edugain-discuss AT lists.geant.org
Subject: An open discussion list for topics related to the eduGAIN interfederation service.
List archive
- From: Peter Schober <peter.schober AT univie.ac.at>
- To: edugain-discuss AT geant.net
- Subject: Re: [eduGAIN-discuss] mdui in EntityDescriptor/Extensions
- Date: Tue, 11 Nov 2014 13:34:59 +0100
- Authentication-results: prod-mail.geant.net (amavisd-new); dkim=pass header.i= AT univie.ac.at
- List-archive: <https://mail.geant.net/mailman/private/edugain-discuss/>
- List-id: eduGAIN discussion list <edugain-discuss.geant.net>
- Organization: ACOnet
* Janusz Ulanowski <janusz.ulanowski AT heanet.ie> [2014-11-11 13:30]:
> I can see some entities have set mdui elements in
> EntityDescriptor/Extensions instead of
> EntityDescriptor/[IDPSSODescriptor|SPSSODescriptor]/Extensions
>
> shouldn't they be fixed?
The spec is very clear about this:
https://wiki.oasis-open.org/security/SAML2MetadataUI
"The <mdui:UIInfo> container element, defined below, MUST appear
within the <md:Extensions> element of a role element (one whose type
is based on md:RoleDescriptorType). The use of the <mdui:UIInfo>
element, or any other element defined in this section, outside of that
context is not defined by this specification."
It's not wrong per se to have that data anywhere else, but not putting
it into the required place is undefined, meaning, the info will (and
should, if you've been asked to) not ever be used.
-peter
- [eduGAIN-discuss] mdui in EntityDescriptor/Extensions, Janusz Ulanowski, 11-Nov-2014
- Re: [eduGAIN-discuss] mdui in EntityDescriptor/Extensions, Peter Schober, 11/11/2014
- Re: [eduGAIN-discuss] mdui in EntityDescriptor/Extensions, Janusz Ulanowski, 11-Nov-2014
Archive powered by MHonArc 2.6.19.