Moa technical requirements are defined in the FedTLS schema as well as the below technical profile

Change log

.

Moa Technical Profile

• when uploading metadata to the Moa production environment the member MUST NOT upload anything other than production metadata. Test environment metadata MUST NOT occur in the production environment,
• the member's metadata MUST be in accordance with actual version of Federated TLS Authentication (see respective environment under Moa environments for more information),
• for every server's claim tags there MUST exist at least one value in accordance with Strengthened Tags Profile.
• for every  entity's claim organization there MUST exist a value for the member organization's legal name,
• for every entity's claim organization_id there MUST exist a value for the member organization's organization number in format LLYYMMDDXXXX where LL stands for the country code in accordance with ISO 3166-1 alpha 2

Strengthened Tags Profile

Strengthened tags are tags used in metadata which are vetted and used by a community for a specific purpose or context. A strengthened tag may be restricted to be used by certain parties, and the definition of the tags usage (such as API definition and information model) is handled within each tag community.

egilv1

bolv1

userlistv1

Metadata signature

The aggregated metadata is signed with JWS and published with JWS JSON Serialization. The metadata signatures are created with the algorithm ECDSA using P-256 and SHA-256 ("ES256"), according to the definition in RFC7518.