[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Updated PE25 SAML Metadata Feature in SAMLConf
Updated to reflect consensus voiced on today's call.
Comments?
--Nick
Document: Conformance
Description: Conformance document does not specify any requirements
with respect to metadata. It is suggested that the conformance
document be updated as follows.
Change to Table 2: Feature Matrix
IdP IdPLite SP SPLite ECP
FEATURE
Metadata OPT OPT OPT OPT N/A
Change to Table 4: SAML Authority and Requester Matrix
AuthnAuth AttribAuth AuthZDcsnAuth Requester
FEATURE
Metadata OPT OPT OPT OPT
New sub-section to Section 3 (Conformance):
3.6 Metadata
Implementations claiming conformance to SAMLv2.0 may declare each
operational mode's conformance to SAMLv2.0 Metadata [SAMLMeta] through
election of the Metadata option.
With respect to each operational mode, such conformance entails the
following:
* Implementing SAML metadata according to the extensible SAMLv2.0
Metadata format in all cases where an interoperating peer has the option,
as stated in SAMLv2.0 specifications, of depending on the existence of
SAMLv2.0 Metadata. Electing the Metadata option has the effect of
requiring such metadata be available to the interoperating peer.
The means of satisfying this requirement is detailed below.
* Referencing, consuming, and adherence to the SAML metadata,
according to [SAMLMeta], of an interoperating peer when the known
metadata relevant to that peer and the particular operation, and the
current exchange, has expired or is no longer valid in cache, provided
the metadata is available and is not prohibited by policy or the
particular operation and that specific exchange.
* Election of the Metadata option requires the implementation offer,
in addition to any other mechanism, the well-known location
publication and resolution mechanism described in SAMLMeta.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]