Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Whatever the action the eduGAIN OT will undertake, it will promptly contact the Identity Federation responsible for the feed and it will try to solve the issue without any service interruption whenever possible.

In When the case a the rejection of the feed is unavoidable, the eduGAIN OT will support the Identity Federation to restore the feed as soon as possible. Please note that even in the case of rejection of the feed containing the offending values, the last available feed will still be valid and it will continue to be published as part of the eduGAIN metadata aggregate.

...

CodeUpstream ConditionsDownstream ConditionsKnow Operational IssuesActions
CR

The upstream metadata feed of an eduGAIN member contains a CR (Carriage Return) as a literal character reference ("
"  or "
").

An eduGAIN member picks up the eduGAIN metadata aggreagate and republishes it to its own parties leaving untouched the CR literal character reference.

(2016) Relying parties not able to validate the metadata.

(2019-08-21) .NET based signature validation fails  (ADFSToolkit and other Powershell aggregate handlers impacted) - signaled by InCommon member to ADFSToolkit team via ADFSToolkit issue tracker, escalated and resolved by InCommon support. 

(2020) .NET based signature validation fails (ADFSToolkit and  other Powershell aggregate handlers not able to validate the metadata).

  • Reject the upstream feed containing the CR.
  • Immediately notify the Identity Federation responsible for the feed in order to fix it.

...