...
Div | ||
---|---|---|
| ||
|
Late in 2013, InCommon Operations introduced three new production distributes multiple production-quality metadata aggregates at the following permanent HTTP locations:
- http://md.incommon.org/InCommon/InCommon-metadata-preview.xml (preview)
- http://md.incommon.org/InCommon/InCommon-metadata.xml (main)
- http://md.incommon.org/InCommon/InCommon-metadata-fallback.xml (fallback)
and
Note |
---|
You may also use TLS (https) to download the aggregates noted above. You are strongly advised not to depend solely on TLS for the security of your metadata downloads, and to continue the critical practice of verifying the signature on metadata according to the instructions on the Metadata Consumption page. Clients that are capable of doing so should continue to download metadata over unencrypted http. |
All metadata aggregates are signed using the same metadata signing key and the SHA-256 digest algorithm. To verify the signature on an aggregate, a consumer must obtain an authentic copy of the InCommon Metadata Signing Certificate.
Note | ||
---|---|---|
| ||
The IdP-only Aggregate is for SP deployments only! |
Operationally, structural changes to metadata are first introduced into the Preview Aggregate and subsequently synchronized with the Main Aggregate and the Fallback Aggregate, in that order. Time between synchronization events depends on the nature of the structural change.
...
Metadata consumers choose exactly one of the above three aggregates in the pipeline depending on the immediate requirements of their deployment.
Advanced Tables - Table Plus | |||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| |||||||||||||||||||||
|
Multiple metadata aggregates allow InCommon to deploy changes to metadata more quickly, easily, and safely.
Preview Metadata Aggregate
...
The Fallback Aggregate is transient in the sense that backward compatibility is provided for a limited, predetermined period of time. This forces deployments to adjust to breaking changes to metadata albeit in a controlled environment.