InCommon Metadata Diff List

[InCommon Operations <>]

The following diff compares the current production metadata with the
previously issued version of the production metadata.  It is also at
https://wayf.incommonfederation.org/metadata-diff/prod-prod/prod-prod-1704486552-validUntil.2024-01-19T20.16.59Z.diff

diff --git a/InCommon-metadata.xml b/InCommon-metadata.xml
index f6277b0..c6178e5 100644
--- a/InCommon-metadata.xml
+++ b/InCommon-metadata.xml
@@ -1,8 +1,8 @@
-<?xml version="1.0" encoding="UTF-8"?><EntitiesDescriptor 
xmlns="urn:oasis:names:tc:SAML:2.0:metadata" 
xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" 
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; 
xmlns:icmd="http://id.incommon.org/metadata"; 
xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" 
xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" 
xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute" 
xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" 
xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" 
xmlns:remd="http://refeds.org/metadata"; 
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" 
xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" 
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"; 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; ID="INC20240104T194955" 
Name="urn:mace:incommon" validUntil="2024-01-18T19:49:55Z"><Signature 
xmlns="http://www.w3.org/2000/09/xmldsig#";><SignedInfo><CanonicalizationMethod
 Algorithm="http://www.w3.org/2001/10/
 xml-exc-c14n#"/><SignatureMethod 
Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/><Reference 
URI="#INC20240104T194955"><Transforms><Transform 
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><Transform 
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></Transforms><DigestMethod
 
Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><DigestValue>LYPpUbqgR6j/zhN42kporew+E3bhibw5p8JZ6KWYejU=</DigestValue></Reference></SignedInfo><SignatureValue>S0QScrWdNLdaFESqk3U/EZFbcisNcC/W95HbeZo12qrgGfh2LVn2YML8igohu2Kj1yO+l6NCKCCm&#13;
-iP3gGUX6zu97u2PaGc2VKN8S2wtGCbUKW4oGk+ivzdMeGEMhPZHVUal/AHy8sbDqwAz6sptpyzhp&#13;
-hPaEpykUAtziGbKzAQn5wnzY+z7yUF/Fa6BVTVCLQ5ScF5Rf9JcUUCNL1TNls1mN+Uu6BVjn7wQ9&#13;
-fK9rlaBSBVXqLQ3HvkBpJX3PkHB+LRswLzwacu+0OESKiwkHapSgs+BAE2WG88l7bqpwJA6Diqbg&#13;
-9/5Jny4rLIHY/xKTV+epZFyABTreHcFvra2VlQ==</SignatureValue><KeyInfo><X509Data><X509Certificate>MIIDgTCCAmmgAwIBAgIJAJRJzvdpkmNaMA0GCSqGSIb3DQEBCwUAMFcxCzAJBgNVBAYTAlVTMRUw&#13;
+<?xml version="1.0" encoding="UTF-8"?><EntitiesDescriptor 
xmlns="urn:oasis:names:tc:SAML:2.0:metadata" 
xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" 
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; 
xmlns:icmd="http://id.incommon.org/metadata"; 
xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" 
xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" 
xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute" 
xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" 
xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" 
xmlns:remd="http://refeds.org/metadata"; 
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" 
xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" 
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"; 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; ID="INC20240105T201659" 
Name="urn:mace:incommon" validUntil="2024-01-19T20:16:59Z"><Signature 
xmlns="http://www.w3.org/2000/09/xmldsig#";><SignedInfo><CanonicalizationMethod
 Algorithm="http://www.w3.org/2001/10/
 xml-exc-c14n#"/><SignatureMethod 
Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/><Reference 
URI="#INC20240105T201659"><Transforms><Transform 
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><Transform 
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></Transforms><DigestMethod
 
Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><DigestValue>eJvWh6Sdn0hy8fUmN5vVC7Vo1VWwOymN/hzFffKTYpY=</DigestValue></Reference></SignedInfo><SignatureValue>VfREs36TgGuzdJ8BU8BizlkDaezWcGNeE5l+xZOLmDki8yT1KEtCeexEcCYajjUZIbgnOBZ9MjEH&#13;
+VgpzGLSVkf/H/IMTBnO1oSJalitsHOEoTH3bQpDS3DI2OhzClhSEbn68mw4Bsjr3QBaytI+XZMD6&#13;
+Fv8C8LQ7lBhW/Desc2dYv+ZRpZ+dB9dZwrx4+2aSB3ZCE7meOEB5ylrm3gK0ttOP9w39D93hFfFh&#13;
+5vNP0DmoNUNu/EMm0lH7NCtM3eYNHma/3M7FlugQ8HnhV+jsREK8zjospDjv3tsQFG6Hqrkx4V3F&#13;
+S5Rn+tcVYak+B14/7IUqgeDfoIwUN1V4nR07pw==</SignatureValue><KeyInfo><X509Data><X509Certificate>MIIDgTCCAmmgAwIBAgIJAJRJzvdpkmNaMA0GCSqGSIb3DQEBCwUAMFcxCzAJBgNVBAYTAlVTMRUw&#13;
 
