Shibboleth Developers

[Tom Scavo <>]

On 6/25/05, Scott Cantor 
<>
 wrote:
> 
> In practice, signing and TLS are supposed to have separate certificates
> anyway, but in reality I'm sure not going to encourage people that
> barely know what a private key is to generate more than one and keep
> them straight.

So you're looking at this from the standpoint of support, which is a
totally valid point of view.  I'm just trying to understand all the
ramifications.

> If you think your audience is more informed, you're welcome to suggest
> it. ;-)

From what I've seen so far, the grid world is immersed in PKI, yes.

Ultimately, we will ask our users to add an AA endpoint to an existing
IdP deployment.  We would like the installation and configuration of
GridShib (including the metadata files) to be completely separate from
Shibboleth, which is turning out to be quite a challenge.

So we will ask our users to first install, configure, and test a
Shibboleth IdP.  That's why we have such an interest in Shibboleth
install scripts, config files, metadata, and documentation.  If
installing Shibboleth is easy, installing GridShib on top of that
should be even easier.  It's a win-win situation for everybody.

Thanks,
Tom