edugain-discuss AT lists.geant.org
Subject: An open discussion list for topics related to the eduGAIN interfederation service.
List archive
Re: [eduGAIN-discuss] EntityDescriptor-embedded signature with invalid reference URI in eduGAIN metadata
Chronological Thread
- From: Peter Schober <peter.schober AT univie.ac.at>
- To: edugain-discuss AT lists.geant.org
- Subject: Re: [eduGAIN-discuss] EntityDescriptor-embedded signature with invalid reference URI in eduGAIN metadata
- Date: Wed, 18 Sep 2019 08:26:08 +0200
- Organization: ACOnet
* Zenon Mousmoulas <zmousm AT noc.grnet.gr> [2019-09-18 08:09]:
> I suppose this signature should have been stripped at some point.
* All signatures need be able to be verified by all metadata consumers.
So if that signature is NOT by the federation operator (but by an
entity owner) this signature must be removed by the federation
operator before publishing.
* There's no upside to signing individual EntityDescriptors within a
signed EntitiesDescriptor element when publishing aggregates, so if
the signature is by the federation operator it should still be
removed there.
So yes, it should be removed in either case.
The pyff distribution comes with an XSLT snippet that does just that:
https://github.com/IdentityPython/pyFF/blob/master/src/pyff/xslt/unsign.xsl
but that would have to be applied by RoEduNet before publishing (or
even registering that metadata within their systems/federation).
-peter
- [eduGAIN-discuss] EntityDescriptor-embedded signature with invalid reference URI in eduGAIN metadata, Zenon Mousmoulas, 18-Sep-2019
- Re: [eduGAIN-discuss] EntityDescriptor-embedded signature with invalid reference URI in eduGAIN metadata, Peter Schober, 09/18/2019
- Re: [eduGAIN-discuss] EntityDescriptor-embedded signature with invalid reference URI in eduGAIN metadata, Peter Schober, 18-Sep-2019
- Re: [eduGAIN-discuss] EntityDescriptor-embedded signature with invalid reference URI in eduGAIN metadata, Wolfgang Pempe, 18-Sep-2019
- Re: [eduGAIN-discuss] EntityDescriptor-embedded signature with invalid reference URI in eduGAIN metadata, Valeriu Vraciu, 18-Sep-2019
- Re: [eduGAIN-discuss] EntityDescriptor-embedded signature with invalid reference URI in eduGAIN metadata, Peter Schober, 18-Sep-2019
- Re: [eduGAIN-discuss] EntityDescriptor-embedded signature with invalid reference URI in eduGAIN metadata, Davide Vaghetti, 18-Sep-2019
- Re: [eduGAIN-discuss] EntityDescriptor-embedded signature with invalid reference URI in eduGAIN metadata, Peter Schober, 18-Sep-2019
- Re: [eduGAIN-discuss] EntityDescriptor-embedded signature with invalid reference URI in eduGAIN metadata, Wolfgang Pempe, 18-Sep-2019
- Re: [eduGAIN-discuss] EntityDescriptor-embedded signature with invalid reference URI in eduGAIN metadata, Davide Vaghetti, 18-Sep-2019
- Re: [eduGAIN-discuss] EntityDescriptor-embedded signature with invalid reference URI in eduGAIN metadata, Valeriu Vraciu, 18-Sep-2019
- Re: [eduGAIN-discuss] EntityDescriptor-embedded signature with invalid reference URI in eduGAIN metadata, Peter Schober, 18-Sep-2019
- Re: [eduGAIN-discuss] EntityDescriptor-embedded signature with invalid reference URI in eduGAIN metadata, Peter Schober, 18-Sep-2019
- Re: [eduGAIN-discuss] EntityDescriptor-embedded signature with invalid reference URI in eduGAIN metadata, Peter Schober, 09/18/2019
Archive powered by MHonArc 2.6.19.