2 Versioning and Applicability

This document describes the metadata registration practices of the UK federation with effect from its date of publication as shown on the cover page. All new entity registrations performed on or after that date SHALL be processed as described here until this document is superseded by a later edition.

Registration practices change over time; editions of this document are distinguished by their dates of publication and by a compact URL derived from that date. The compact URL for an MDRPS published on a particular date SHALL be:

http://ukfederation.org.uk/doc/mdrps-YYYYMMDD

Where:

• YYYY represents the document’s year of publication,

• MM represents the document’s month of publication, from “01” to “12”,

• DD represents the document’s day of publication, from “01” to “31”.

The MDRPS currently in effect for new registrations, as well as archived copies of earlier MDRPS documents still relevant for older entities, SHALL be published on the UK federation web site at the following URL:

http://ukfederation.org.uk/mdrps

Metadata for all entities registered by the UK federation registrar SHALL make use of the [SAML-Metadata-RPI-V1.0] metadata extension to indicate:

• The fact that the UK federation registrar was the registrar for the entity, and

• The particular MDRPS which applies to the entity, if any.

For example, the following metadata fragment represents an entity registered by the UK federation registrar under the practices documented in the (fictional) MDRPS of 1 January 2006:

<EntityDescriptor entityID="https://example.org/entity">
  <Extensions>
    <mdrpi:RegistrationInfo
      registrationAuthority="http://ukfederation.org.uk"
      registrationInstant="2006-03-09T10:06:35Z"/>
      <mdrpi:RegistrationPolicy
        xml:lang="en">http://ukfederation.org.uk/doc/mdrps-20060101</mdrpi:RegistrationPolicy>
    </mdrpi:RegistrationInfo>
   <Extensions>
   ...

An entity whose <mdrpi:RegistrationInfo> does not include reference to a specific MDRPS by including an <mdrpi:RegistrationPolicy> element MUST be assumed to have been registered under a historic, undeclared registration practice regime. This can be assumed to have been broadly similar to a more recent documented MDRPS, and such an assumption may be adequate for many relying parties.

If a metadata relying party requires assurance of an entity’s compliance with a documented MDRPS, a request MAY be made via the UK federation helpdesk for the registrar to perform an MDRPS re-evaluation for the entity. Such a re-evaluation MAY be performed for a registered entity at the registrar’s discretion under the following circumstances:

• At the request of a relying party,

• When an entity’s metadata is changed by the entity’s registrant,

• When a new MDRPS edition is published.

The expected result of an MDRPS re-evaluation is to verify the entity’s registration against the then-current MDRPS, with the metadata published for the entity being updated to reflect this.

Requests to re-evaluate an entity in terms of a previous MDRPS SHALL NOT be accepted.

Documents

• Current TRP (1.6)
• Current FTS (1.6)
• Current MDRPS (20130902)

Resources

• Federation Site
• About This Site