Removal of triple scope and UKFederationMember elements from UK federation metadata aggregate publications

Posted on Monday, 1 November 2021

We are implementing today some planned changes to a few aspects of the UK federation's metadata which were announced in August (2021-08-25-new-federation-documents) and reproduced below.

These changes are not expected to cause operational issues however if any issues do arise, please contact our Support Desk (FedSupport) as usual.

Changes being implemented today:

1. The triple scope convention will be retired on 1 November 2021. This experimental feature intended to reduce the size of metadata is being discontinued. In the unlikely event that your Service Provider relies on a copy of the shibmd:Scope being present in the Extensions element of an entity's EntityDescriptor, instead of the typical location in the IDPSSODescriptor or AttributeAuthorityDescriptor, you will have to modify your deployment. You can test your deployment now against the test aggregate. Details in section 3.5.2 of the FTS.

2. The ukfedlabel:UKFederationMember element will be retired on 1 November 2021 in favour of standardised Metadata extensions for Registration and Publication Information (mdrpi). This will be replaced by the UK federation's mdrpi:registrationAuthority URL on entities registered by the UK federation. IdP operators should review their attribute filtering rules to ensure that they do not have any which depend on the ukfedlabel:UKFederationMember element. Similarly, SP operators which have authorization rules based on presence of this element should migrate to the new mechanism. You can test your deployment now against the test aggregate. Details in section 3.6.1 of the FTS. Edited by MatthewSlowe on 01 November 2021, at 10:36 AM