Do not patch @use-less KeyDescriptors destined for the export aggrega…

…te, so that exported metadata is as close to registered metadata as possible. Do not check the export aggregate against the "publishable" rulesets, which now only apply to UK federation publication.
InCommon · May 11, 2011 · 148f792 · 148f792
1 parent 8fcf486
commit 148f792
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 14 deletions.
diff --git a/build.xml b/build.xml
@@ -417,7 +417,9 @@
 
     <!--
         Check a metadata document for publishability.  This is applied during all
-        publication flows prior to any signature step.
+        UK publication flows prior to any signature step.  It is not applied to
+        export flows, for which we desire the closest possible correspondence to
+        the registered metadata.
         
         At the moment, this is a single test which is no longer being performed elsewhere
         but should pass by construction.  In the longer term it may make sense to
@@ -454,7 +456,6 @@
 		<XALAN x="uk_master_export.xsl" i="${uk.master.file}"
 			o="${md.export.unsigned}" />
 		<MDNORM i="${md.export.unsigned}"/>
-        <CHECK.publishable i="${xml.dir}/${md.export.unsigned}"/>
 
 		<!-- [31] -->
 		<XALAN x="uk_master_back.xsl" i="${uk.master.file}"

diff --git a/build/uk_master_export.xsl b/build/uk_master_export.xsl
@@ -129,18 +129,6 @@
 		</xsl:if>
 	</xsl:template>
 
-	<!--
-		Patch any @use-less KeyName descriptors in IdP roles
-		for the benefit of Shib SPs pre-1.3.1.
-	-->
-	<xsl:template match="md:IDPSSODescriptor/md:KeyDescriptor[not(@use)] |
-		md:AttributeAuthorityDescriptor/md:KeyDescriptor[not(@use)]">
-		<xsl:copy>
-			<xsl:attribute name="use">signing</xsl:attribute>
-			<xsl:apply-templates/>
-		</xsl:copy>
-	</xsl:template>
-
 	<!--
 		Drop text nodes inside the document element.  There's one of these for each
 		EntityDescriptor in the original document, so without this most of the output