inc-ops-notifications - [InCommon NOTICE] InCommon eduGAIN import ruleset change RESCHEDULED to March 7
Subject: InCommon Operations Notifications
List archive
[InCommon NOTICE] InCommon eduGAIN import ruleset change RESCHEDULED to March 7
Chronological Thread
- From: Nick Roy <>
- To: "" <>
- Subject: [InCommon NOTICE] InCommon eduGAIN import ruleset change RESCHEDULED to March 7
- Date: Mon, 26 Feb 2018 20:13:43 +0000
- Accept-language: en-US
- Authentication-results: spf=none (sender IP is ) ;
- Ironport-phdr: 9a23:7K+0wh/tT31qbP9uRHKM819IXTAuvvDOBiVQ1KB+0u8VIJqq85mqBkHD//Il1AaPAd2Araocw8Pt8InYEVQa5piAtH1QOLdtbDQizfssogo7HcSeAlf6JvO5JwYzHcBFSUM3tyrjaRsdF8nxfUDdrWOv5jAOBBr/KRB1JuPoEYLOksi7ze+/94HdbglSmDaxfa55IQmrownWqsQYm5ZpJLwryhvOrHtIeuBWyn1tKFmOgRvy5dq+8YB6/ShItP0v68BPUaPhf6QlVrNYFygpM3o05MLwqxbOSxaE62YGXWUXlhpIBBXF7A3/U5zsvCb2qvZx1S+HNsDwULs6Wymt771zRRHolikJKiI5/m/UhMx+jaJUvB2vqBNkzo7IeYGZKOZycr/Bcd8EQ2dKQ8ZfVzZGAoO5d4YBF+sBMvpbr4Lgu1UOqhu/DhSrCePp0D9IgX/30LY70+QnDQHJwhYgH9QQv3TIstn5LrkdXv2ozKTRyzjIcv1Y2TD46IfScxAhp+mBXa92ccXN00UgCR7KjkiKpYP/JTOZzuoMvHKb7upuT+6glm0npxlqoje1ycYsi47JhoQPxlDC8SV12Jw6JcajSEFlet6kC55QuD+cN4tqWM8tXn9nuDgixr0cuJ67fi4KyJUlxx7EcPyIbYyI7gjlVOaVOTt4mXxld6mliBqo6keg0PXwWdSq31ZOsipFk97MtnYX2xzV7siLUvR9/kC/2TqV0ADT7/lIIVoqmqrdMZEh3qQ/moANvkveAy/6gln5jKiOekU+/ein9/3rYrPnpp+eMo97lA7+PboomsClB+Q4Ng4DVHWY9+SkzLDv4FH1TbpQgvA5kKTVqp7XKdoBqqO9HQNZypsv5hexAju8ztgVnXcKIEhKdR+IlYTlJk3CLOj2DfihgFmgjDJmyvXGM7DiDJXAK3vOnKn6crlj7kNRyQs+wNVe6p9UFL4MIfT+UVLrutPCFB82KQm0zv7nCNpj0oMeXnqCDLeFPa3VrVOE+/sjLfSUaoMIoTr9LOMq6OD0gX8+hF8dYbKm3ZwKaHC+A/tqOV2ZYWDrgtcdD2gFohY+TO3tiF2ESzJTYGuyX7445jE8D4KmDp3PSZyqgLyExCu7H5tWaX5aCl2UDHvka4qJV+0DZS+QOMNsnCIIWaKlRoM/zR2usRX1y7tjLura4C0Yspfj2cBz5+3JkhEz9Sd5D8Wb02GRUW50hGUISCEq3Kxhu0By1EqM0bVgj/xCCdNT/+9JUhs9NZPEzux6Dcz9WgXEfteMT1amRM+qATYrTtI+2tMOYkB9FMm7ghDExyqqGKYZl7qMBJwo86Lc0XnxKNpnxHba1akhiF8mQtBUOG2ih65/7BTTB5XXn0mDlqaqc7gc0zDX9GeF02WOoF9UXBRuXqrYQHBMLnfR+J744EiHSKe1TLIgLgpPyMWLNqpNbMbBjFNNQ/LmP9KYZHi+0S/kBBCDg7SUd8/sfHkc0iTWAVQFlAYI1XeAPg87AyCn5WXEA2o9O0joZhbK8OJ94Em8XwdgyRuNfmVg0aa44BgYmabaRv8OiOFX8Bw9oil5SQ7ul+ndDMCN8lJs
- Spamdiagnosticmetadata: NSPM
- Spamdiagnosticoutput: 1:99
Due to the impact of retiring the legacy metadata download endpoint,
which will affect sites on February 27, we are re-scheduling the change
of our eduGAIN import ruleset to the following week, Wednesday, March 7th.
Best regards,
Nick Roy
Director of Technology and Strategy, InCommon / Internet2 Trust and
Identity Services
On 2/22/18 1:20 PM, Nick Roy wrote:
> Hello,
>
> On February 28, InCommon will release version 8 of its eduGAIN import
> ruleset [1].
>
> This ruleset allows us to remove our ban on the importation of regular
> expression scopes in metadata, but imposes some validity checks on
> scopes to try to limit security exposure from malformed, overly-broad or
> otherwise problematic scopes (regular expression or otherwise). Within
> the next few days, we will publish our updated edugain import policy
> rules at [2]. I encourage you to take a look at those rules both now and
> after they are updated (you can add a 'watch' to the page to see when it
> changes) and let me know if you have any comments. That page also
> contains links to our daily metadata filtering reports, which you can
> also examine.
>
> The following is a summary of expected changes to imported metadata that
> will take place on February 28. We have also provided a detailed report
> (attached), which includes details of the issues affecting these
> filtered entity descriptors.
>
> Entity descriptors which will not be imported starting on February 28th:
>
> Issues with invalid, overly-broad or non-public-domain scopes:
> https://id-dev.unc.edu.ar/idp/shibboleth
> https://sso.saxion.nl/opensso
> http://sts.deltion.nl/adfs/services/trust
> http://sts.roc-nijmegen.nl/adfs/services/trust
> http://fed.rijnijssel.nl/adfs/services/trust
> https://cafe.ufba.br/idp/shibboleth
> https://birk.wayf.dk/birk.php/wayf.aau.dk
> https://idp.renata.edu.co/idp/shibboleth
> https://idp.trc.gov.om/idp/shibboleth
>
> Issues with ACS, SSO or SLO endpoints that do not use TLS:
> urn:mace:feide.no:services:no.inspera.assessment.dev
>
> RequstedAttribute lacks a NameFormat attribute:
> https://elixir.mf.uni-lj.si/sp/201506181025
> https://elixir.mf.uni-lj.si/sp/20150622
>
> [1] https://github.internet2.edu/InCommon/inc-meta/releases/tag/incommon-v8
> [2] https://spaces.internet2.edu/x/TgCNBQ
>
> Thank you and best regards,
>
> Nick Roy
> Director of Technology and Strategy, InCommon / Internet2 Trust and
> Identity Services
- [InCommon NOTICE] InCommon eduGAIN import ruleset changing on February 28, Nick Roy, 02/22/2018
- [InCommon NOTICE] InCommon eduGAIN import ruleset change RESCHEDULED to March 7, Nick Roy, 02/26/2018
Archive powered by MHonArc 2.6.19.