SHib 3.2.1
Tom Scavo
trscavo at gmail.com
Wed Nov 29 11:53:34 EST 2017
On Wed, Nov 29, 2017 at 9:41 AM, Peter Schober
<peter.schober at univie.ac.at> wrote:
> * Cheltenham, Chris <ccheltenham-ext at philasd.org> [2017-11-29 15:23]:
>> Does anyone know why there are multiple certificates in our metadata?
>>
>> There are 5 to be exact
>
> They're not /all/ different, though, right?
I couldn't resist...
Here's a back-of-the-envelope calculation of the number of
KeyDescriptors in eduGAIN metadata:
$ cat /tmp/edugain-metadata.xml | xsltproc
./misc/xslt/list_all_key_descriptors_txt.xsl - | cut -f1 -d" " | sort
| uniq -c
2204 AttributeAuthorityDescriptor
3541 IDPSSODescriptor
2190 SPSSODescriptor
And here is the distribution of the number of KeyDescriptors per role
descriptor:
$ cat /tmp/edugain-metadata.xml | xsltproc
./misc/xslt/list_all_key_descriptors_txt.xsl - | cut -f1,3 -d" " |
sort | uniq -c | sed -e 's/^ *//' | cut -f1,2 -d" " | sort | uniq -c
1152 1 AttributeAuthorityDescriptor
1940 1 IDPSSODescriptor
1382 1 SPSSODescriptor
90 2 AttributeAuthorityDescriptor
338 2 IDPSSODescriptor
372 2 SPSSODescriptor
280 3 AttributeAuthorityDescriptor
295 3 IDPSSODescriptor
20 3 SPSSODescriptor
8 4 AttributeAuthorityDescriptor
10 4 IDPSSODescriptor
1 4 SPSSODescriptor
I did not check the content of each KeyDescriptor, just how many there
are per role descriptor. For example, there are 10 IDPSSODescriptors
with 4 KeyDescriptors each. That's not completely out of the ball park
but I wouldn't expect any more than that under normal circumstances.
Tom
More information about the users
mailing list