Internet2

InCommon is operated by Internet2

InCommon

About            Participants            Join InCommon

Federation

Join InCommon

Federation Manager Login

Resources for Site Admins

Password Reset

Changing Exec/Site Admin

InCommon Metadata

Recommended Practices

Technical Guide

Official Documents

Shibboleth Installation Workshops

Assurance

Case Studies

Federation Basics

InCommon Affiliates


News from the Federation



InCommon Metadata

In a SAML-based federation like InCommon, metadata allows Service Providers and Identity Providers to communicate with each other safely and securely. In other words, metadata is the basis for trust and interoperability within the InCommon Federation.

Metadata Production

InCommon reviews metadata submissions Monday through Friday at approximately 2:30 pm Eastern time, then publishes the updated metadata file at approximately 3:00 pm Eastern time (exact times may vary). This schedule is subject to our normal hours of operation and holidays.

The InCommon Federation publishes three different metadata aggregates. Multiple aggregates allow changes to metadata to be deployed more quickly, easily, and safely. Metadata consumers choose exactly one of the three aggregates depending on the immediate requirements of their deployment.

Metadata Distribution

It is strongly recommended that each deployment in the InCommon Federation refresh and verify metadata at least daily. Regular metadata refresh helps maintain the security and interoperability of your deployment and the deployments of others.

Participants are strongly encouraged to use metadata client software that properly handles metadata. When configured correctly, client software will validate the expiration date and verify the XML signature on downloaded metadata.

Metadata Registration

Participants submit their metadata to InCommon via a web interface called the Federation Manager. Metadata submissions are usually processed within one (1) business day but may take longer depending on the nature of the submission.

Submitted metadata is vetted and approved by the InCommon Registration Authority (RA). Since the security of the SAML protocol depends on the proper use of metadata, the RA checks the correctness and integrity of all submitted metadata.

More Information

Questions? Subscribe to the metadata-support@incommon.org mailing list: https://lists.incommon.org/sympa/info/metadata-support

Copyright 2004-2013 InCommon LLC. All rights reserved. info@incommon.org. InCommon is operated by Internet2.