Describe Federation principles
In #2122, @Roland Hedberg wrote this:
When an entity enters into a federation it must accept and abide by the rules that the federation has specified. At the same time the federation must behave in a predictable way and of course follow the federation rules and the behaviour specified in the OpenID federation document. It’s a mutual agreement.
One of the cornerstones of the OpenID federation document is that each entity's view matters. For instance an intermediate may want to further restrict the metadata of its subordinates compared to what its superiors defines and it must be allowed to do so.
We should add these principles to the specification. They’re important for all to understand.
Comments (9)
-
-
reporter -
assigned issue to
Tom, we’re talking about online services that are participating in a Federation - not people.
-
assigned issue to
-
So, to be clear, if a student is sitting in her dorm room trying to check out a book from a library at a distant school, there is NO WAY that her computer will be considered a leaf node in the federation? Just remember that this use case is the original one for this spec. Maybe you need to make it clear that a personal computer MUST NOT be a part of a federation.
-
reporter - changed status to open
I tried to apply this to the introduction today and came to the conclusion that these statements are mostly about applying policies to metadata. Thus, I’m going to wait until @Vladimir Dzhuvinov's rewrite of the metadata policy language is in place before creating a PR to apply these principles to the specification - if indeed, additional language is even still needed.
-
reporter - edited description
- changed title to Describe Federation principles
-
reporter I propose to close this since I believe that @Vladimir Dzhuvinov 's new Principles section in https://bitbucket.org/openid/connect/pull-requests/718 covers this ground admirably. See the rendered version at https://connect2id.com/assets/standards/drafts/openid-federation-1_0.html#name-principles .
-
reporter The new principles section is now published at https://openid.net/specs/openid-federation-1_0-34.html#name-principles. @Vladimir Dzhuvinov , @Roland Hedberg , @Giuseppe De Marco , are there points in Roland’s statements in the issue description that we still want to add to the spec, and if so, where?
For instance, I don’t know that we’ve explicitly covered the point “each entity's view matters“. We could, for instance, add a heading “All entities' contributions matter”. This could come before the “Hierarchy” heading or the content could become part of it.
What do people think?
-
reporter Will be fixed by https://bitbucket.org/openid/connect/pull-requests/730
-
reporter - changed status to resolved
- Log in to comment
does an entity include a human being, like a student at a school? If so this doesn’t sound desirable, let alone legal.