InCommon metadata support

[Tom Scavo <>]

On Tue, Feb 23, 2016 at 10:42 AM, Jeffrey Eaton 
<>
 wrote:
> On Feb 23, 2016, at 10:18 AM, Tom Scavo 
> <>
>  wrote:
>>
>> For the CMU SPs that interoperate with the CMU IdP only, would a
>> single entity descriptor help? As an example, consider this metadata
>> served from mdq-beta:
>>
>> http://mdq-beta.incommon.org/global/entities/https%3A%2F%2Flogin.cmu.edu%2Fidp%2Fshibboleth
>>
>> If we provided a production version of the above metadata, would you
>> find that useful?
>
> That certainly would be preferable to consuming the full metadata file for
> those SPs which only need one single IDP.  I may still end up going down the
> path of having my own IDP metadata files signed and served locally, so that
> I can have various combinations of files (ones with our test IDP, ones with
> login.cmu.edu and identity.andrew.cmu.edu which serves as our social
> gateway, ones with our CS department's IDP which is not in InCommon, etc),
> and then let the SP choose which they want to consume.

Right, I get that, and btw, there has been discussion along these
lines on the shib users mailing list recently:

http://marc.info/?t=145527812600001&r=1&w=2
http://marc.info/?t=145461695700015&r=1&w=2&n=8
http://marc.info/?t=145263559200002&r=1&w=2&n=18

I predict that soon many campuses (and others) will be running their
own metadata aggregation services.

Hope this helps,

Tom