[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: A3.1 Meta-data Use-Cases / A3.2 Meta-data exchange Use-Case
This note describes the meta-data specification and exchange
use-cases: (1) Meta-data: An Identity provider (IdP) and Service Provider (SP) agree
to support one or more SAML 2.0 profiles. A certain amount of static configuration
information describing profiles implemented, optional parts of the profile
implemented/unimplemented, optional parts of SAML assertions
used in the profiles, service end-points and trust relationships needs to be
captured and exchanged between the IdP and the SP.
The meta-data schema provides an XML representation for this information. Given an (IdP, SP) pair, it should be possible to extract the
relevant meta-data as a single element from the representation. It should
further be possible to isolate the data "belonging" to the services
implemented by the SP as an element (SP metadata). It should further be
possible to isolate the data "belonging" to the services
implemented by the IdP as an
element (IdP metadata)
(2) Meta-data Exchange: Typically, we expect agreements
between IdP and SP to be made offline and meta-data
to be constructed as part of this agreement. However, it would be convenient if
there were some means of retrieving the SP metadata component of the (IdP, SP) metadata from a site
administered by the SP. Similarly, it would be convenient if there were some
means of retrieving the IdP
metadata component of the (IdP, SP) metadata from a
site administered by the IdP. The specification should
also indicate appropriate measures to secure this exchange. Prateek Mishra Director, Tech&Arch Netegrity p: 781-530-6564 c: 617-875-4970 |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]