Closed vladimir-mencl-eresearch closed 5 years ago
FWIW, I've tended to put mine at the Entity level. I assume InCommon does, etc. We probably should fix the text to say that.
Fixed via text and indentation corrections.
Thanks for the clarification.
I have found a minor inconsistency - regarding whether
md:ContactPerson
goes into SPSSODescriptor/IDPSSODescriptor, or into EntityDescriptor directly.[SDP-MD11] reads:
Does not say whether they are inside a RoleDescriptor or at the root EntityDescriptor.
But both [SDP-SP39] and [SDP-IDP33], which aim to provide just a summary, say:
(I've condensed both SP/IdP cases into the above, hope the substitutions are obvious).
I know SAML 2.0 Metadata standard allows ContactPerson in either location. I have seen either being used.
And for example, eduGAIN Metadata Profile asks for md:ContactPerson directly inside the EntityDescriptor - see page 4 at https://technical.edugain.org/doc/eduGAIN_metadata_profile.pdf
I do not know which is the right way to go, but at the very least, this specification should be consistent internally. If the intention of [SDP-MD11] was to have ContactPerson in the RoleDescriptor, it should be explicitly stated. Otherwise, it's not consistent with [SDP-SP39] and [SDP-IDP33].
Cheers, Vlad