From 87f7a32e18a15d6c667e36fffa7f2a866d6c9505 Mon Sep 17 00:00:00 2001 From: cantor Date: Tue, 24 Feb 2004 14:16:00 +0000 Subject: [PATCH] Trust metadata schema git-svn-id: https://subversion.switch.ch/svn/shibboleth/java-idp/trunk@899 ab3bd59b-922f-494d-bb5f-6f0a3c29deca --- src/schemas/shibboleth-trust-1.0.xsd | 62 ++++++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) create mode 100644 src/schemas/shibboleth-trust-1.0.xsd diff --git a/src/schemas/shibboleth-trust-1.0.xsd b/src/schemas/shibboleth-trust-1.0.xsd new file mode 100644 index 0000000..cb783c3 --- /dev/null +++ b/src/schemas/shibboleth-trust-1.0.xsd @@ -0,0 +1,62 @@ + + + + + + + + Trust metadata binds keys or authority lists to system entities. + The metadata consumer is responsible for associating the names of system entities + to the application context in an appropriate way. + + + + + + + An optionally signed collection of trust binding elements. + ds:KeyInfo is by definition a binding of a key to a specific entity, + which may be specified in various ways such as KeyName or X509SubjectName. + + + + + + + + + + + + + + + + + + + + + + + Binds keying authorities to one or more named system entities. + Omitting ds:KeyName will apply the authorities to all transactions, unless + another specific match applies. This is risky, so use wisely, in conjunction + with constraints on acceptable messages using other forms of metadata or policy. + + + + + + + + + + + -- 1.7.10.4