Federation 4 /7.2 - not clear handling when 'metadata' duplicated in the trust chain
Issue #1158
resolved
In 2.1 it is allowed, that Entity Statement from an intermediate over a leaf entity also contains “metadata” claim.
In result, in the trust chain for a leaf entity X as per notation in 7.2 we have:
ES[0] - self statement of entity X, iss=X, sub=X
ES[1] - statement of intermediate Y over X, iss=Y, sub=X
Both ES[0] and ES[1] can contain “metadata” claim (as per 2.1) with the same subject sub=X. The specification is not clear whether in such situation:
- it is intended or allowed to have such duplication
- it shall be verified if the two are identical and if not, whether such statement shall be rejected
Comments (5)
-
-
Account Deleted Makes perfectly sense. Thanks.
-
-
assigned issue to
-
assigned issue to
-
Roland will clarify when metadata can appear and when metadata policy can appear.
-
- changed status to resolved
This is done in the latest version of the specification.
- Log in to comment
An entity statement published by one entity about another entity MUST NOT contain a
metadata
claim. I will change 2.1 to reflect that. If it does that claim MUST be ignored.