Child pages
  • Retiring Legacy Metadata Download Endpoint - February 14, 2018

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Note
titleDeprecated

Note that this page has been deprecated; the information it contains is no longer current. It has been retained for historical purposes only.

Warning

After several months of communication with participants, InCommon Operations removed the legacy metadata download endpoint (currently, a redirect) on Wednesday, February 14, 2018

All metadata clients that attempt to download metadata from this endpoint should have switched to one of the production endpoints noted in: Metadata Aggregates before that date. Failure to update to the production metadata locations has likely caused your SAML deployment to break on February 27, 2018 at approximately 2:44 p.m. US Eastern Time.


For many years, InCommon has supported a redirect from a very old metadata download location:

http://wayf.incommonfederation.org/InCommon/InCommon-metadata.xml

And

https://wayf.incommonfederation.org/InCommon/InCommon-metadata.xml

To the current production (“main”) aggregate location:

http://md.incommon.org/InCommon/InCommon-metadata.xml

On February 14, 2018, InCommon Operations REMOVED this redirect.

It is CRITICAL that all production metadata clients be configured to fetch metadata from http://md.incommon.org/InCommon/InCommon-metadata.xml or one of the other three locations on md.incommon.org.

If you currently fetch metadata from one of the old (wayf.incommonfederation.org) locations noted above, you need to reconfigure your deployment. Failure to do so means that your IdP and/or SPs broke on February 27, 2018.

At the bottom of this page, you will find a list of hosts, updated weekly, that are still downloading metadata from the old location. If you see a host on the list that is at your organization, please contact the relevant systems personnel to arrange to switch metadata consumption to one of the supported aggregates.

Please pass along this information to anyone in your organization who is responsible for running an IdP or SP in InCommon, especially those such as delegated administrators or other systems administrators who may not be subscribed to this mailing list.


Note

The information below was last updated on Thursday, March 29, 2018.

IMPORTANT: The table on the left is a list of root DNS zones with hosts still attempting to access the legacy metadata location. The table on the right is a list of actual hosts still attempting to access the legacy metadata.


REMINDER: When you make a configuration change to target one of the current production metadata aggregate locations, you may need to restart your SAML SP software (shibd/etc) to cause it to re-read the configuration.


