The validUntil attribute in SP metadata: should we require it?
shibboleth655 at lewenberg.com
shibboleth655 at lewenberg.com
Fri Sep 13 09:38:30 EDT 2019
We run a local federation for on-campus SPs. These SPs are both
locally-run applications as well as third-party cloud applications. Some
of the submitted SP metadata has the validUntil attribute, most does not.
Many (most?) of our SPs would rather omit it entirely as it is just one
more thing that can get in the way of their application working.
When an SP operator asks why they should include the validUntil
attribute I say that it if they don't have their own reasons for using
it, it _does_ force life-cycle management.
I would like to hear what other IdP operators do for validUntil: do they
require it? encourage it? reasons?
More information about the users
mailing list