Skip to Content.
Sympa Menu

edugain-discuss - Re: [eduGAIN-discuss] SWAMID Identity Provider Opt-out

edugain-discuss AT lists.geant.org

Subject: An open discussion list for topics related to the eduGAIN interfederation service.

List archive

Re: [eduGAIN-discuss] SWAMID Identity Provider Opt-out


Chronological Thread 
    < Chronological >      < Thread >
  • From: Mads Freek Petersen <freek AT wayf.dk>
  • To: Tomasz Wolniewicz <twoln AT umk.pl>
  • Cc: edugain-discuss AT geant.net, edugain-tsg AT geant.net
  • Subject: Re: [eduGAIN-discuss] SWAMID Identity Provider Opt-out
  • Date: Fri, 14 Nov 2014 14:59:33 +0100
  • List-archive: <https://mail.geant.net/mailman/private/edugain-discuss/>
  • List-id: eduGAIN discussion list <edugain-discuss.geant.net>
HI Tomaz or maybe Leif

> On 13 Nov 2014, at 22:04, Tomasz Wolniewicz <twoln AT umk.pl> wrote:
>
> Hi,
> It turned out that the old MDS has a problem with the new SWAMID feed
> validation (MDS problem, not metadata).
> Therefore we had no option but to finally switch production to the new,
> pyFF based, MDS.

Is there a reason we should know for using a non-exclusive
canonicalizationmethod for the SignedInfo, but an exclusive one for the
transform of the referenced document?

The metadata spec says: “SAML implementations SHOULD use Exclusive
Canonicalization, with or without comments, both in the
<ds:CanonicalizationMethod> element of <ds:SignedInfo>, and as a
<ds:Transform>…”

-Mads

Mads Freek Petersen
Developer
freek AT wayf.dk
+ 45 25 27 80 61

7 Rued Langgårds vej, 5. floor
DK-2300 Copenhagen S
Denmark





Archive powered by MHonArc 2.6.19.

Top of Page