cantor.2 at osu.edu
Thu Oct 24 19:29:28 EDT 2019
The SAML trust model  we implement and encourage is predicated on third party federations signing and distributing metadata to avoid bilateral exchange. It's predicated on, among other things, signed metadata that expires regularly, and is re-signed frequently, with the signing key exchanged out of band.
That doesn't work point to point and we don't facilitate that model, it just happens to be something the software can't enforce; it will accept metadata from any source its given with the rules its given. It's up to deployers whether to care what the rules are or not.
More information about the users