Skip to Content.
Sympa Menu

shibboleth-dev - Re: comments: draft-mace-shibboleth-arch-protocols-10

Subject: Shibboleth Developers

List archive

Re: comments: draft-mace-shibboleth-arch-protocols-10


Chronological Thread 
  • From: Scott Cantor <>
  • To:
  • Cc: Shibboleth Development <>
  • Subject: Re: comments: draft-mace-shibboleth-arch-protocols-10
  • Date: Sat, 10 Sep 2005 13:04:15 -0400

Tom Scavo wrote:

I guess I'm trying to avoid having to rewrite the GridShib profiles
from scratch. Our attribute exchange profile is a straightforward
extension of the Shibboleth Attribute Exchange profile, but it seems
our metadata profile will have to be written from scratch, on top of
the SAML 1.x Metadata profile. I guess that's okay. I wasn't
thinking along those lines until now. Your wording in the Shib spec
has brought this point home.

I think I would expect most SAML profiles to end up with a pretty specific metadata profile suited to that situation, because metadata is so important to the interoperability of implementations once they're in the hands of actual users. If the metadata schema itself works, profiles should compose effectively with each other.

I think when it's just developers testing their code at conferences, you can get the wire profile by itself to work with enough knob twisting, which is basically what my experience was. But when there was a consistent metadata profile between the peers, as I had with with Trustgenix and HP, it was much easier.

Luckily, writing a metadata profile isn't terribly complex.

-- Scott



Archive powered by MHonArc 2.6.16.

Top of Page