...
Deployments are strongly encouraged to refresh metadata at least daily. If your metadata client supports HTTP Conditional GET, configure the client to attempt a refresh operation metadata every hour. This strategy provides the best protection in the event of a key compromise.
...
- If the metadata file does not have a
validUntilXML attribute on the root element. - If the
validUntilattribute date on the root element is expired. - If the
validUntilattribute date on the root element is too far into the future.
A metadata reload refresh process should check each of the above conditions before accepting the metadata; alternatively . Alternatively, if your SAML implementation is known to ignore/reject expired metadata (a basic correctness requirement), it may be sufficient to ensure that a validUntil attribute exists and its date value is not unexpectedly far into the future.
| Warning | ||
|---|---|---|
| ||
Verifying the signature on a SAML metadata file does not verify validate the presence or value of an expiration date. The only way to verify validate the expiration date is to parse the XML. |
...