...
Moonshot trajectory
DATE: 21 November 2012
TIME:
ROOM: Alternative
TOPIC:
CONVENER: Lukas
SCRIBE: Lukas
# of ATTENDEES: Rhys
MAIN ISSUES DISCUSSED
Currently, it's difficult to get an overview about Moonshot and all its technologies. RFCs are to detailed to understand the big picture -> Documentation clearly has to be and will be improved. Moonshot can be supported by participating in the pilot starting 2013, either via eduGAIN task in GN3+ or as independent organisation. Moonshot is heavily based on Radsec which is a more secure and p2p-based version of radius. It does not rely on a hierarchy but establishes direct end-to-end connections. What has to be deployed/provided by: NREN: Deployment guides and instructions for Moonshot-enabling servers (e.g. ssh, exchange), Trust router for transitive trust Home Organisation Radius server and optionally a SAML server (alternatively pySAML can query LDAP directly) Users Moonshot libraries and on some OS a Moonshot identity selector Moonshot will also come with a community portal that allows any moonshot user to create a community with a specific policy for this community. Realms decide whether a user is in a community. Some trustrouters can be authoritative for community. Commmunity membership is expressed as entitlement attribute. Portal bascally is 3rd party attribute provider. Multiple portals can and probably will be operated (e.g. one per federation, one in GEANT, ...). Portal is developed by JISC. Uses LDAP and PHP.
ACTIVITIES GOING FORWARD / NEXT STEPS
...