[mdx] Small change proposed to draft-young-md-query-saml-07

Tom Scavo trscavo at gmail.com
Thu Nov 9 07:23:04 PST 2017 

On Wed, Nov 8, 2017 at 7:21 PM, Tom Scavo <trscavo at gmail.com> wrote:
>
> ... responder behavior should be well defined.

The following is intended for clarity only. Some optional behavior is
omitted for simplicity.

A conforming MDQ server MUST maintain a list of entityIDs, a list of
hashed enttyIDs, and a mapping between them.

An MDQ server MAY maintain an auxiliary list of unique identifiers. An
identifier on the auxiliary list MUST NOT conflict with the list of
entityIDs.

An MDQ server MAY also maintain an auxiliary list of transformed
identifiers. An identifier on the auxiliary list MUST NOT conflict
with the list of hashed entityIDs, and moreover, the server MUST be
able to map each transformed identifier on the auxiliary list to an
entityID.

Case 1. Unique Identifier

The responder MUST first consult its list of entityIDs.

If the identifier is on the list of entityIDs, the responder MUST
return the corresponding entity descriptor in an HTTP 200 response.

If the identifier is not on the list of entityIDs, the responder MAY
return an HTTP 404 response. Otherwise the responder MUST consult its
auxiliary list of unique identifiers. If the responder does not
maintain an auxiliary list of unique identifiers, the responder MUST
return an HTTP 404 response.

Case 2. Transformed Identifier

The responder MUST first consult its list of hashed entityIDs.

If the transformed identifier is on the list of hashed entityIDs, the
responder MUST return the corresponding entity descriptor in an HTTP
200 response.

If the transformed identifier is not on the list of hashed entityIDs,
the responder MAY return an HTTP 404 response. Otherwise the responder
MUST consult its auxiliary list of transformed identifiers. If the
responder does not maintain an auxiliary list of transformed
identifiers, the responder MUST return an HTTP 404 response.

That's it. I believe this is the intent of the current MDQ protocol
spec. In any case, I'm pretty sure this aligns with current MDQ server
implementations and deployments.

Tom

More information about the mdx mailing list