Interfederation

["Cantor, Scott" <>]

On 5/28/13 6:26 PM, "John Krienke" 
<>
 wrote:
>
>Here is my follow up question that relates more to policy. Section 2.5.1
>line 
>285 of the Metadata IOP reads:
>"Compromised keys MUST be removed from an entity's metadata."
>
>This is a policy statement for the MD Producer to follow.

IOP is not trying to talk about how you construct the metadata, but rather
what it means, but unfortunately politics around PKIX meant that this was
very hard to get across without people complaining.

If the key is present, the consumer is obligated to treat it as valid.
That's the point here. If you don't cause a revoked key to be removed,
then obviously the consumer will accept the key. How much you care is
really outside the scope of the document, so that MUST is really not a
good piece of spec language. But if I tried to "fix" it, I'd get ten more
complaints.

>If I were to follow the logic behind the need for removal of compromised
>keys, 
>it would be that I care about compromise because previously I cared
>somewhere 
>about possession of the keys in the first place.

There is no first mover in this document and everywhere it even talks
about the producer is a part I wish I hadn't had to write. The metadata
document stands alone, and means a specific set of things to running
software. The job of everything else is to ensure that to some risk
tolerance, giving somebody metadata meaning that set of things won't cause
a problem, but all IOP wants to address if it could get away with doing so
is what that set of things is.

That may or may not bear on referencing it so explicitly from edugain
without more text.

-- Scott