Skip to Content.
Sympa Menu

shibboleth-dev - Re: Metadata Generator

Subject: Shibboleth Developers

List archive

Re: Metadata Generator


Chronological Thread 
  • From: Tom Scavo <>
  • To:
  • Subject: Re: Metadata Generator
  • Date: Wed, 10 Aug 2005 13:42:54 -0400
  • Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=e5lpbYezfReCtrKP1TZxJLz4+JpndCnUGHELuoJaYpjlRDAc506HqaAmp9ptZ5L58NHUBhvkJ5a6tB/AaF/jbCmHzu04VAiVXcNSm2E/vv5HpuNmPZL+Vn3m8AUo9mBDNnCOmgH4lj/Eq91cPfiXx3vKWbsoYBVHDfHhq+NS/sE=

On 8/10/05, Scott Cantor
<>
wrote:
>
> I think the idea here would be to say "just give this to your partner so he
> can add the file in as a MetadataProvider" rather than dealing with the
> EntitiesDescriptor idea. People can come to figure that in some other way.

Right, I see what you're saying, but the EntitiesDescriptor wouldn't
be complete without schemaLocation so that would have to be added
after the fact. Also, what about the Name attribute? That also needs
to be added after the fact, and the IdP config file needs to be
adjusted accordingly. All in all, it seems the EntitiesDescriptor
element is more trouble than it's worth.

> You could maybe provide a pointer to instructions in the Wiki (yet to be
> written ;-) on how to sign the file with metadatatool...

For what this tool will be used for, shouldn't the EntityDescriptor be
signed (and not EntitiesDescriptor)? As Nate notes, every time you
add an EntityDescriptor to a signed EntitiesDescriptor, you have to
resign.

I think adding an EntitiesDescriptor element is a mistake, but maybe
I'm not understanding all the uses of this tool.

Tom



Archive powered by MHonArc 2.6.16.

Top of Page