[SDP-IDP33]: shibmd:Scope in EntityDescriptor vs RoleDescriptor

[vladimir-mencl-eresearch]

Hi,

Besides #134, I caught another similar issue: [SDP-IDP33] says:

By virtue of this profile’s requirements, an IdP’s metadata MUST contain:

• an element at the role level containing
  • at least one element
    • alternately, the element(s) MAY instead reside in an element at the root () level

Because the first bullet-point quoted here (md:Extensions) sits at the same (top) level as the one about md:IDPSSODescriptor, it does not nest the Extensions into the role descriptor, and it instead reads as being at the top (EntityDescriptor) level.

However, the third-nested bullet-point ("Alternatively") assumes the role descriptor was meant by the text quoted above and says "or alternatively, can be at the top level".

Minor wording inconsistency - it should be clear what was meant about overall placing of md:Extensions - whether inside a Role descriptor or at the top level EntityDescriptor.

Cheers, Vlad

[scantor]

Not sure I agree but I guess we could indent the bullets.

[scantor]

Fixed indentation.

[vladimir-mencl-eresearch]

And thanks for this clarification too - now it is clear where these extensions should go.