Versions Compared

Old Version 24

changes.mady.by.user Tomasz Wolniewicz

Saved on

compared with

New Version 30

changes.mady.by.user Tomasz Wolniewicz

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The rules marked red are actually specification errors and should be upgraded to validator errors (to be discussed within the eduGAIN SG)


ConditionLevel
Global
SignificanceReason
1

Signing certificate expired

1-global1Currently implemented as a validator warning. To be confirmed by the SG.

Entity level

2md:EmailAddress in md:ContactPerson element should start with mailto: prefix2-entity4This violates line 495 of https://docs.oasis-open.org/security/saml/v2.0/saml-metadata-2.0-os.pdf and should be considered an error!
3

SIRTFI attribute present and security contact found but no http://refeds.org/metadata/contactType/security contactType

2-entity2SIRTFI specification error
4

SIRTFI attribute declared but no appropriate md:ContactPerson set

2-entity2SIRTFI specification error
5

shibmd:Scope with no regexp attribute

2-entity5https://wiki.shibboleth.net/confluence/display/SC/ShibMetaExt+V1.0 recommendation
6

mdattr:EntityAttributes placed in md:Extensions element of SPSSODescriptor/IDPSSODescriptor, expected in  md:Extensions element of EntityDescriptor

2-entity1Since http://docs.oasis-open.org/security/saml/Post2.0/sstc-metadata-attr.html does not define appearance of this element in places other then md:Extensions element of EntityDescriptor it is most likely that the condition is a result of a mistake.
7

mdrpi:RegistrationPolicy not found

2-entity3eduGAIN SAML profile Section 3
8

mdattr:EntityAttributes element contains saml:AttributeValue with leading/trailing whitespaces

Entity’s role level

2-entity3
9mdui:UIInfo
not
found
, no
but mdui:DisplayName
and mdui:Description
not present3-role3eduGAIN SAML profile Section 3
10mdui:UIInfo
with mdui:DisplayName
found but no mdui:
Description not present
Logo element3-role1eduGAIN SAML profile Section 3
11for SP: mdui:UIInfo not found
but
, no mdui:DisplayName
not present
and mdui:Description present3-role3eduGAIN SAML profile Section 3
12for SP: mdui:UIInfo
found but neither
with mdui:DisplayName
nor
found but mdui:Description not present3-role3eduGAIN SAML profile Section 3
13for SP: mdui:UIInfo found but
no mdui:Logo element
neither mdui:DisplayName nor mdui:Description present3-role3eduGAIN SAML profile Section 3
14this SP does not provide requested attribute specification3-role1left from saml2int - should it be kept?
15Data Protection Code of Conduct declared but no mdui:PrivacyStatementURL found3-role4Violates the CoCo spec
16CoCo declared but md:RequestedAttribute element not found3-role4Violates the CoCo spec
17CoCo declared but mdui:PrivacyStatementURL and md:RequestedAttribute elements not found3-role4Violates the CoCo spec