Hosts still attempting to use legacy metadata endpoint
1137.211.93.208.in-addr.arpa
2141.154.251.23.bc.googleusercontent.com
3204.11.hqserv.co.il
4204.13.hqserv.co.il
5204.7.hqserv.co.il
6216-139-212-28.aus.us.siteprotect.com
72252-00f1-bc01.ucsfmedicalcenter.org
82252-00f1-bc02.ucsfmedicalcenter.org
92408-0c50-bc01.ucsfmedicalcenter.org
102408-0c50-bc02.ucsfmedicalcenter.org
115-10-31-155.everestdc.com
125-10-31-164.everestdc.com
135-10-31-182.everestdc.com
145-10-31-214.everestdc.com
1569-168-255-13.brainerd.net
1669-168-255-43.brainerd.net
1769-168-255-62.brainerd.net
18ACMWEB06.acm.org
19ACMWEB10.acm.org
20al2s-demo.net.internet2.edu
21aragusa-dev6.grnoc.iu.edu
22atg-pool.nat.uw.edu
23borked.wpi.edu
24cloudvpn2.code42.com
25cluster1.serialssolutions.com
26collections.library.illinois.edu
27comphxuawifi.telcom.arizona.edu
28cp.nursing.jhu.edu
29crowd-surf.surf.nl
30crowd-test.surfnet.nl
31crowd.surfnet.nl
32ctl.jhsph.edu
33dhn-c5-efs.duhs.duke.edu
34docdelivery2.trondent.com
35dora.uark.edu
36dpoc.uark.edu
37ec2-107-22-198-108.compute-1.amazonaws.com
38ec2-107-22-238-17.compute-1.amazonaws.com
39ec2-107-23-147-38.compute-1.amazonaws.com
40ec2-107-23-200-82.compute-1.amazonaws.com
41ec2-107-23-78-15.compute-1.amazonaws.com
42ec2-184-72-147-129.compute-1.amazonaws.com
43ec2-34-226-222-114.compute-1.amazonaws.com
44ec2-34-241-142-178.eu-west-1.compute.amazonaws.com
45ec2-34-242-188-254.eu-west-1.compute.amazonaws.com
46ec2-34-244-22-231.eu-west-1.compute.amazonaws.com
47ec2-34-245-216-146.eu-west-1.compute.amazonaws.com
48ec2-34-250-27-55.eu-west-1.compute.amazonaws.com
49ec2-50-17-229-101.compute-1.amazonaws.com
50ec2-52-1-179-223.compute-1.amazonaws.com
51ec2-52-20-215-192.compute-1.amazonaws.com
52ec2-52-206-216-95.compute-1.amazonaws.com
53ec2-52-21-240-124.compute-1.amazonaws.com
54ec2-52-214-28-159.eu-west-1.compute.amazonaws.com
55ec2-52-6-126-78.compute-1.amazonaws.com
56ec2-52-7-144-22.compute-1.amazonaws.com
57ec2-52-91-134-224.compute-1.amazonaws.com
58ec2-54-146-225-47.compute-1.amazonaws.com
59ec2-54-147-125-241.compute-1.amazonaws.com
60ec2-54-164-203-179.compute-1.amazonaws.com
61ec2-54-175-50-103.compute-1.amazonaws.com
62ec2-54-186-107-10.us-west-2.compute.amazonaws.com
63ec2-54-210-41-28.compute-1.amazonaws.com
64ec2-54-210-58-241.compute-1.amazonaws.com
65ec2-54-211-88-6.compute-1.amazonaws.com
66ec2-54-221-238-160.compute-1.amazonaws.com
67ec2-54-229-205-205.eu-west-1.compute.amazonaws.com
68ec2-54-85-240-29.compute-1.amazonaws.com
69ec2-54-87-226-206.compute-1.amazonaws.com
70ec2-54-88-67-127.compute-1.amazonaws.com
71esappi11.uits.iu.edu
72esappi12.uits.iu.edu
73eth0-0-fw3-1-ap-q18-va2.blackboard.com
74eth0-0-fw3-1-ap-q18-va2.mhint
75eth0-0-fw3-1-ap-r137-3-va3.blackboard.com
76eth0-0-fw3-1-ap-r137-3-va3.mhint
77ewebproxy.thomsonreuters.com
78fischer-gig.fischerinternational.com
79fischerwall.fisc.com
80fw-msp--sw-core-msp--4009.code42.com
81gannicus.las.uic.edu
82ginger.autonomy.ri.cmu.edu
83gis.accc.uic.edu
84git.bmi.osumc.edu
85gmoc-db.grnoc.iu.edu
86google2.utsystem.edu
87gradleaders-vsrx.expedient.com
88hq.atomiclearning.com
89idp.mbl.edu
90ip-128-239-61-105.v4.wm.edu
91ip-20-36-244-173.west.us.northamericancoax.com
92ITDEV2.QATAR.CMU.EDU
93library.proxy.mbl.edu
94mail.ts24.com
95mblfw.whoi.net
96net253.is.jhsph.edu
97net4.jhsph.edu
98node2150.it.mtu.edu
99ocw.jhsph.edu
100ohcininetng-fw01.cengage.com
101pc4.sdn-test.grnoc.iu.edu
102proxy-ext3.osumc.edu
103raweb108.refworks.com
104sc.vizientinc.com
105sdg-dev.cites.illinois.edu
106shib-d1.calnet.berkeley.edu
107shib-test2.gatech.edu
108shibb-discovery.mbl.edu
109srfseward1.rfsuny.org
110t2pguardian01.t2hosted.com
111topiawww1.webair.com
112trln-dev.trln.org
113trlnr610a.trln.org
114tshib02.ucmerced.edu
115vm-bs-158-38-213-170.cl.uninett.no
116vpn.cloudtricity.com
117vx26.ucsf.edu
118webmail.imleagues.com