16th TF-EMC2. Copenhagen, September 2010

Proxying in Federationland

• The obvious application Access to resources with “old-fashioned” access control Typically, IP-based But others possible as well

• And many others Deep linking support (a.k.a. WAYFless URLs) Federation-aware resolvers Proxies at the provider Radical privacy preservation

16th TF-EMC2. Copenhagen, September 2010

A ProposalTo be covered by REFEDS budget

16th TF-EMC2. Copenhagen, September 2010

Some Objections

• Would this cover all the interesting use cases listed before? Only the first one may not justify the effort

• How are scalability and dependability issues to be addressed? Single point of failure, heavy loads… At least one IP per institution

• Why a single, commercial product?• Is this of interest to the whole community?

16th TF-EMC2. Copenhagen, September 2010

And Some Questions

• Is this the only available product (in production level) for a given task? Similar to SecureW2 in eduroam for Windows

• Even if some of us don't use it, will its widespread use by others benefits the whole community? Similar to Shibboleth

• Is there an agreement with the product provider, so the community gets a better deal? A-la-TCS

• The answer to the first question is no• The answer to the second one could be affirmative if

Proxy-at-the-provider is an option The interface is general enough to support other proxy SW

• Shall we contact OCLC to see what happens with question three?