Refeds


Subject Re: Fwd: Consultation: Metadata Registration Practice Statement
From Tom Scavo <trscavo@xxxxxxxxxxxxx>
Date Mon, 12 Jan 2015 10:57:35 -0500

On Mon, Jan 12, 2015 at 10:43 AM, Andrew Cormack
<Andrew.Cormack@xxxxxxxxxx> wrote:
>
> So even if you're not interested in a possible eduGAIN normative function, it's well worth considering (and commenting on) whether the common structure would make your own life easier.

It would be only marginally useful, I think. Anything intended for the
human reader is only marginally useful. Machine readable indicators of
registration practices are the only thing that scales (obviously).

I'm reminding of an observation that Leif (and others) have made from
time to time. A SAML entity descriptor is analogous to an X.509
certificate. There are reasonably well-understood categories of
certificates:

1. Domain valid certificates
2. Organizational valid certificates
3. Extended validation certificates

Can't we do the same for metadata? For instance, REEP metadata is
domain valid. Presumably most federation metadata is organizational
valid. We should try to define what these terms mean and tag entity
descriptors accordingly.

Just my two cents,

Tom