From e827720658f36a7bb5b2d245000018211b3b05ec Mon Sep 17 00:00:00 2001
From: Quentin Ligier <quentin.ligier@bluewin.ch>
Date: Thu, 20 Jun 2024 16:51:18 +0200
Subject: [PATCH] Add doc for bug about ATNA logs with XUA

---
 docs/faq.md | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/docs/faq.md b/docs/faq.md
index efe277c..208a010 100644
--- a/docs/faq.md
+++ b/docs/faq.md
@@ -79,3 +79,11 @@ admin portal if the certificate is available there.
 For the STS request it is important that the oid attributed to the user/certificate (showing in parentheses) in also
 added in the STS request in the `<saml2:NameID>`.
 
+### Logs ATNA with XUA
+
+The current platform has an issue processing ATNA logs with XUA information.
+Currently, you need to only provide one `ActiveParticipant` for the XUA, instead of two or three (as specified in the
+[Extension 1 to Annex 5](https://www.fedlex.admin.ch/eli/oc/2023/221/de/annexes)).
+Otherwise, the log will not be properly processed, but discarded by the platform.
+
+This should be fixed with version 6.0 of the platform.