skip signature check on cached copy of verified metadata at restart
Basics
Technical
Logistics
Basics
Technical
Logistics
Description
The signature filter for an XML metadata provider can take a relatively long time to complete for large metadata feeds such as the InCommon metadata feed now that it contains eduGAIN, and that delay can be problematic at startup time.
This RFE would change the shibd so that once a signature filter is successfully applied to an XML metadata provider with a 'url' option the file pointed to by 'backingFilePath' is marked as "trusted" and during a restart that local file can be read first with other filters applied but not the signature filter.
The idea being that I trust my local file system to preserve the bits well enough that I do not need to check the signature again on a restart, only on subsequent downloads.
Environment
None
Activity
Rod Widdowson November 9, 2017 at 3:20 PM
Well simple test shows that the serialized output isn't exactly the same as the input. I'm not sure if I it matters (whitespace between the attributes for the <EntityDescriptor.
I'll need to find an MDQ server which signs its metadata and run a test.
Gosh isn't this fun...
Scott Cantor November 9, 2017 at 3:10 PM
That was the Xerces CR bug that bit us because it wasn't encoding it.
Rod Widdowson November 9, 2017 at 3:05 PM
Yea, if easy.
I actually found this case because it turns out that it is structurally hard to just slam what you get over the "SOAP" channel down to disk and you have to serialize the entityId to Dom to Disk, which always raises the spectre of screwing the siganture when you do it (indeed was there not a case about exactly that that I fixed? I cannot find it)
Scott Cantor November 9, 2017 at 2:48 PM
I suppose, for consistency, but it's not really much of a concern in that case.
Rod Widdowson November 9, 2017 at 2:44 PM
Adding a comment that we want to do this when reloading an MDQ populated cache.
The signature filter for an XML metadata provider can take a relatively long time to complete for large metadata feeds such as the InCommon metadata feed now that it contains eduGAIN, and that delay can be problematic at startup time.
This RFE would change the shibd so that once a signature filter is successfully applied to an XML metadata provider with a 'url' option the file pointed to by 'backingFilePath' is marked as "trusted" and during a restart that local file can be read first with other filters applied but
not the signature filter.
The idea being that I trust my local file system to preserve the bits well enough that I do not need to check the signature again on a restart, only on subsequent downloads.