inc-ops-notifications - [InCommon NOTICE] InCommon SPs with problematic characters in metadata
Subject: InCommon Operations Notifications
List archive
- From: "Nic Roy" <>
- To:
- Subject: [InCommon NOTICE] InCommon SPs with problematic characters in metadata
- Date: Fri, 09 Oct 2020 13:40:27 -0600
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=internet2.edu; dmarc=pass action=none header.from=internet2.edu; dkim=pass header.d=internet2.edu; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=cOoIAlrE7BIhiqYjkwkphdEd1t43IGhPbPvXytfxs4g=; b=J6FMk6oU6I0viyBG54r5MQ5ZBA3eVL6SvL4y2Km4YRw8QhV5D1F95ynXaiRSieFvHhkNwGsMmlt0NrHOPpotJNmCG4phOOE0hAveStZYCeTQKCZ0aLPZtmx9HoXu27Isas71+eWXT4VxE9fv7wvmy4VqHQQS0fXACM2h4wUBUpKhxsznwIQPLg0hiYycWt2k+GFVfF4zZl7pe3nApgUDd9dRiBzWkzvyTC84yj6bSlsoKN0q0T1X+PCQPttMad7kfJXKFxQlPrOMAY0SRGPPHMHhRU06qPHy2FRGoJ5zeecw51TXHQmk3qBJT33fPozlReqOi8vCxfgQan4xfxFqYw==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=heaQmdGzw8EFeor4b1Aybb7zoFQpZR5WHpN2dlvzPYVNqyZ6amqAiM4FXbdsfpXRXEA6vr6nJxb+mj1nYH4PIBqzY1igO5OyOckRJxSrorKtqIM4Ugxs/5+y5bd+HebvsI0ZEpIA/DEvSaUDtxq5cyaXVhuq94RVkX/Fw2lZOaNcsrkMVb3naKgH6mcPVGxbuM+8gjqsyjdmDqac3xDN5xI39y2GCV9tuGZtE6fO1SIpgNMg2YmJWu+LZl0I/aY4G60pJE+9iAVNNCV4YkzbTn+Xsl/E2ROda2v5JX0RBUb48E+ZCSQCPsCJUZnwv9yRazwFIu659HA1GAE9GO6Vqg==
Hello,
InCommon operations was recently made aware of a number of service providers in federation metadata which contained carriage return characters (encoded in XML as
) within their mdui:Description and AssertionConsumerService/ServiceDescription elements. These characters are known to cause problems with Microsoft’s XML parsing software, and can negatively impact metadata consumption by client software such as Microsoft Active Directory Federation Services (ADFS). InCommon staff have corrected this issue and re-published metadata. The following is a list of entityIDs for entity descriptors which contained this character:
https://analytics.test.uchealth.edu/sp
https://ventiv.ucop.edu
https://www.coral.washington.edu/
https://www-test.coral.washington.edu/
https://testshib.msacademicverify.com/shibboleth-sp
https://reta.med.umich.edu/shibboleth
https://wiki.osris.org
https://esyllabus.pharmacy.uiowa.edu/saml
https://redcap.uncg.edu/shibboleth
https://dl.acm.org/shibboleth
https://wwu.sclintra.com/AuthServices-1
https://uwisc.hosted.ethosce.com
https://uwisc.hosted.test.cloud.ethosce.com/sites/all/libraries/simplesaml/www/module.php/saml/sp/metadata.php/default-sp,DLC
https://www.peoplegrove.com/saml,PeopleGrove
https://demo.portal.iontuition.com,Ceannate
https://fortlewis.photoshelter.com/sso/SAML2
InCommon staff has contacted the site administrators of each of these organizations, to let them know that we modified their metadata in order to remove this character. We believe that the introduction of this character into the metadata of these SPs had taken place quite a while ago but that modified metadata had not been published for these entity descriptors in quite some time. When we performed a batch update of metadata this past Tuesday, October 6, to introduce a new 'mailto:' scheme to all contacts in metadata, these changes were published alongside.
Please feel free to contact us at if you have any questions or concerns.
Best regards,
Nic Roy
Director of Technology and Strategy
InCommon
Attachment:
signature.asc
Description: OpenPGP digital signature
- [InCommon NOTICE] InCommon SPs with problematic characters in metadata, Nic Roy, 10/09/2020
Archive powered by MHonArc 2.6.19.