The Incommon Federation wiki has moved.

Please visit the new InCommon Federation Library wiki for updated content. Remember to update your bookmarks.

Click in the link above if you are not automatically redirected in 15 seconds.



You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

Uniform Resource Names as Entity IDs

The use of Uniform Resource Names (URNs) as entity IDs in the InCommon Federation is NOT RECOMMENDED. If an URN is used, the URN namespace MUST be owned by (or delegated to) the organization, that is, the organization MUST document the existence of a valid authorization chain rooted in a namespace listed in the Official IANA Registry of URN Namespaces.

To illustrate, suppose Internet2 submitted SP metadata with entity ID:

urn:mace:incommon:internet2.edu:sp

This particular entity ID would be acceptable since:

  1. The urn:mace namespace is registered with IANA.
  2. InCommon is authorized by MACE to use the urn:mace:incommon namespace.
  3. Internet2 is authorized by InCommon to use the urn:mace:incommon:internet2.edu namespace (by virtue of the fact that the latter appears in metadata signed by InCommon Operations).

Therefore the entity ID shown above is valid since there exists a valid authorization chain rooted in an official registered namespace (urn:mace).

#trackbackRdf ($trackbackUtils.getContentIdentifier($page) $page.title $trackbackUtils.getPingUrl($page))
  • No labels