[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Updated PE25 SAML Metadata Feature in SAMLConf
Updated to reflect consensus voiced on today's call. Comments? --Nick Document: Conformance Description: Conformance document does not specify any requirements with respect to metadata. It is suggested that the conformance document be updated as follows. Change to Table 2: Feature Matrix IdP IdPLite SP SPLite ECP FEATURE Metadata OPT OPT OPT OPT N/A Change to Table 4: SAML Authority and Requester Matrix AuthnAuth AttribAuth AuthZDcsnAuth Requester FEATURE Metadata OPT OPT OPT OPT New sub-section to Section 3 (Conformance): 3.6 Metadata Implementations claiming conformance to SAMLv2.0 may declare each operational mode's conformance to SAMLv2.0 Metadata [SAMLMeta] through election of the Metadata option. With respect to each operational mode, such conformance entails the following: * Implementing SAML metadata according to the extensible SAMLv2.0 Metadata format in all cases where an interoperating peer has the option, as stated in SAMLv2.0 specifications, of depending on the existence of SAMLv2.0 Metadata. Electing the Metadata option has the effect of requiring such metadata be available to the interoperating peer. The means of satisfying this requirement is detailed below. * Referencing, consuming, and adherence to the SAML metadata, according to [SAMLMeta], of an interoperating peer when the known metadata relevant to that peer and the particular operation, and the current exchange, has expired or is no longer valid in cache, provided the metadata is available and is not prohibited by policy or the particular operation and that specific exchange. * Election of the Metadata option requires the implementation offer, in addition to any other mechanism, the well-known location publication and resolution mechanism described in SAMLMeta.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]