Last updated: 
1 month 2 weeks ago
Group Manager

Project Moonshot is a Janet-led initiative, in partnership with the GÉANT project and others, to develop a single unifying technology for extending the benefits of federated identity to a broad range of non-Web services, including Cloud infrastructures, High Performance Computing & Grid infrastructures and other commonly deployed services including mail, file store, remote access and instant messaging.

The goal of the technology is to enable the management of access to a broad range of services and applications, using a single technology and infrastructure. This is expected to significantly improve the delivery of these services by providing users with a common single sign-on, for both internal and external services. Service providers will be able to more easily offer their services to users from other organisations using a single common authentication mechanism. This will enhance the user’s experience, and reduce costs for those organisations supporting users, and delivering services to them.

This group is for community of Moonshot users, whether you're new to the technology, you're currently evaluating and getting to grips with it, or you've deployed it. For the list of guidance available about Moonshot within this group, see the Start Here wiki page.

Jisc Assent, the production service underpinned by the Moonshot technology, went live on 25th March 2015. For information on, or to join the Jisc Assent service, please visit


You will no doubt have already received advisories about vulnerabilities in the 1.0.1-series of OpenSSL[1] affecting TLS enabled services via the heartbeat extension.

The advice for Moonshot is very similar to an advisory you may have received from eduroam[2].

While there are no indications that CVE-2014-0160[3] is being actively exploited via TLS-based EAP-mechanisms or RADIUS/TLS (aka RadSec) at this time, the software used by Moonshot *is* vulnerable to a "heartbleed" attack.


Those of you who have been following Moonshot for a while will be aware that from the outset we have been keen to get the technology adopted as a standard. Thanks to the hard work of the Application Bridging for Federated Access Beyond web (ABFAB) Working Group of the IETF, December saw an important milestone with the publication of three Moonshot-related RFC documents:

RFC 7055

Title: A GSS-API Mechanism for the Extensible Authentication Protocol

Author: Author: S. Hartman, Ed., J. Howlett


As we ramp up towards the Janet Pilot we are aiming to provide incremental DVD releases. The latest release is  Moonshot Pilot Release 1 DVD which can be found at:

And the corresponding .source directory.

This image includes a few bug fixes. The most notable is that the installer is fixed and you can now just boot into the image and install to a running system.


Last night Sam Hartman from Painless Security published a code update to ensure Moonshot is in line with the the latest IETF specs.

In particular:

Prev | Next