[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Best practice for utilising signed metadata
When metadata is generated by a vendor product and then signed as currently recommended in NZSAMS. A mismatch can occur when metadata elements optional according to the metadata specification, but mandatory within NZSAMS are not contained within the generated metadata. The missing metadata elements cannot be added manually after metadata generation, as signature verification of the metadata would fail. This scenario could occur when SAML implementations do not generate metadata with all the NZSAMS required elements and attributes.
My questions are
Thanks in advance for any assistance you can provideBen Yeoman
Working on behalf of the New Zealand State Services Commission