ADFS, SharePoint, and InCommon?

Cantor, Scott cantor.2 at
Fri Nov 16 18:44:41 EST 2012

On 11/16/12 6:14 PM, "THIA Jean-Marie" <jean-marie.thia at> wrote:

>I don't have much time to browse the wiki for good practice in checking
>the metadata file. So if you have ideas or pointers to what should be
>done make the script better I will do my best.

If you're going to use the trust model we use, you can't only check
validUntil, but must ensure that a validUntil exists of no more than a
specified duration from the time of evaluation. Otherwise you're open to
being fed metadata that's valid forever and that makes key revocation

-- Scott

More information about the users mailing list