Note: this page needs to be updated (2014-08-13)

As much information as possible should be kept at ​http://www.clarin.eu/spf

However there might be some details to store here.

Requirements for a "home for the homeless" IdP: ServiceProviderFederation/Homeless?

Towards an easy-to-use central Discovery Service: ServiceProviderFederation/Discovery

High availability setup of CLARIN IdP and disco service: AnyCast?

Feedback on ​eduGAIN code of conduct: ServiceProviderFederation/EduGain?

Information about including logos for the IdPs?: ​recommendations and a related ​standardization discussion

SP technical contacts

See ​http://infra.clarin.eu/aai/md_about_spf_sps.xml

Changing the SAML metadata about SPF SPs

• Commit the changes to source:aai/clarin-sp-metadata.xml in the CLARIN SVN repository
• Make sure to check the XSD validity of the file! Be prepared to put 5 EUR in the CLARIN developers tipping box if you commit a non-valid file.
• Every hour a cron job automatically checks out the latest version at ​http://infra.clarin.eu/aai/clarin-sp-metadata.xml

How to add SAML metadata about the CLARIN IdP to your SP configuration

• SP configuration guide?

Information per Identity Federation

(source: ​https://refeds.terena.org/index.php/Federations)

Haka (Finland)

cn, sn, displayName, eduPersonPrincipalName, schacHomeOrganization, schacHomeOrganizationType

The major unique identifier: Currently, ePPN is the predominant unique ID.

The federation operator has published instructions on use of ePTID but hasn't strongly insisted its use.

Adding an SP: ServiceProviderFederation/Haka?

DFN-AAI

attributes

sn, email, ePPN, ePSA, ePEntitlement, ePTID

What is the predominant unique identifier for end users?

• eduPersonPrincipalName (ePPN)
• eduPersonTargetedID(ePTID)/SAML2 PersistentID

Is there a policy for what should be used as the unique ID? No.

Software at the IdPs?

But I think most of the IdPs in the DFN-AAI have been updated since the security advisory of July 25th, 2011.
So, hopefully, most of the 95 IdPs in the DFN-AAI production federation(s) should be 2.3.2 or higher.
There are 6 Shibboleth 1.3 / SAML 1.1 IdPs and AFAIK(!) only one case of SimpleSAMLphp IdP (but some more in the test federation). 

SURFconext

Mandatory attributes: No mandatory attributes

The major unique identifier:

The predominant unique identifier for end users is eduPersonPrincipalName (ePPN) There is no formal policy for what should be used as the unique ID

UK federation

See section 7 of ​http://www.ukfederation.org.uk/library/uploads/Documents/technical-recommendations-for-participants.pdf for the recommended attributes in the UK.

Attributes

The minimal set of required attributes:

• ​eduPersonPrincipalName or ​eduPersonTargetedID

The ideal set of attributes:

• ​eduPersonPrincipalName or ​eduPersonTargetedID

• ​cn (common name)
• ​mail
• ​o (organizationName) or ​schacHomeOrganization

CLARIN SP requirements

Component Registry?

• strictly required: ePPN
• nice to have: displayName, cn (common name)

Virtual Collection Registry?

• strictly required: eduPersonTargetedID (could also be configured to work with ePPN)
• nice to have: cn, displayName

WebLicht?

• strictly required: (no attributes - as not all IdPs? are releasing anything useful)
• nice to have:

TQE (CLARIN-NL, ​http://hdl.handle.net/1839/00-SERV-0000-0000-0005-6)

• strictly required: (no attributes)
• nice to have: (no attributes)

Adelheid anntool ((clarin-nl, ​http://hdl.handle.net/1839/00-SERV-0000-0000-0005-6)

• strictly required:
• nice to have: