InCommon Metadata Diff List

[InCommon Operations <>]

The following diff compares the current production metadata with the
previously issued version of the production metadata.  It is also at
https://wayf.incommonfederation.org/metadata-diff/prod-prod/prod-prod-1739475720-validUntil.2025-03-06T19.27.29Z.diff

diff --git a/InCommon-metadata.xml b/InCommon-metadata.xml
index b24ef23..6f5c539 100644
--- a/InCommon-metadata.xml
+++ b/InCommon-metadata.xml
@@ -1,8 +1,8 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?><EntitiesDescriptor 
xmlns="urn:oasis:names:tc:SAML:2.0:metadata" 
xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" 
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; 
xmlns:icmd="http://id.incommon.org/metadata"; 
xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" 
xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" 
xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute" 
xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" 
xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" 
xmlns:remd="http://refeds.org/metadata"; 
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" 
xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" 
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"; 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; ID="INC20250212T202059" 
Name="urn:mace:incommon" validUntil="2025-03-05T20:20:59Z"><Signature 
xmlns="http://www.w3.org/2000/09/xmldsig#";><SignedInfo><CanonicalizationMethod
 Algorithm="http://www
 .w3.org/2001/10/xml-exc-c14n#"/><SignatureMethod 
Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/><Reference 
URI="#INC20250212T202059"><Transforms><Transform 
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><Transform 
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></Transforms><DigestMethod
 
Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><DigestValue>Y1U78wDzYmxlLcqiSIANcbyQr3gwi0dqo8WDWBylfq0=</DigestValue></Reference></SignedInfo><SignatureValue>eT5kbCGdF6u0uME/So5+4PkQgIUYoG348EO7VULV7T4erjiJKY5hM2ckMsLhr1rzlF77oDP4EprB
-e+YVrRt92joxO9IT8JntxZyuym9L+qJLOEOB+6HG8+3AOxDZyDNlvCXLmO4XiNUPpWHnNKWdQlDL
-hkgF5NF/T/vicPQpXtPP0OhlHqWpvHg9+VftslYOlGUCe07Mb6CbQHSQz7pURp40vXmymZLbWRDB
-Xwkch7HgRCxWnVYJzKaMrSMKgrqMiqYuh1NhZ2qqwjUwUwhAGIRFO8TE5HrjSfGdSVrhR/QhD2cI
-bJimRE3TDO/5jKouA2wc8f7W7MTaWGCrNygptA==</SignatureValue><KeyInfo><X509Data><X509Certificate>MIIDgTCCAmmgAwIBAgIJAJRJzvdpkmNaMA0GCSqGSIb3DQEBCwUAMFcxCzAJBgNVBAYTAlVTMRUw
+<?xml version="1.0" encoding="UTF-8" standalone="no"?><EntitiesDescriptor 
xmlns="urn:oasis:names:tc:SAML:2.0:metadata" 
xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" 
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; 
xmlns:icmd="http://id.incommon.org/metadata"; 
xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" 
xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" 
xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute" 
xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" 
xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" 
xmlns:remd="http://refeds.org/metadata"; 
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" 
xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" 
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"; 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; ID="INC20250213T192729" 
Name="urn:mace:incommon" validUntil="2025-03-06T19:27:29Z"><Signature 
xmlns="http://www.w3.org/2000/09/xmldsig#";><SignedInfo><CanonicalizationMethod
 Algorithm="http://www
 .w3.org/2001/10/xml-exc-c14n#"/><SignatureMethod 
Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/><Reference 
URI="#INC20250213T192729"><Transforms><Transform 
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><Transform 
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></Transforms><DigestMethod
 
Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><DigestValue>ntDsYSf/ouNOICvseB8ApuuyViG/rF56AsnzhXu9osc=</DigestValue></Reference></SignedInfo><SignatureValue>QseD/mOuj/bOhG7i9KmpoWbxAaHnJBhuHfkhtZVXq0Eos5SUX6BU3j9ct3H3Sw0aakqhvKgz5DSP
+khO4bJXIHdpzCHff3qodcXii1i9sutpjXogKej9qKKnri7dFCpT7NwkNHKnhAGgkIIB4Bigzkp0o
+P82mfIAPdjmg0BZQrfAytXZwMMjgwOdsi/7O3WysKEiyp05kK64Yx320Bz67gTtxcJ7lHsZlMOEO
+/rmJIDI6A7U/btuuJi7aiYxzZFUSoihs9mETLZZuElamjhYifihv9goZ2xsb2/2AR5Ts2jhDXaM/
+MRYWK/0qUhvUQQNgPXiNiS+vZC3m8lXK0lVCtA==</SignatureValue><KeyInfo><X509Data><X509Certificate>MIIDgTCCAmmgAwIBAgIJAJRJzvdpkmNaMA0GCSqGSIb3DQEBCwUAMFcxCzAJBgNVBAYTAlVTMRUw
 EwYDVQQKDAxJbkNvbW1vbiBMTEMxMTAvBgNVBAMMKEluQ29tbW9uIEZlZGVyYXRpb24gTWV0YWRh
 dGEgU2lnbmluZyBLZXkwHhcNMTMxMjE2MTkzNDU1WhcNMzcxMjE4MTkzNDU1WjBXMQswCQYDVQQG
 EwJVUzEVMBMGA1UECgwMSW5Db21tb24gTExDMTEwLwYDVQQDDChJbkNvbW1vbiBGZWRlcmF0aW9u
@@ -19,7 +19,7 @@ 
qEbjhBFh/utXaeyeSOtaX65GwD5svDHnJBclAGkzeRIXqxmYG+I2zMm/JYGzEnbwToyC7yF6Q8cQ
 xOr37hEpqz+WN/x3qM2qyBLECQFjmlJrvRLkSL15PCZiu+xFNFd/zx6btDun5DBlfDS9DG+SHCNH
 
6Nq+NfP+ZQ8CGzP/3TaZPzMlKPDCjp0XOQfyQqFIXdwjPFTWjEusDBlm4qJAlQ==</X509Certificate></X509Data></KeyInfo></Signature>
 <Extensions>
-  <mdrpi:PublicationInfo creationInstant="2025-02-12T20:20:59Z" 
publisher="https://incommon.org"/>
+  <mdrpi:PublicationInfo creationInstant="2025-02-13T19:27:29Z" 
publisher="https://incommon.org"/>
 </Extensions>
 <EntityDescriptor entityID="https://authproxy.conity.com/saml2";>
   <Extensions>
@@ -5921,6 +5921,65 @@ 
MIID5zCCAs+gAwIBAgIJAI4XubteXKakMA0GCSqGSIb3DQEBCwUAMIGJMQswCQYDVQQGEwJVUzETMBEG
     <EmailAddress></EmailAddress>
   </ContactPerson>
 </EntityDescriptor>
+<EntityDescriptor entityID="https://bitsight.ucop.edu/sp";>
+  <Extensions>
+    <mdrpi:RegistrationInfo registrationAuthority="https://incommon.org"/>
+    <mdattr:EntityAttributes>
+      <saml:Attribute 
Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" 
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+        <saml:AttributeValue>https://refeds.org/sirtfi</saml:AttributeValue>
+      </saml:Attribute>
+      <saml:Attribute Name="http://macedir.org/entity-category"; 
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+        
<saml:AttributeValue>http://id.incommon.org/category/registered-by-incommon</saml:AttributeValue>
+      </saml:Attribute>
+    </mdattr:EntityAttributes>
+  </Extensions>
+  <SPSSODescriptor 
protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+    <Extensions>
+      <mdui:UIInfo>
+        <mdui:DisplayName xml:lang="en">UCOP Bitsight</mdui:DisplayName>
+        <mdui:Description xml:lang="en">Bitsight Security Performance 
Management (SPM) solves key challenges in cyber risk governance and exposure. 
Gain strategic insights to set and hit the right targets—for you. Fix 
immediate exposure concerns—and watch for new ones. Confidently tell your 
cybersecurity performance story—in a way your stakeholders 
understand.</mdui:Description>
+        <mdui:PrivacyStatementURL 
xml:lang="en">https://www.ucop.edu/ethics-compliance-audit-services/_files/compliance/privacy/statement-of-privacy-for-web-based-applications.pdf</mdui:PrivacyStatementURL>
+        <mdui:Logo height="60" width="80" 
xml:lang="en">https://www.ucop.edu/_common/_images/sso/uc.png</mdui:Logo>
+      </mdui:UIInfo>
+    </Extensions>
+    <KeyDescriptor>
+      <ds:KeyInfo>
+        <ds:X509Data>
+          <!-- Serial No. 10238856492243265188, expires on Wed Mar 15 
19:01:56 2028 GMT -->
+          <ds:X509Certificate>
+MIID5zCCAs+gAwIBAgIJAI4XubteXKakMA0GCSqGSIb3DQEBCwUAMIGJMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEQMA4GA1UEBwwHT2FrbGFuZDE5MDcGA1UECgwwVW5pdmVyc2l0eSBPZiBDYWxpZm9ybmlhIE9mZmljZSBPZiBUaGUgUHJlc2lkZW50MRgwFgYDVQQDDA9zYW1sc3AudWNvcC5lZHUwHhcNMTgwMzE2MTkwMTU2WhcNMjgwMzE1MTkwMTU2WjCBiTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExEDAOBgNVBAcMB09ha2xhbmQxOTA3BgNVBAoMMFVuaXZlcnNpdHkgT2YgQ2FsaWZvcm5pYSBPZmZpY2UgT2YgVGhlIFByZXNpZGVudDEYMBYGA1UEAwwPc2FtbHNwLnVjb3AuZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszwtTz6DR5Ss5BBMezjVqeBvMOYEkCi9hcSVG8d84GuFnCA7jy/fn//77dEquD7M/YA13mrpA0Y+Lz0AgLTDgx3nJjX2nQROjM+s0EWIVAYc9V+E8B4B335HJnDWrLXJIS2L4GdI0G261iJh3z+cPPCeXpFC8hWOjnBKzyMWviQzHuROBjjD4J30IvGHBbnJkFy0huc4P3wL+dM3lvgzhBCKhLCCaKm2KCiQAqBno3Xls9KltVpP9f0Kjf/a1KcMqf1M2+0nXWEoP1d3RRY6UdCXmyLwcMeCQsLAlm0nJZnhi3bryDsF6rhOLkGsrR8SBGzSwWPgw1rc7Az5BAjHPQIDAQABo1AwTjAdBgNVHQ4EFgQUiiRJo82bx2ZPFymQ5dS7y/DbDm0wHwYDVR0jBBgwFoAUiiRJo82bx2ZPFymQ5dS7y/DbDm0wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAi
 
ASEw6ZhABMoUgA+XxNkFc5rJDz6leNBCpPd3LtTsi0llCLoc//4AMxo+3zqnUFSh7rBCqjSiHxWFuZiM3vQSKGn/hD9H5Vm/5MfAiCpvmGmrSSbSZ3VZ09P5LifraNwfw66Lpm6JLtr84nC5fMksl1+0W6LJMCHHrVR3iDIOh4oc1rXkqg2HUVTBWcFZB5FPa6uVp4Rfjmn5SF5rAGSvjjHKHBg579PJGCFn/GAdgCyquXGzNRSNw/AiDekXjszH2F2CwIrpuwwbPCxOQ9EjH7nWsereXoKuJhDmBZ7guw2keo/i72mAdG8CYXwgX8LjZ7k1+JHDP/bEOWACU8bQA==
+          </ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+      <EncryptionMethod 
Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+    </KeyDescriptor>
+    <AssertionConsumerService 
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" 
Location="https://samlproxy.ucop.edu/simplesaml/module.php/saml/sp/saml2-acs.php/Bitsight";
 index="1"/>
+    <AttributeConsumingService index="1">
+      <ServiceName xml:lang="en">UCOP Bitsight</ServiceName>
+      <ServiceDescription xml:lang="en">Bitsight Security Performance 
Management (SPM) solves key challenges in cyber risk governance and exposure. 
Gain strategic insights to set and hit the right targets—for you. Fix 
immediate exposure concerns—and watch for new ones. Confidently tell your 
cybersecurity performance story—in a way your stakeholders 
understand.</ServiceDescription>
+      <RequestedAttribute FriendlyName="givenName" Name="urn:oid:2.5.4.42" 
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+      <RequestedAttribute FriendlyName="mail" 
Name="urn:oid:0.9.2342.19200300.100.1.3" 
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" 
isRequired="true"/>
+      <RequestedAttribute FriendlyName="sn" Name="urn:oid:2.5.4.4" 
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+    </AttributeConsumingService>
+  </SPSSODescriptor>
+  <Organization>
+    <OrganizationName xml:lang="en">University of California - Office of the 
President</OrganizationName>
+    <OrganizationDisplayName xml:lang="en">University of California - Office 
of the President</OrganizationDisplayName>
+    <OrganizationURL 
xml:lang="en">http://www.ucop.edu/welcome.html</OrganizationURL>
+  </Organization>
+  <ContactPerson contactType="administrative">
+    <GivenName>IT Service Desk</GivenName>
+    <EmailAddress></EmailAddress>
+  </ContactPerson>
+  <ContactPerson contactType="technical">
+    <GivenName>IAM Group</GivenName>
+    <EmailAddress></EmailAddress>
+  </ContactPerson>
+  <ContactPerson contactType="other" 
remd:contactType="http://refeds.org/metadata/contactType/security";>
+    <GivenName>Security Operations</GivenName>
+    <EmailAddress></EmailAddress>
+  </ContactPerson>
+</EntityDescriptor>
 <EntityDescriptor entityID="https://coa.ucop.edu/shibboleth";>
   <Extensions>
     <mdrpi:RegistrationInfo registrationAuthority="https://incommon.org"/>
@@ -21340,6 +21399,63 @@ 
MIID5zCCAs+gAwIBAgIJAI4XubteXKakMA0GCSqGSIb3DQEBCwUAMIGJMQswCQYDVQQGEwJVUzETMBEG
     <EmailAddress></EmailAddress>
   </ContactPerson>
 </EntityDescriptor>
+<EntityDescriptor entityID="https://wdesk.ucop.edu/sp";>
+  <Extensions>
+    <mdrpi:RegistrationInfo registrationAuthority="https://incommon.org"/>
.
.
.
The complete diff is available here:
https://wayf.incommonfederation.org/metadata-diff/prod-prod/prod-prod-1739475720-validUntil.2025-03-06T19.27.29Z.diff

An archive of this and past prod-prod diffs is available here:
https://wayf.incommonfederation.org/metadata-diff/prod-prod/?C=M;O=D

This is a one-way, notification only email list. If you have questions,
please email . You can also discuss related issues
with the community on .

- InCommon Federation Operations