[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: EntitiesDescriptor/@ID value
A question in our community arose, whether a dynamically changing md:EntitiesDescriptor/@ID value in SAML metadata had any advantages, esp. security-related ones, where the md:EntitiesDescriptor is signed and the ID value is used as reference for signing (ds:Reference/@URI). If doing so provides no real benefit (as some have claimed) a static value would allow some metadata consumers to match on the ID value for other, internal purposes. Though keeping the ID static at all times, even when the document changes (e.g. <md:EntityDescriptor>s being added or removed or changed), might also have/cause other issues? Thanks, -peter
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]