shibboleth-dev - RE: Feature request for metadatatool
Subject: Shibboleth Developers
List archive
- From: Jim Fox <>
- To:
- Subject: RE: Feature request for metadatatool
- Date: Wed, 23 Nov 2005 11:17:47 -0800 (PST)
We (Univ of Washington) just use curl without metadatatool to
retrieve the metadata files.
You do verify them at some point, right? I added some support to the SP to
actually verify signatures when a file is loaded into the configuration, but
that isn't how I'd expect people to do it, and it's not supported by the
IdP.
Yes, but that brings up a point. Our production installation won't
verify the metadata. The tool always says "signature did not
verify". Our development idp also 1.3, but version 1.3c, does
verify the signatures OK.
If the production system signs a file it can then verify it -
and the dev system can verify it also. However, if the dev system
signs a file the production system cannot verify it.
This does not seems to otherwise cause the IdP any trouble, and
will likely go away on the next production upgrade, so I haven't
looked into it further.
Jim
- Feature request for metadatatool, Lukas Haemmerle, 11/23/2005
- RE: Feature request for metadatatool, Scott Cantor, 11/23/2005
- RE: Feature request for metadatatool, Jim Fox, 11/23/2005
- RE: Feature request for metadatatool, Scott Cantor, 11/23/2005
- RE: Feature request for metadatatool, Jim Fox, 11/23/2005
- RE: Feature request for metadatatool, Scott Cantor, 11/23/2005
- RE: Feature request for metadatatool, Jim Fox, 11/23/2005
- RE: Feature request for metadatatool, Scott Cantor, 11/23/2005
- RE: Feature request for metadatatool, Jim Fox, 11/23/2005
- RE: Feature request for metadatatool, Scott Cantor, 11/23/2005
- Re: Feature request for metadatatool, Lukas Haemmerle, 11/24/2005
- Re: Feature request for metadatatool, Scott Cantor, 11/24/2005
- RE: Feature request for metadatatool, Jim Fox, 11/23/2005
- RE: Feature request for metadatatool, Scott Cantor, 11/23/2005
Archive powered by MHonArc 2.6.16.