Skip to Content.
Sympa Menu

inc-ops-notifications - [InCommon NOTICE] Fwd: metadata migration in progress [ACTION REQUIRED]

Subject: InCommon Operations Notifications

List archive

[InCommon NOTICE] Fwd: metadata migration in progress [ACTION REQUIRED]


Chronological Thread 
  • From: Tom Scavo <>
  • To:
  • Subject: [InCommon NOTICE] Fwd: metadata migration in progress [ACTION REQUIRED]
  • Date: Wed, 25 Jun 2014 09:39:46 -0400

LAST CALL: The fallback metadata aggregate will be synced with the
production metadata aggregate on Monday, June 30, 2014. To avoid a
forced migration to metadata signed with SHA-256 digest algorithm, all
deployments should migrate to the production metadata aggregate ASAP
but no later than June 30, 2014. Please see the message below for
details.


---------- Forwarded message ----------
From: Tom Scavo
<>
Date: Mon, May 5, 2014 at 11:46 AM
Subject: metadata migration in progress [ACTION REQUIRED]
To:



You are receiving this message because you are a Site Administrator
for the InCommon Federation. Your IMMEDIATE ACTION may be required.

EVENT: On June 30, 2014, the fallback metadata aggregate will be
synced with the production metadata aggregate; that is, after June 30,
all metadata aggregates published by the InCommon Federation will be
signed using the SHA-256 digest algorithm.

OUTCOME: All deployments must be able to verify an XML signature that
uses a SHA-256 digest algorithm by June 30, 2014.

ACTION: If your SAML deployment is currently consuming the fallback
metadata aggregate, migrate to either the production metadata
aggregate or the preview metadata aggregate ASAP but no later than
June 30, 2014.

The legacy metadata aggregate was replaced by a redirect to the
fallback metadata aggregate on March 31, 2014. Consequently, every
deployment in the InCommon Federation is consuming one of the
following metadata aggregates:

* http://md.incommon.org/InCommon/InCommon-metadata.xml (production)
* http://md.incommon.org/InCommon/InCommon-metadata-fallback.xml (fallback)
* http://md.incommon.org/InCommon/InCommon-metadata-preview.xml (preview)

The production and preview aggregates are signed using the SHA-256
digest algorithm. The fallback aggregate is signed using the SHA-1
digest algorithm.

For more info about metadata aggregates: https://spaces.internet2.edu/x/SoG8Ag

If your SAML deployment is currently consuming the fallback metadata
aggregate, migrate to either the production metadata aggregate or the
preview metadata aggregate by June 30th. This will ensure that your
deployment is compatible with SHA-256. If you do not migrate, your
metadata consumption process may stop working on June 30th.

For more info about the metadata migration process:
https://spaces.internet2.edu/x/YYDPAg

Questions? Join this mailing list:
https://lists.incommon.org/sympa/info/metadata-support

-----
InCommon Operations



Archive powered by MHonArc 2.6.16.

Top of Page