Subject: Re: [security-services] EntityDescriptorType ID attribute
>> The EntityDescriptorType complex type contains an optional attribute >> 'ID'. >> >> SAML2Meta is clear that the value of this attribute can only be >> assumed to be document-unique. Would it be harmful to profile the use >> of this attribute to be globally unique? If so, would an extension be >> a better strategy? > > Is this about making entities unique or recognizing when they're > not? This > reminds me of the French recently asking me to convert my metadata > generation to rely on a stable ID value instead of a random one. It's about making an instance of an <EntityDescriptor> unique; i.e., similar semantics to an X.509 certificate's serial number. josh.