...
The rules marked red are actually specification errors and should be upgraded to validator errors (to be discussed within the eduGAIN SG)
| Condition | Level | GlobalSignificance | Reason | ||
|---|---|---|---|---|---|
| 1 | Signing certificate expired | global | 1 | Currently implemented as a validator warning. To be confirmed by the SG. | Entity level|
| 2 | md:EmailAddress in md:ContactPerson element should start with mailto: prefix | entity | 4 | This violates line 495 of https://docs.oasis-open.org/security/saml/v2.0/saml-metadata-2.0-os.pdf and should be considered an error! | |
| 3 | SIRTFI attribute present and security contact found but no http://refeds.org/metadata/contactType/security contactType | entity | 2 | SIRTFI specification error | |
| 4 | SIRTFI attribute declared but no appropriate md:ContactPerson set | entity | 2 | SIRTFI specification error | |
| 5 | shibmd:Scope with no regexp attribute | entity | 5 | https://wiki.shibboleth.net/confluence/display/SC/ShibMetaExt+V1.0 recommendation | |
| 6 | mdattr:EntityAttributes placed in md:Extensions element of SPSSODescriptor/IDPSSODescriptor, expected in md:Extensions element of EntityDescriptor | entity | Since http://docs.oasis-open.org/security/saml/Post2.0/sstc-metadata-attr.html does not define appearance of this element in places other then md:Extensions element of EntityDescriptor it is most likely that the condition is a result of a mistake. | ||
| 7 | mdrpi:RegistrationPolicy not found | entity | 3 | eduGAIN SAML profile Section 3 | |
| 8 | mdattr:EntityAttributes element contains saml:AttributeValue with leading/trailing whitespaces | Entity’s role levelentity | |||
| 9 | mdui:UIInfo not found, no mdui:DisplayName and mdui:Description present | role | eduGAIN SAML profile Section 3 | ||
| 10 | mdui:UIInfo with mdui:DisplayName found but mdui:Description not present | role | eduGAIN SAML profile Section 3 | ||
| 11 | mdui:UIInfo found but mdui:DisplayName not present | role | eduGAIN SAML profile Section 3 | ||
| 12 | mdui:UIInfo found but neither mdui:DisplayName nor mdui:Description present | role | eduGAIN SAML profile Section 3 | ||
| 13 | mdui:UIInfo found but no mdui:Logo element | role | eduGAIN SAML profile Section 3 | ||
| 14 | this SP does not provide requested attribute specification | role | left from saml2int - should it be kept? | ||
| 15 | Data Protection Code of Conduct declared but no mdui:PrivacyStatementURL found | role | Violates the CoCo spec | ||
| 16 | CoCo declared but md:RequestedAttribute element not found | role | Violates the CoCo spec | ||
| 17 | CoCo declared but mdui:PrivacyStatementURL and md:RequestedAttribute elements not found | role | Violates the CoCo spec |