Internet2

InCommon is operated by Internet2
InCommon

About            Participants            Join InCommon

Federation

Federation Manager Login

Resources for Site Admins

Password Reset

Changing Exec/Site Admin

Recommended Practices

Technical Guide

Official Documents

InCommon Participants

Assurance

Case Studies

Federation Basics

InCommon Affiliates

News from the Federation

InCommon Metadata

Response Time and Hours of Operation

InCommon metadata is the basis for trust within the InCommon Federation. In a very real sense, SAML metadata powers the federation. Without metadata, trusted operations within the Federation would grind to a halt.

Put another way, SAML metadata represents the trust backbone of the InCommon Federation. Within the federation, trust is based on what effectively is a SAML-based PKI (as opposed to a more traditional X.509 Certificate-based PKI) built on top of trusted SAML metadata.

Federation participants trust InCommon to vet the metadata content submitted by other participants. In turn, InCommon vouches for the integrity of the metadata it makes available to participants. This implicit trust agreement underlies and strengthens the security of the SAML protocol exchanges used throughout the Federation.

Metadata Distribution

The InCommon Federation metadata is published in the following location:
http://wayf.incommonfederation.org/InCommon/InCommon-metadata.xml

We strongly recommend that you refresh your metadata daily to ensure that you have the most up-to-date keys and other registered information. Failure to do so will cause operational errors of various kinds and risk exposure to revoked participant keys in the event of a reported compromise. The InCommon wiki outlines the technical details associated with metadata consumption, inlcuding signature verification.

InCommon publishes a diff of consecutive metadata files every time we publish a new metadata document. The diff is sent to an e-mail list for convenience. To subscribe to the e-mail list, send a message to sympa@incommon.org with the subject line: sub metadata-diff.

Metadata Administration

Participants submit their metadata to InCommon through an administrative web interface (site admin login required). Metadata submissions are usually processed within one (1) business day. Typically, submissions are reviewed Monday through Friday, at approximately 2:30 pm Eastern Time, and published at approximately 3:00 pm Eastern Time, although exact times may vary. This schedule is subject to our normal hours of operation.

More Information

https://spaces.internet2.edu/display/InCCollaborate/Metadata+Consumption
https://spaces.internet2.edu/display/InCCollaborate/Metadata+Administration
https://wiki.shibboleth.net/confluence/display/SHIB2/TrustManagement
https://wiki.shibboleth.net/confluence/display/SHIB2/Metadata

Copyright 2004-2013 InCommon LLC. All rights reserved. info@incommon.org. InCommon is operated by Internet2.