InCommon Operations Notifications

[Thomas Scavo <>]

This message is intended to bring you up to date on a new strategy currently 
being implemented by InCommon Operations that will make the metadata signing 
process more robust and dependable. Recall that, on Monday, March 21, the 
InCommon metadata signing process was unable to verify the XML signature on 
eduGAIN metadata. That signature was in fact faulty due to a bug in the 
metadata aggregation software used by eduGAIN operations. 

Briefly, the new strategy falls back (if necessary) on a cached copy of the 
eduGAIN metadata aggregate. If the import of eduGAIN metadata fails for any 
reason, the cached metadata permits the metadata signing process to run to 
completion. Once that critical process has completed, a manual intervention 
process can be initiated if needed. This ensures that daily metadata updates 
approved by the InCommon RA will be published in a secure and timely manner 
independent of eduGAIN metadata.

If you have any questions or concerns, please contact us at 


Tom Scavo
For InCommon Operations


On Thu, Mar 24, 2016 at 9:46 AM, Thomas Scavo 
<>
 wrote:
> We have incomplete evidence at this time, so what I'm about to say is a 
> working hypothesis only.
>
> Earlier this week, an eduGAIN participant organization (CAF) introduced bad 
> characters into entity metadata, which exercised a latent bug in the 
> metadata aggregation tool (pyFF) that eduGAIN operations uses to verify and 
> sign metadata. Consequently, on Monday, March 21, eduGAIN published an 
> aggregate with a faulty signature that the InCommon metadata signing 
> process did not properly handle.
>
> eduGAIN operations has already taken steps to prevent the publication of an 
> aggregate with a bad signature. InCommon operations is still considering 
> its options. I will provide another update when I have more details.