Subject Re: Fwd: Consultation: Metadata Registration Practice Statement
From Nicole Harris
Date Mon, 12 Jan 2015 16:51:49 +0000

On 12/01/2015 15:57, Tom Scavo wrote:
On Mon, Jan 12, 2015 at 10:43 AM, Andrew Cormack
> <Andrew.Cormack@xxxxxxxxxx> wrote:
>> So even if you're not interested in a possible eduGAIN normative function, it's well worth considering (and commenting on) whether the common structure would make your own life easier.
> It would be only marginally useful, I think. Anything intended for the
> human reader is only marginally useful. Machine readable indicators of
> registration practices are the only thing that scales (obviously).
> I'm reminding of an observation that Leif (and others) have made from
> time to time. A SAML entity descriptor is analogous to an X.509
> certificate. There are reasonably well-understood categories of
> certificates:
> 1. Domain valid certificates
> 2. Organizational valid certificatesdicat
> 3. Extended validation certificates
> Can't we do the same for metadata? For instance, REEP metadata is
> domain valid. Presumably most federation metadata is organizational
> valid. 
Well I think to some extent we *are* trying to do something sort of
equivalent (sort of stressed here) to that but you can't reach the
machine-readable without the human readable and we haven't got close to
being machine readable yet.  I've said from the very beginning that the
FOP work is merely about documenting current practice and gathering
information that we need need to know or that others have asked us to
expose.  There is a lot more to be done from there, including the
hand-off to normative environments where these things will actually matter.

I'd also strongly disagree that X.509 is *just* a simple machine
readable approach.  There are always human readable documents behind any
machine readable indicators.  If it helps, think of this as a
Certificate Practice Statement. 

> We should try to define what these terms mean and tag entity
> descriptors accordingly.
> Just my two cents,
> Tom

