shibboleth-dev - Re: example-metatdata.xml
Subject: Shibboleth Developers
List archive
- From: Walter Hoehn <>
- To: Tom Scavo <>
- Cc: Shibboleth Development <>
- Subject: Re: example-metatdata.xml
- Date: Fri, 24 Jun 2005 16:33:46 -0500
Each physical instance of the IdP software can use many credentials, both in the apache vhost setups and in idp.xml for signing. An assumption is made in the IdP configuration that each logical IdP uses only one credential for all signing operations pertaining to a specific relying party. A single logical IdP could use different credentials for signing and TLS, as long as the metadata is configured appropriately. A <RoleDescriptor/> element, for instance, can include multiple <KeyDescriptor/> elements. I'm not sure what you mean by "KeyDescriptor element listed per vhost".
-Walter
On Jun 24, 2005, at 4:06 PM, Tom Scavo wrote:
Just trying to better understand the example metadata file shipping
with Shib 1.3. On the IdP side, there are as many as three different
credentials that might be specified per vhost (signing, 443, 8443).
Since there is only one KeyDescriptor element listed per vhost, a
single credential is being used for all three, correct?
Thanks,
Tom
- example-metatdata.xml, Tom Scavo, 06/24/2005
- Re: example-metatdata.xml, Walter Hoehn, 06/24/2005
- Re: example-metatdata.xml, Tom Scavo, 06/25/2005
- RE: example-metatdata.xml, Scott Cantor, 06/24/2005
- Re: example-metatdata.xml, Tom Scavo, 06/25/2005
- Re: example-metatdata.xml, Scott Cantor, 06/25/2005
- Re: example-metatdata.xml, Tom Scavo, 06/25/2005
- Re: example-metatdata.xml, Scott Cantor, 06/25/2005
- Re: example-metatdata.xml, Tom Scavo, 06/25/2005
- Re: example-metatdata.xml, Scott Cantor, 06/25/2005
- Re: example-metatdata.xml, Tom Scavo, 06/25/2005
- Re: example-metatdata.xml, Walter Hoehn, 06/24/2005
Archive powered by MHonArc 2.6.16.