Export Aggregate
InCommon maintains an Export Aggregate for the purposes of interfederation:
In terms of content, the Export Aggregate is a proper subset of the Main Aggregate. For more information about the various metadata aggregates used in the InCommon Federation, see the Metadata Aggregates parent topic.
# InCommon export aggregate distribution point $ MD_LOCATION=http://md.incommon.org/InCommon/InCommon-metadata-export.xml # Fetch the metadata and list the entityIDs of exported entity descriptors $ MD_PATH=/tmp/InCommon-metadata-export.xml $ curl --silent $MD_LOCATION \ | tee $MD_PATH \ | grep -F ' entityID=' \ | sed 's/^.* entityID="\([^"]*\).*$/\1/'
End entities typically do not consume the Export Aggregate, which is intended for other federations and aggregation services such as eduGAIN. In any case, the Export Aggregate is signed with the same metadata signing key used to sign other InCommon aggregates. To verify the signature on the metadata, a consumer must obtain an authentic copy of the InCommon Metadata Signing Certificate.
Entity metadata is included in the Export Aggregate subject to the following policy:
Basic Metadata Export Policy
InCommon Operations refreshes the Export Aggregate daily, in conjunction with the daily metadata-signing process.
- IdPs are exported by default (but may choose to opt out)
- SPs actively opt in to the export process
InCommon Operations reserves the right to prevent any entity from being exported. See the Interfederation Technical Policy topic for a complete list of export policy rules.
At this point, only a small subset of InCommon metadata is included in the Export Aggregate.
Full eduGAIN participation begins on February 15, 2016