...
Condition Evaluated | Reason | |
---|---|---|
A1 | the document root element is md:EntitiesDescriptor | [SAMLMeta] sec. 2.3 |
A2 | all required namespaces are declared, that is md, mdrpi, mdui, shibmd | [eduGAIN-profile] sec. 1.3 |
A3 | md:EntitiesDescriptor contains md:Extensions element with mdrpi:PublicationInfo element in which the publisher and creationInstant attributes exist | [eduGAIN-Profile] sec. 3 |
A4 | the creationInstant attribute uses the dateTime format required by SAMLMeta and does not point to the future | [MDRPI] sec. 2.2.1 |
A5 | validUntil attribute in EntitiesDescriptor element exists, can be converted to a time value and it does not point to the past | [SAML] lines: 348; 316 |
A6 | validUntil attribute with a value not earlier than 120 hours (5 days) and not later than 2304 hours (28 days) after the creationInstant | [eduGAIN-profile] sec. 3 |
A7 | the fetched document schema-validates against following SAML metadata schemas:
| list of schemas from Shibboleth Metadata Aggregator configuration and pyFF sources |
For each md:EntityDescriptor element the following verification is performed:
...
a federation metadata feed is unavailable (the corresponding federation feed channel is not responding)
a federation metadata feed does not validate correctly
an alert is raised and delivered to the Operational Team. An error status is set on the eduGAIN status page https://technical.edugain.org/status and the cause of the error is displayed in the details section. The remaining cache time is also displayed. The status is also available through the eduGAIN access API, as described on: https://technical.edugain.org/monitoring. If the error condition persists reminder messages are sent in the intervals of 6 hours. If the federation metadata feed can be accessed/validated again, a recovery message is delivered to the eduGAIN OT.
During every aggregation run the validUntil timer for each of the federation metadata feeds is performed.
...
. Detailed description of alert procedures is provided on the alerts page.
Detailed technical description
...