Metadata Server
InCommon metadata is served from vhost md.incommon.org, a name that resolves to one of two identical servers, either in Michigan (207.75.165.125) or Indiana (140.182.44.53). Be aware that the actual server used at any given point in time is unspecified and left to the discretion of InCommon Operations. If one of the physical servers goes down or requires maintenance, the other can be brought up within minutes, with minimal disruption of services.
...
| Tip | ||
|---|---|---|
| ||
Ensure your outbound firewall (if any) is configured with both IP addresses (207.75.165.125 and 140.182.44.53). |
Metadata Query Protocol
Server Configuration
To In general, the InCommon metadata server aims to support the SAML Profile for the Metadata Query Protocol, an emerging standard for retrieving SAML metadata via HTTP. In particular, to facilitate frequent updates, the metadata the metadata server supports supports HTTP Conditional GET, which has important security benefits. For efficiency, the metadata server also supports HTTP Compression.
Security Considerations
The authenticity and integrity of InCommon metadata is based on document-level security mechanisms. In particular, all metadata files are signed using XML Signature. The signature on downloaded metadata files must be verified before the metadata is trusted.
...