edugain-discuss AT lists.geant.org
Subject: An open discussion list for topics related to the eduGAIN interfederation service.
List archive
- From: Jan Tomasek <jan.tomasek AT cesnet.cz>
- To: edugain-discuss AT geant.net
- Subject: [eduGAIN-discuss] Removing X509SerialNumber from metadata?
- Date: Tue, 27 Aug 2013 12:09:08 +0200
- List-archive: <https://mail.geant.net/mailman/private/edugain-discuss/>
- List-id: eduGAIN discussion list <edugain-discuss.geant.net>
Hello,
I'm facing problems with OpenAthens Service Provider which is getting
crazy of this:
<ds:X509SerialNumber>331672357796567899002876163212412578804</ds:X509SerialNumber>
being too big integer. The problem is within schema
xmldsig-core-schema-fixed.xsd which defines X509SerialNumber as number
instead. For eduID.cz I'm using fixed schema with definition:
<simpleType name="X509SerialNumberType">
<restriction base="string">
<pattern value="[0-9][0-9]*"/>
<maxLength value="48"/>
</restriction>
</simpleType>
I'm not sure why some SP put this into metadata, but I'm trying to
respect them and republish their metadata within eduID.cz.
I see that eduGAIN metadata are free of X509SerialNumber. Does MDX
remove this element? Or you were just lucky and one provided metadata
with this extension?
eduserv recomends this:
https://docs.openathens.net/display/public/OASP20/Czech+academic+identity+federation+metadata+parsing+issue
which doesn't make me very happy as it means they trash digital
signature and very likely breaks automatic metadata upgrade.
Opinions? Suggestions?
Thanks
--
--------------------------------------------------------------
Jan Tomasek aka Semik work: CESNET, z.s.p.o.
http://staff.cesnet.cz/~semik/ Zikova 4, 160 00 Praha 6
Czech Republic
phone: +420 234 680 279 http://www.cesnet.cz/
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
- [eduGAIN-discuss] Removing X509SerialNumber from metadata?, Jan Tomasek, 08/27/2013
- Re: [eduGAIN-discuss] Removing X509SerialNumber from metadata?, Ian Young, 27-Aug-2013
- Re: [eduGAIN-discuss] Removing X509SerialNumber from metadata?, Jan Tomasek, 28-Aug-2013
- Re: [eduGAIN-discuss] Removing X509SerialNumber from metadata?, Ian Young, 28-Aug-2013
- Re: [eduGAIN-discuss] Removing X509SerialNumber from metadata?, Jan Tomasek, 28-Aug-2013
- Re: [eduGAIN-discuss] Removing X509SerialNumber from metadata?, Ian Young, 28-Aug-2013
- Re: [eduGAIN-discuss] Removing X509SerialNumber from metadata?, Jan Tomasek, 28-Aug-2013
- Re: [eduGAIN-discuss] Removing X509SerialNumber from metadata?, Ian Young, 28-Aug-2013
- Re: [eduGAIN-discuss] Removing X509SerialNumber from metadata?, Jan Tomasek, 28-Aug-2013
- Re: [eduGAIN-discuss] Removing X509SerialNumber from metadata?, Ian Young, 28-Aug-2013
- Re: [eduGAIN-discuss] Removing X509SerialNumber from metadata?, Jan Tomasek, 28-Aug-2013
- Re: [eduGAIN-discuss] Removing X509SerialNumber from metadata?, Ian Young, 27-Aug-2013
Archive powered by MHonArc 2.6.19.