Global reach for SAML metadata. Read More...
samlbits.org is a community-driven effort to provide global availability to identity federation technical trust components - notably SAML metadata. We are currently in the process of establishing sites at key locations across the globe. Global availability of technical trust components is critical for interfederation: the process of connecting islands of local trust to form a global trust infrastructure.
samlbits.org adds a cache- and global availability layer to the trust fabric of SAML-based identity federations. At scale, SAML-based identity federations often use SAML metadata to manage technical trust beteween federation members.
Making SAML metadata available 247 becomes critically important.
Since the trust model is typcally based on signing SAML metadata rather than on transport security, performance and availability can be improved by by adding a caching layer. This is where samlbits.org comes in. Using proven web-caching technology and geo-aware DNS borrowed from the pool.ntp.org project, samlbits.net turns a locally signed SAML metadata file or MDX endpoint into a globally cached, highly available resource.
samlbits.org assignes to each hosted resource a CDN identifier which can be used to reference the hosted site directly. For instance ktr is the CDN identifier for the Kantara Trust Registry and so http://ktr.cdn.samlbits.net provides access to the Kantara Trust Registry. In addition the CDN supports the
Host header and serves the Kantara Trust Registry site when
Host: trust.kantarainitiative.org is a request header. Use either mechanism or both together!
Send an email to leifj at mnt.se to get your SAML metadata resource hosted by samlbits.org and listed in the table below:
|CDN identifier||Description||CDN URI|
|ktr||Kantara Initiative Trust Registry||http://ktr.cdn.samlbits.net|
samlbits.org draws on ideas from the pool.ntp.org project to combines a simple distributed monitoring system combined with a geo-aware DNS server and an array of web caches. These components are located across multiple sites and there is no single point of failure.
samlbits.org runs completely on OpenSource software. Some components are developed by the project:
samlbits.org is currently looking to establish sites in Asia, Africa, US West Coast and additional sites in Europe - sponsor the project by providing co-location facilities and/or server infrastructure. You can also sponsor by donating other resources to the project. The co-location facilities should be well connected to the Internet and need to have both ipv4 and ipv6 connectivity. Send an email to leifj at mnt.se if you are willing and able to help.