Interoperabillity testing event

[Roland Hedberg]

Hi guys,

I hope we’re still on for June 11th as the day for interoperability testing.

If someone has a problem with that day, we are so few that we should be able to agree on an alternative.

Regarding the setup I propose that I provide the basic framework, in this case a federation.

In that federation I will have these entities:

• An RP that does explicit registration
• An RP that does automatic registration
• An OP that can handle explicit and automatic registration
• 2 intermediates representing 2 organisations (one owning the RPs and the other the OP)
• A federation operator

The basic federation therefor looks like this:

                             FO=swamid.se

                               |

                     +—————+ 

                     |                    |

                  lu.se           umu.se

                     |                    |

            +————+         OP

          RP(auto)  RP(expl)

To this framework we can then add the OPs and RPs you can supply.

Adding an entity to the framework can not be done automatic at this time so you have to provide me with the necessary information a day or two before the event.

I’ll get back regarding what information I need.

Of course if you only have a SDK you can use that do entity statement collecting and verifying.

The RPs I provide will have web pages you can use to initiate a RP->OP authorisation sequence.

All the entities I’m running will dump information to disc. Which should allow you to browse through the interesting parts.

We will have 2 variant when it comes to RP-OP interaction one based on explicit registration and the other on automatic.

So I expect us to have 2 test matrixes (RPs vs OP) one for explicit and one for automatic.

Once we have that working for non-restrictive policies we can start adding restrictions.

While we’re testing we should have a VC going. Any preferences as to which technology we should use.

— Roland

[Vladimir Dzhuvinov]

Thanks Roland.

We'll prepare an OP at fed.c2id.com and also the appropriate statements to have them registered at umu.se

Vladimir

--
You received this message because you are subscribed to the Google Groups "openid-federation-interop" group.
To unsubscribe from this group and stop receiving emails from it, send an email to openid-federation-...@googlegroups.com.
To view this discussion on the web, visit https://groups.google.com/d/msgid/openid-federation-interop/334C0531-8292-42A5-A145-DF7FFE627AFE%40sunet.se.

-- 
Vladimir Dzhuvinov

[Roland Hedberg]

Hi guys,

I think we should start at 10 and end at 17 at the latest. All in CEST of course.

I’ll try to set up a Zoom room.

I’ll also try to keep my setup available after Thursday so if we encounter a problem that we are not able to fix 

during the day we can continue testing after Thursday.

Just to make sure we’re on the same page. When we’re doing automatic client registration we’re doing this

using signed request objects. Later we can test using PAR.

To view this discussion on the web, visit https://groups.google.com/d/msgid/openid-federation-interop/f3bdec94-6069-707b-6ba9-00d7c740dc68%40connect2id.com.

[Roland Hedberg]

For those who want entities in the federation I need the entity_id, the public key connected to the private key used to

sign the self-signed entity statement and the type of entity.

To view this discussion on the web, visit https://groups.google.com/d/msgid/openid-federation-interop/C60A9B1D-9752-4BD4-8CEE-1C1AB75FED03%40sunet.se.

[Vladimir Dzhuvinov]

Hi Roland,

Attached is the entity statement for an OP at https://fapi.c2id.com/c2id configured for "explicit" reg.

Thanks and see you tomorrow!

Vladimir

-- 
Vladimir Dzhuvinov

[Roland Hedberg]

We’ve got a zoom meeting

https://sunet.zoom.us/j/66683544123

— Roland

[Marcos Sanz]

Hi all,

we are a bit late to the interop party, I know.

Still: we are running at the moment some tests with the library we want to release as open source/service and I'd like to know if there's some publicly available endpoint with a valid /.well-known/openid-federation resource I can run some tests against (no last testing, don't worry!).

Private replies welcome!

Thanks and regards

Marcos

El 3/6/20 a las 11:36, Roland Hedberg escribió:

--
You received this message because you are subscribed to the Google Groups "openid-federation-interop" group.
To unsubscribe from this group and stop receiving emails from it, send an email to openid-federation-...@googlegroups.com.
To view this discussion on the web, visit https://groups.google.com/d/msgid/openid-federation-interop/334C0531-8292-42A5-A145-DF7FFE627AFE%40sunet.se.

-- 
Dipl.-Ing. Marcos Sanz Grossón
Leiter Software Engineering

DENIC eG, Kaiserstraße 75 – 77, 60329 Frankfurt am Main, GERMANY
E-Mail: sa...@denic.de, Fon: +49 69 27235-0, Fax: -235
https://www.denic.de

Angaben nach §25a Absatz 1 GenG: DENIC eG (Sitz: Frankfurt am Main)
Vorstand: Martin Küchenthal, Andreas Musielak, Sebastian Röthler, Dr. Jörg Schweiger
Vorsitzender des Aufsichtsrats: Thomas Keller
Eingetragen unter Nr. 770 im Genossenschaftsregister, Amtsgericht Frankfurt am Main

[Vladimir Dzhuvinov]

Hi Marcos,

On 26/06/2020 14:36, Marcos Sanz wrote:

Hi all,

we are a bit late to the interop party, I know.

Still: we are running at the moment some tests with the library we want to release as open source/service and I'd like to know if there's some publicly available endpoint with a valid /.well-known/openid-federation resource I can run some tests against (no last testing, don't worry!).

Private replies welcome!

You can get a sample resource from https://fapi.c2id.com/

This was the server instance used in the fed interop.

To view this discussion on the web, visit https://groups.google.com/d/msgid/openid-federation-interop/e2b8e6e2-be00-ebaf-f75e-d20c001e7c0d%40denic.de.

-- 
Vladimir Dzhuvinov