...
This document specifies recommendations for upstream metadata produced by eduGAIN participants. Failure to comply with these recommendations will result in a warning produced by the eduGAIN metadata validator using the eduGAIN SAML profile v2.
The recommendations are organised as a set of rules which may be easily verified by the eduGAIN metadata validator.
The rules table below lists currently implemented validator warnings, those marked red are actually specification errors and should be upgraded to validator errors (to be discussed within the eduGAIN SG)
| Condition | Level | Significance | Reason |
---|
Global warnings |
---|
1 | Signing certificate expired | 1-global | 1 | Currently implemented as a validator warning. To be confirmed by the SG. |
Warnings on entity levelWarnings on entity’s role level not , no and mdui:Description not present | 3-role | 3 | eduGAIN SAML profile Section 3 |
10 | mdui:UIInfo |
with mdui:DisplayName Description not presentLogo element | 3-role | 1 | eduGAIN SAML profile Section 3 |
11 | for SP: mdui:UIInfo not found |
but not presentand mdui:Description present | 3-role | 3 | eduGAIN SAML profile Section 3 |
12 | for SP: mdui:UIInfo |
found but neither nor found but mdui:Description not present | 3-role | 3 | eduGAIN SAML profile Section 3 |
13 | for SP: mdui:UIInfo found but |
no mdui:Logo elementneither mdui:DisplayName nor mdui:Description present | 3-role | 3 | eduGAIN SAML profile Section 3 |
14 | this SP does not provide requested attribute specification | 3-role | 1 | left from saml2int - should it be kept? |
15 | Data Protection Code of Conduct declared but no mdui:PrivacyStatementURL found | 3-role | 4 | Violates the CoCo spec |
16 | CoCo declared but md:RequestedAttribute element not found | 3-role | 4 | Violates the CoCo spec |
17 | CoCo declared but mdui:PrivacyStatementURL and md:RequestedAttribute elements not found | 3-role | 4 | Violates the CoCo spec |