Page History

A1

the document root element is md:EntitiesDescriptor

A2

all required namespaces are declared, that is md, mdrpi, mdui, shibmd

A3

md:EntitiesDescriptor contains md:Extensions element with mdrpi:PublicationInfo element in which the publisher and creationInstant attributes exist

A5

validUntil attribute in EntitiesDescriptor element exists, can be converted to a time value and it does not point to the past

[SAML] lines: 348; 316

A6

validUntil attribute with a value not earlier than 120 hours (5 days) and not later than 2304 hours (28 days) after the creationInstant

[eduGAIN-profile] sec. 3

A7

the fetched document schema-validates against following SAML metadata schemas:

• saml-schema-metadata-2.0.xsd - namespace urn:oasis:names:tc:SAML:2.0:metadata

• saml-schema-assertion-2.0.xsd - namespace urn:oasis:names:tc:SAML:2.0:assertion

• saml-metadata-rpi-v1.0.xsd - namespace urn:oasis:names:tc:SAML:metadata:rpi

• shibboleth-metadata-1.0.xsd - namespace urn:mace:shibboleth:metadata:1.0

• sstc-metadata-attr.xsd - namespace urn:oasis:names:tc:SAML:metadata:attribute

• namespace sstc-saml-metadata-ui-v1.0.xsd - namespace urn:oasis:names:tc:SAML:metadata:ui

• sstc-saml-idp-discovery.xsd - namespace urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol

• sstc-saml-metadata-algsupport-v1.0.xsd - namespace urn:oasis:names:tc:SAML:metadata:algsupport

• xml.xsd - namespace http://www.w3.org/XML/1998/namespace (Shibboleth MDA uses version from 2001 http://www.w3.org/2001/xml.xsd, pyFF uses version from 2009 http://www.w3.org/2009/01/xml.xsd which defines xs:lang as union ("The union allows for the 'un-declaration' of xml:lang with the empty string.") 

• xmldsig-core-schema.xsd - namespace http://www.w3.org/2000/09/xmldsig#

• xenc-schema.xsd - namespace http://www.w3.org/2001/04/xmlenc#

• ws-addr.xsd - namespace http://www.w3.org/2005/08/addressing

• ws-securitypolicy-1.2.xsd - namespace http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702

• ws-authorization.xsd - namespace http://docs.oasis-open.org/wsfed/authorization/200706

• ws-federation.xsd - namespace http://docs.oasis-open.org/wsfed/federation/200706

• MetadataExchange.xsd - namespace http://schemas.xmlsoap.org/ws/2004/09/mex

• oasis-200401-wss-wssecurity-utility-1.0.xsd - namespace http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd

• oasis-200401-wss-wssecurity-secext-1.0.xsd - namespace http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd

list of schemas from Shibboleth Metadata Aggregator configuration

and

pyFF sources