In a SAML-based federation like InCommon, metadata allows Service Providers and Identity Providers to communicate with each other safely and securely. In other words, metadata is the basis for trust and interoperability within the InCommon Federation.
InCommon reviews metadata submissions Monday through Friday at approximately 2:30 pm Eastern time, then publishes the updated metadata file at approximately 3:00 pm Eastern time (exact times may vary). This schedule is subject to our normal hours of operation and holidays.
The InCommon Federation publishes three different metadata aggregates. Multiple aggregates allow changes to metadata to be deployed more quickly, easily, and safely. Metadata consumers choose exactly one of the three aggregates depending on the immediate requirements of their deployment.
It is strongly recommended that each deployment in the InCommon Federation refresh and verify metadata at least daily. Regular metadata refresh helps maintain the security and interoperability of your deployment and the deployments of others.
Participants are strongly encouraged to use metadata client software that properly handles metadata. When configured correctly, client software will validate the expiration date and verify the XML signature on downloaded metadata.
Participants submit their metadata to InCommon via a web interface called the Federation Manager. Metadata submissions are usually processed within one (1) business day but may take longer depending on the nature of the submission.
Submitted metadata is vetted and approved by the InCommon Registration Authority (RA). Since the security of the SAML protocol depends on the proper use of metadata, the RA checks the correctness and integrity of all submitted metadata.
Questions? Subscribe to the firstname.lastname@example.org mailing list: https://lists.incommon.org/sympa/info/metadata-support