Use of the Moonshot Test Network
The usage of the Moonshot Test Network is subject to standard Terms and Conditions, including the right to terminate your access to this network prematurely.
1. The Moonshot Test Network
The Moonshot project has created a test network that demonstrates the functionality of the Moonshot technology. Free to use for piloting and testing, this network is designed to be the next step towards a full deployment and joining a Moonshot network. This test network includes an identity provider (to test your services with), two service providers (to test your identity provider with), and a trust router and APC.
1.1. Domains and realms
To demonstrate the difference between trust realms, identity realms, and the actual domain name system, and to avoid conflation of these concepts, the test network uses different values for each.
1.1.1. Trust realm
The trust realm suffix on the test network is
test.assent. Each of the standard test network hosts in the network uses a different trust realm to everyone else, making each of these hosts a unique organisation in their own right. The trust realms are what entities on the network use to facilitate trust amongst themselves.
1.1.2. Identity realm
The only identity realm provided on (and by) the test network is
idp.test.assent. While this realm includes the trust realm suffix, its name is different and does not match any other realms, including its own trust realm.
1.1.3. Communities of Interest (COI)
The only community of interest (COI) that currently exists on the test network is the APC community,
apc.test.assent. All entities on the network belong to this COI. If you want to create a community of your own, please tell us, and we will create one for you. When we create test communities, we will use the realm suffix of
1.1.4. Domain names
The domain names for the standard network hosts are registered in the
1.2.1. The APC
The APC is
apc.moonshot-playpen.ti.ja.net. It is the 'mother' community and identity provider for all the entities in the network as the organisation credentials are verified by the APC host. Its identity realm is
apc.test.assent, which also is its trust realm and the name of the overarching community of interest. This is the only instance where the trust realm, community of interest and identity realms are identical.
1.2.2. The Trust Router
The Trust Router (TR) is
tr.moonshot-playpen.ti.ja.net. It facilitates the trust amongst the different entities in the network.
1.2.3. The IdP
The Identity Provider (IdP) is
idp.moonshot-playpen.ti.ja.net. It serves up the identity realm
idp.test.assent. It serves three identities,
1.2.4. The SP
The first Service Provider (SP) is
rp.moonshot-playpen.ti.ja.net. This SP exposes an SSH service that has only one user:
1.2.5. The web service
The second SP is
service.moonshot-playpen.ti.ja.net. It exposes a web service both on HTTP and HTTPS. Visiting the root will give you access to four web scripts that expose information about your authentication request in different formats.
1.2.6. The portal
The Moonshot portal is
portal.moonshot-playpen.ti.ja.net. Those wishing to test out Moonshot are given access to this portal to control the trust configuration for their services.
2. Registration for use
To use this network, you must apply for an organisation credential. The credential must be used by all your services to identify them to the test network's trust router. To apply for such a credential, email email@example.com with details of your organisation, how long your pilot/testing will run, and your domain and host names. We will invite you to the portal where you are provided with a time-limited credential that will expire at the end of your pilot. If your credential needs to be extended, email us with an approximate extension, and we will adjust the expiry date.
Once your pilot is concluded and you decide to transition to a production network, see the list of trust router operators for one that suits you (currently just Jisc).
3. How to use the network
The network is designed to allow you to use both the services and the identity provider to test your own services and your own identity provider. If you are part of a group of organisations or services trying out Moonshot, you can also test your own services and identity providers amongst your group, using the test network as a facilitator.