...
condition evaluated | reason | |
|---|---|---|
S1 | The signature exists and is valid | eduGAIN-profile] section 4 |
S2 | The signature can be validated with the public key configured for the federation metadata channel | [eduGAIN-profile] section 4 |
| S3 | The signature was made using an explicit ID reference, not an empty reference | [eduGAIN-profile] section 4 |
| S4 | The signature reference refers to the document element | [eduGAIN-profile] section 4 |
| S5 | The signature's digest algorithm is at least as strong as SHA-256, and does not use MD5 | [eduGAIN-profile] section 4 |
| S6 | The signature's signature method is RSA with an associated digest at least as strong as | [eduGAIN-profile] section 4 |
| S7 | The signature's transforms contain only these permissible values:
| [eduGAIN-profile] section 4 |
| S8 | RSA/EC key used to sign metadata is at least 2048/256 bits in length | [eduGAIN-profile] section 4 |
Verification of metadata validity
...