...
The first step is to choose an entity ID for each of the SAML entities to be deployed. Please choose these names with care, because once you publish them, it will be difficult to change the names later on.
Scope
TBDThe IdP uses a scope to qualify certain user attributes. Scoped attributes are globally unique provided the scope is carefully chosen. By convention, the scope is the primary DNS domain of the IdP.
User Interface Elements
https://spaces.at.internet2.edu/display/InCCollaborate/UIInfo
...
A SAML entity uses public key cryptography to secure the data transmitted to trusted partners. Public keys are published in the form of X.509 Certificates in Metadata. The whereas the corresponding private keys are held securely by the SAML entity. These keys are used for message-level signing and encryption, and to create secure channels for transporting SAML messages.
Info | ||
---|---|---|
| ||
In addition to message-level signing and encryption, X.509 certificates in metadata are used for SSL/TLS back-channel SOAP exchanges, typically on a port like 8443. These certificates are not the same as and have nothing to do with SSL/TLS certificates used for browser-facing transactions over port 443. The latter certificates are not contained in metadata. |
...