EwYDVQQKDAxJbkNvbW1vbiBMTEMxMTAvBgNVBAMMKEluQ29tbW9uIEZlZGVyYXRpb24gTWV0YWRh&#13;
 
dGEgU2lnbmluZyBLZXkwHhcNMTMxMjE2MTkzNDU1WhcNMzcxMjE4MTkzNDU1WjBXMQswCQYDVQQG&#13;
 
EwJVUzEVMBMGA1UECgwMSW5Db21tb24gTExDMTEwLwYDVQQDDChJbkNvbW1vbiBGZWRlcmF0aW9u&#13;
@@ -19,7 +19,7 @@ 
qEbjhBFh/utXaeyeSOtaX65GwD5svDHnJBclAGkzeRIXqxmYG+I2zMm/JYGzEnbwToyC7yF6Q8cQ&#13
 
xOr37hEpqz+WN/x3qM2qyBLECQFjmlJrvRLkSL15PCZiu+xFNFd/zx6btDun5DBlfDS9DG+SHCNH&#13;
 
6Nq+NfP+ZQ8CGzP/3TaZPzMlKPDCjp0XOQfyQqFIXdwjPFTWjEusDBlm4qJAlQ==</X509Certificate></X509Data></KeyInfo></Signature>
 <Extensions>
-  <mdrpi:PublicationInfo creationInstant="2024-01-04T19:49:55Z" 
publisher="https://incommon.org"/>
+  <mdrpi:PublicationInfo creationInstant="2024-01-05T20:16:59Z" 
publisher="https://incommon.org"/>
 </Extensions>
 <EntityDescriptor entityID="https://authproxy.conity.com/saml2";>
   <Extensions>
@@ -21564,6 +21564,102 @@ WQLIWIKUT8TM44Crb2YUR04olleoFAwdIpPyHG0T/Q==
     <EmailAddress></EmailAddress>
   </ContactPerson>
 </EntityDescriptor>
+<EntityDescriptor entityID="https://sso.kpmp.org/sp/shibboleth";>
+  <Extensions>
+    <mdrpi:RegistrationInfo registrationAuthority="https://incommon.org"/>
+    <mdattr:EntityAttributes>
+      <saml:Attribute 
Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" 
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+        <saml:AttributeValue>https://refeds.org/sirtfi</saml:AttributeValue>
+      </saml:Attribute>
+      <saml:Attribute Name="http://macedir.org/entity-category"; 
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+        
<saml:AttributeValue>http://id.incommon.org/category/registered-by-incommon</saml:AttributeValue>
+      </saml:Attribute>
+    </mdattr:EntityAttributes>
+  </Extensions>
+  <SPSSODescriptor 
protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+    <Extensions>
+      <idpdisc:DiscoveryResponse 
Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" 
Location="https://sso.kpmp.org/Shibboleth.sso/Login"; index="1"/>
+      <mdui:UIInfo>
+        <mdui:DisplayName xml:lang="en">SSO for KPMP users</mdui:DisplayName>
+        <mdui:PrivacyStatementURL 
xml:lang="en">https://www.kpmp.org/controlled-data</mdui:PrivacyStatementURL>
+        <mdui:Logo height="107" width="332" 
xml:lang="en">https://welcome.kpmp.org/shibds/img/kpmp-logo-mock.png</mdui:Logo>
+      </mdui:UIInfo>
+    </Extensions>
+    <KeyDescriptor>
+      <ds:KeyInfo>
+        <ds:X509Data>
+          <!-- Serial No. 676931227380622061955067181297459653495613611200, 
expires on Fri Dec  2 19:25:17 2033 GMT -->
+          <ds:X509Certificate>
+MIIEGjCCAoKgAwIBAgIUdpKlZDPqeb9bYKyyUTU7grL03MAwDQYJKoZIhvcNAQEL
+BQAwFzEVMBMGA1UEAxMMc3NvLmtwbXAub3JnMB4XDTIzMTIwNTE5MjUxN1oXDTMz
+MTIwMjE5MjUxN1owFzEVMBMGA1UEAxMMc3NvLmtwbXAub3JnMIIBojANBgkqhkiG
+9w0BAQEFAAOCAY8AMIIBigKCAYEAuPf2PsRKDyq30Oh6Rpm/P9rwBIekX3PrfrJm
+eBBDV+JA3rR/J9Kn7hZHQpjk2O+gL/5VBuC8sgBsACOkRn+b9in0TWUXGcfYylgA
+x/O2XGDvWc2AvIEXGFJ0veb4qTscrF29KCCCMDVn9d5czMu9clPKVOokmpErpWZM
+cDmtCL2PCIYS/bWqE6GoRIY2Ih6kUD9oSS13iKdAGE+yuyqFLnxQeNy+prsKdnOh
+31FOaFxrZaA+sty4O5XQBstjFWeOCOZrYdq3ZIGzG+w2KnRgqYvibXftZc/aL8FC
+mp/tQ6w05PD6zyRkNgtkJEpK0AL0BcBmSfe8vwfzweubGN5DTy+tRZ3NI7X59s5Q
+srVMCD3IoQy3Q9pdcN3nm7U/wQ7RT/JqzUyFjNnSb06Drg3Gd4xo/lST0Q18V15g
+f93Nlgxw3dK6+5DRHeyagJxG6/BuYm+h/BenE2L3OXDeP/zs8bI6LA1h71Vu6OT8
+yfo9rXs6lVfXuJ9QnFwZK1YQSraLAgMBAAGjXjBcMDsGA1UdEQQ0MDKCDHNzby5r
+cG1wLm9yZ4YiaHR0cHM6Ly9zc28ua3BtcC5vcmcvc3Avc2hpYmJvbGV0aDAdBgNV
+HQ4EFgQUNGJjTmHtyX9M+mf6SL1dd2bVDWAwDQYJKoZIhvcNAQELBQADggGBAHIa
+BIapmdIMaWiLO0KFbv8oM5PYgVXsvl6M91RjrmWrqr3jT6zjOwnYK4jaAKPCVaH5
