quick expiry of SP Meta data

Peter Schober peter.schober at univie.ac.at
Mon May 6 07:41:48 EDT 2019

* Lalith Jayaweera <ljayaweera at gmail.com> [2019-05-06 03:31]:
> I will discourage this, however if we can come up with some meta data
> signing process with the SP,
> Then I believe that is the way to go? correct?

They would also need to re-sign that metadata regularly, each time
pushing the validUntil expiration date into the (near, say, between a
couple of days and a few weeks) future.

This is explained in the documentation I already pointed you to:


More information about the users mailing list