shibboleth-dev - configuring a metadata file or directory

Subject: Shibboleth Developers

List archive

configuring a metadata file or directory

From: Tom Scavo <>
To: Shibboleth Development <>
Subject: configuring a metadata file or directory
Date: Wed, 25 Feb 2009 08:54:27 -0600
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type :content-transfer-encoding; b=KqouEiuh/cNdq49aMoqosLsx6kv77cALUWBEC8ruXgm7TtNg4YPCL71/9CsAe9Us/i mPeAg74bwEJrWR5h/VPYo8knOm7CLyQsCS7adfRmN9B2xYMcnH08yra0PvP5Jt0tw1sB RKfRXmQwK64xtQM4o+pbcr5GPgVTza6JiaGco=

AFAIK Shibboleth has always required metadata to be configured on a
per-file basis. It would be more convenient (and less error prone)
for deployers if there were a configurable metadata directory Then
all you have to do is drop a metadata file into the directory and go.

So my question is why does Shibboleth require metadata *files* to be
configured (as opposed to directories)? Is the implementation choice
merely historical in nature or is there some potential security
vulnerability that I'm not seeing?

Thanks in advance,
Tom

configuring a metadata file or directory, Tom Scavo, 02/25/2009
- Re: [Shib-Dev] configuring a metadata file or directory, Christopher A Bongaarts, 02/25/2009
  - RE: [Shib-Dev] configuring a metadata file or directory, Scott Cantor, 02/25/2009
    - Re: [Shib-Dev] configuring a metadata file or directory, Paul Hethmon, 02/25/2009
      - RE: [Shib-Dev] configuring a metadata file or directory, Scott Cantor, 02/25/2009
        
        Re: [Shib-Dev] configuring a metadata file or directory, Paul Hethmon, 02/25/2009
        
        RE: [Shib-Dev] configuring a metadata file or directory, Scott Cantor, 02/25/2009
  - Message not available
    - Re: [Shib-Dev] configuring a metadata file or directory, Tom Scavo, 02/25/2009
      - RE: [Shib-Dev] configuring a metadata file or directory, Scott Cantor, 02/25/2009

List archive

configuring a metadata file or directory