InCommon metadata is the basis for trust within the InCommon Federation. In a very real sense, SAML metadata powers the federation. Without metadata, trusted operations within the Federation would grind to a halt.

Put another way, SAML metadata represents the trust backbone of the InCommon Federation. Within the federation, trust is based on what effectively is a SAML-based PKI (as opposed to a more traditional X.509 Certificate-based PKI) built on top of trusted SAML metadata.

Federation participants trust InCommon to vet the metadata content submitted by other participants. In turn, InCommon vouches for the integrity of the metadata it makes available to participants. This implicit trust agreement underlies and strengthens the security of the SAML protocol exchanges used throughout the Federation.