Interfederation

["Cantor, Scott" <>]

On 3/4/14, 11:35 AM, "Tom Scavo" 
<>
 wrote:
>
>I'm confused. I suspect that's because either the SP or the IdP can do
>the standalone attribute query for additional attributes.

Yes, but metadata is about roles, and so are those labels. An SP or IdP is
a thing that acts as one. It may also act as other things.

> ScottK, I'd
>be interested in knowing which of the two cases you're interested.
>(You may have tried to describe it earlier but I'm afraid I didn't get
>it.)

It really makes no difference.

>ScottC, again correct me if I'm wrong, but regardless of what entity
>does the query, the standalone AttributeAuthority MUST be represented
>in metadata as specified in the extension spec. Right?

No, that's incorrect. The original metadata standard already includes a
role for AttributeAuthorityDescriptor (the server side of the query) and
InCommon already supports it.

You may not be supporting registering an AA *alone* without an
IdPSSODescriptor role, though, which would be an issue, yes.

-- Scott