If you work on managing or developing Research and Education federations – or are simply curious about browser privacy – this post is for you. We delve into the navigational tracking mitigations currently implemented in major web browsers. In a follow-up post, we will present experiments that examine the impact of these mitigations on the […]
Tag: IdP
A recent incident affecting a small number of entities in the UK federation has alerted us to some issues related to the distribution of default cryptographic keys. The following advice applies to both service providers (SP) and identity providers (IdP). The risk of using a default key is that someone may impersonate you. As […]
IdP operators: consider using MDQ (metadata query) Configuring your self-hosted IdP to use MDQ (metadata query) has three key benefits: a reduced memory footprint mitigation against a class of disruptive errors as the size of metadata increases robustness against problematic metadata. Half of the IdPs in the UK federation use MDQ already. The UK federation […]