An open discussion list for topics related to the eduGAIN interfederation service.

[Maja Wolniewicz <mgw AT umk.pl>]

Hi,

Following Ian's suggestions I've added to the eduGAIN metadata validator
two new things:

1. A warning if ds:Refrence in Signature element does not follow the
signature profile described in section 3.1.2 of the SAML metadata 
specification:
   Signed metadata elements MUST supply a value for the identifier
attribute on the signed element. The element may or may not be the root
element
   of the actual XML document containing the signed metadata element.
   Signatures MUST contain a single <ds:Reference> containing a URI
reference to the identifier attribute value of the metadata element
being signed.
   For example, if the identifier attribute value is "foo", then the URI
attribute in the <ds:Reference> element MUST be "#foo".
      
Ultimately this should become MUST

2. A warning if some entity from metadata uses key less than 2048 bits
which will be disallowed from 1-Jan-2014 - this information is presented
in Warnings, Detailed info and Enitieties list tabs.

Maja

-- 
Maja Gorecka-Wolniewicz          mgw AT umk.pl
Uczelniane Centrum               Information & Communication
Informatyczne                    Technology Centre
Uniwersytet Mikolaja Kopernika   Nicolaus Copernicus University
Coll. Maximum, pl. Rapackiego 1, 87-100 Torun, Poland
tel.: +48 56-611-27-40 fax: +48 56-622-18-50 tel. kom.: +48-693032574

Attachment: smime.p7s
Description: Kryptograficzna sygnatura S/MIME