposite, but it would be better to say that the federation operators are like the old national telcos – with all their good and all their bad parts.

    Eventually the telco’s fell apart because the internet doesn’t really work that way.

Comments are closed.