+K3v38ErQnEntbymohLIb3XbkeDFv0hdPJnllsla3SmfcNnHjC2Nbu/YmrSBfl9E2
+KZq7XpZnN2mnNvM6CJomfRPcwH19SGRloQXJoZXNXX0VZjP7zNI5/rm/c9ovorXm
++akTcnF3nnutJaaSTt1BuGWR5D+qKQc/fhtT9KeTwdDaGcbCXjWNTPrqo86MdlyC
+xyOXGc0Fs3Cbh6GF/GPNAg0lnqw58y77w2VaYX023uTJ270pV0zg++ORvY1Aaugm
+206qWWsCcCdMJQ40CFSRgVXF2iHXuDxkDSySdiWHEXOsmaGua/2kYENY/RCxsPHi
+kHk/oimiC8WXwKAqakM93liLndcTVIF3+MJv999HYncyVy+n8jXmjeEmfqOT/EPd
+Hq70XfjLQaIMR8d3eZEmviQ5rw4Zo+FEaVhhO0x6A0ZatgB6/CMM9RDUUFVgxQ==
+          </ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+      <EncryptionMethod 
Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+    </KeyDescriptor>
+    <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" 
Location="https://sso.kpmp.org/Shibboleth.sso/SLO/SOAP"/>
+    <SingleLogoutService 
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" 
Location="https://sso.kpmp.org/Shibboleth.sso/SLO/Redirect"/>
+    <SingleLogoutService 
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" 
Location="https://sso.kpmp.org/Shibboleth.sso/SLO/POST"/>
+    <AssertionConsumerService 
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" 
Location="https://sso.kpmp.org/Shibboleth.sso/SAML2/POST"; index="1"/>
+    <AssertionConsumerService 
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" 
Location="https://sso.kpmp.org/Shibboleth.sso/SAML2/POST-SimpleSign"; 
index="2"/>
+    <AssertionConsumerService 
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" 
Location="https://sso.kpmp.org/Shibboleth.sso/SAML2/Artifact"; index="3"/>
+    <AssertionConsumerService 
Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" 
Location="https://sso.kpmp.org/Shibboleth.sso/SAML2/ECP"; index="4"/>
+    <AttributeConsumingService index="1">
+      <ServiceName xml:lang="en">SSO for KPMP users</ServiceName>
+      <RequestedAttribute FriendlyName="displayName" 
Name="urn:oid:2.16.840.1.113730.3.1.241" 
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" 
isRequired="true"/>
+      <RequestedAttribute FriendlyName="eduPersonAffiliation" 
Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.1" 
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" 
isRequired="true"/>
+      <RequestedAttribute FriendlyName="eduPersonEntitlement" 
Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" 
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" 
isRequired="true"/>
+      <RequestedAttribute FriendlyName="eduPersonPrincipalName" 
Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" 
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" 
isRequired="true"/>
+      <RequestedAttribute FriendlyName="eduPersonScopedAffiliation" 
Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9" 
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" 
isRequired="true"/>
+      <RequestedAttribute FriendlyName="eduPersonTargetedID" 
Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" 
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" 
isRequired="true"/>
+      <RequestedAttribute FriendlyName="givenName" Name="urn:oid:2.5.4.42" 
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" 
isRequired="true"/>
.
.
.
The complete diff is available here:
https://wayf.incommonfederation.org/metadata-diff/prod-prod/prod-prod-1704486552-validUntil.2024-01-19T20.16.59Z.diff

An archive of this and past prod-prod diffs is available here:
https://wayf.incommonfederation.org/metadata-diff/prod-prod/?C=M;O=D

This is a one-way, notification only email list. If you have questions,
please email . You can also discuss related issues
with the community on .

- InCommon Federation Operations