Skip to Content.
Sympa Menu

metadata-support - Re: [Metadata-Support] MDQ format options?

Subject: InCommon metadata support

List archive

Re: [Metadata-Support] MDQ format options?


Chronological Thread 
  • From: Tom Poage <>
  • To: "" <>
  • Subject: Re: [Metadata-Support] MDQ format options?
  • Date: Tue, 6 Dec 2016 21:26:11 +0000
  • Accept-language: en-US
  • Authentication-results: spf=none (sender IP is ) ;
  • Ironport-phdr: 9a23:HS+LKBDoheiwFrEobWAQUyQJP3N1i/DPJgcQr6AfoPdwSPTyp8bcNUDSrc9gkEXOFd2CrakV0KyL6+u+CCQp2tWoiDg6aptCVhsI2409vjcLJ4q7M3D9N+PgdCcgHc5PBxdP9nC/NlVJSo6lPwWB6nK94iQPFRrhKAF7Ovr6GpLIj8Swyuu+54Dfbx9GiTe5b75+NhW7oRneusQXhYZpN7o8xAbOrnZUYepd2HlmJUiUnxby58ew+IBs/iFNsP8/9MBOTLv3cb0gQbNXEDopPWY15Nb2tRbYVguA+mEcUmQNnRVWBQXO8Qz3UY3wsiv+sep9xTWaMMjrRr06RTiu86FmQwLuhSwaNTA27XvXh9RwgqxFvRyhuxJxzY3aYI6XM/R+f7/Sc9wVSmdaQsZeTClBDp+8b4cTDecMO/tToYnnp1sJqBuzHReiBOTqyjRVnHH22rc10+s/Hgrb2wEgA9wOsGzTrNrvO6cdT/u4zLTUwjredfxWxzb96JPSfh8/vP6MQKt9fMzMwkchEAPFi0+fqY3jPz6N1+QNtXSU7+1lVeKqjG4nrRt9oj+1xscjjITCm4Ebykjc+Clk3oo4Jse0RFNlbdK4CpdduT+WO5FoTs8/QGxkoDs2xqMFtJKhYSQG1ogrywTCZ/GFaYSE/x3uWPiJLTtlhX9ofKiziwiy/EWv0OHwS8i53ExXoidBjtXBsG0G2QbJ5cidUPR9+1+s2TaR2ADX7eFJOVs0la/HK54537I8jIcTvljeESDshkX2jbSWel869ee19uTrerTmppmCOI9okgzyL7oil8+lDeglLAQCQ3KX9Oqi2LH540H1XbZHguUzkqbDsZDaIcobprS+Aw9Qyosj9xi/Dy+h0NsCknkIMklIeA+bgIf0IV7OPvH4Deylj1uyjThr2ujKPqf9DZXVMnjDjLDhcK58605a1AUzytVf55dTCrEHOv7zXVXxtNPBAh88LQO03/zoB8hn2YMCQ22DG7SZML7KsV+Q4eIvOfWMaZQRuDb8MPgl++XugWEjlV8ce6mpwYUYaGq+Hvt4P0WVf2DgjckcHmcX7UICS7mgjVCeWDJae3/3RL8k/jYhFKqnC4zEQ4WqhvqGxijxVslTa3xPBlmQGDLzap2cXO0QQCOUKchklzsCE7+7RNly+wupsVrGzL8vFu3d9SBQ4Y7tzN986OD7iBo+/CJ1FIKQ33zbHDI8pX8BWzJjhPM3mkd60FrWiaU=
  • Spamdiagnosticmetadata: NSPM
  • Spamdiagnosticoutput: 1:99


> On Dec 6, 2016, at 1:07 PM, Tom Scavo
> <>
> wrote:
...
>> http://mdq-beta.incommon.org/global/entities/foo?format=raw
...
> No, the current implementation does not support that feature but I
> agree that the first option (at least) is a perfectly reasonable thing
> to expect. The second option would be indistinguishable from an
> ordinary request.


Perhaps better that it doesn’t? I’ve been trying to find ways to get
unknowledgeable (and non-participating) vendors to obtain a
trusted/verifiable copy of our IdP metadata.

Many vendors, albeit understandably, refuse to download the InCommon
aggregate. Even if they do, understanding the content and parsing out our IdP
metadata, often by hand (ugh), and without even broaching the extra
consideration of signature verification, seems an insurmountable task for the
typical kind of support person on that end assigned to the task.

I’ve resisted self-publishing our IdP metadata (with or without local
signature, to varying degrees of success), so the MDQ server seemed a good
bet. Now to get them to take that small but oh so important step of verifying
what they download!

And, Ian, thanks for the additional explanation. Helpful.

Tom.


Archive powered by MHonArc 2.6.19.

Top of Page