Skip to Content.
Sympa Menu

shibboleth-dev - Re: Gridshib profile

Subject: Shibboleth Developers

List archive

Re: Gridshib profile


Chronological Thread 
  • From: Tom Scavo <>
  • To: Tom Barton <>
  • Cc: Walter Hoehn <>, Von Welch <>,
  • Subject: Re: Gridshib profile
  • Date: Wed, 19 Jan 2005 09:05:28 -0500
  • Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:references; b=VKbWfh/vMXzVsbLheu+5UgxK3vkz7CnxIXLP521R7EyDegSIPI9SOOBGARA3rMXYzSP0HND4G2sACbiAfi0zwtOjt72ci+0UccLuJezABnHYZhPQBEfL2yW10enJ4l5LpdmwInyP3wp6Ck545YKWCxgLO6Pu4fNEFSxB/WH5EsM=
On Wed, 19 Jan 2005 07:48:13 -0600, Tom Barton
<>
wrote:
>
>
> Walter Hoehn wrote:
> > A couple of comments. Sorry if we've been over these before, but it's
> > been a mighty long time since we've discussed it.
> >
> > 1) In section I.2a it seems that it would be more inline with current
> > practice to place and IdP provider id in the certificate extension.
> > This could then be used to lookup the set of valid attribute query
> > endpoints.
>
> Ok. What "resolver" is used to look them up?

The IdP providerId itself resolves the metadata. Convention is that
the metadata resides at the location given by the providerId.

> Are you referring to
> metadata maintained and distributed to IdPs and SPs by a 3rd party (a
> federation), that an SP would use to look up a provider id?

No, the providers maintain and publish their own metadata at
conventional locations (given by their respective providerIds).

Tom S.

Archive powered by MHonArc 2.6.16.

Top of Page