We use cookies to improve our website and your experience when using it. Cookies used for the essential operation of the site have already been set. To find out more about the cookies we use and how to delete them, see our Cookies Policy

  • piastrina-idem-new-1
  • arrow
  • 2376780-1

  • Books-1-icon
  • blackboard1
  • microscope-icon
  • wifi-2
  • Corinthian-icon
  • Activity-Monitor-icon
  • piastrina-idem-new-2
  • piastrina-idem-new-3
  • piastrina-idem-new-4

IDEM Metadata distribution UPDATE


Dear Italy-IDEM Federation Participants,

according to the new standards and security assessment/upgrade, and the inter-federation agreements, in order to reach a higher security standard level and a major inter-operability between federations, Italy-IDEM Federation set a new distribution system for its Federation metadata.

In the meantime we have a new metadata signing key, due to the expiration of the metadata signing certificate in use.
New certificate available at https://www.idem.garr.it/documenti/doc_download/321-idem-metadata-signer-2019

1- Idem Federation metadata will be distributed in four different forms:
   a) with SHA-256 hash signed
   b) with SHA-1 hash signed (NEW key). Please keep in mind that SHA-1 is becoming obsolete during the current year (2014), so you are kindly asked to upgrade your systems as soon as possible.
   c) with SHA-1 hash signed (OLD key, expiring on the 17th of April 2014). Please keep in mind that SHA-1 is becoming obsolete during the current year (2014), so you are kindly asked to upgrade your systems as soon as possible.
   d) not signed available only until the 15th of January 2015

The new locations of Italy-IDEM metadata are:

Italy-IDEM Federation (Production):
http://www.garr.it/idem-metadata/idem-metadata-sha256.xml (NEW key, SHA-256)
http://www.garr.it/idem-metadata/idem-metadata-sha1.xml (NEW key, SHA-1)
https://www.idem.garr.it/docs/conf/signed-metadata.xml (OLD key, sha-1, until 17/Apr/2014)
https://www.idem.garr.it/docs/conf/idem-metadata.xml (NOT signed, until 15/Jan/2015)

TEST Federation:
http://www.garr.it/idem-metadata/idem-test-metadata-sha256.xml (NEW key, SHA-256)
http://www.garr.it/idem-metadata/idem-test-metadata-sha1.xml (NEW key, SHA-1)
https://www.idem.garr.it/docs/conf/signed-test-metadata.xml (OLD key, SHA-1, until 17/Apr/2014)
https://www.idem.garr.it/docs/conf/idem-test-metadata.xml (NOT signed, until 15/Jan/2015)

Only for entities with eduGAIN opt-in:
http://www.garr.it/idem-metadata/edugain2idem-metadata-sha256.xml (NEW key, SHA-256)
http://www.garr.it/idem-metadata/edugain2idem-metadata-sha1.xml (NEW key, SHA-1)

Recommendations of usage:

- SAML2 (Shibboleth 2.x) resources MUST use SHA-256
- SAML1 (Shibboleth 1.x) resources MUST use SHA-1 (but it is STRONGLY RECOMMENDED to upgrade to shib2 and sha-256)
- Those resources using not_signed metadata are kindly asked to use a signed version, MANDATORY from the 15th of January 2015.

You can find some configuration guide at the following URL:


Thank you very much for your attention, regards
Italy-IDEM Staff

Eventi IDEM

La VII Assemblea dei Membri della Federazione IDEM si terrà a Firenze, 1 dicembre 2016 ore 17.30 – 19.00 c/o Polo Universitario di Novoli.

Track: Trust, Identity and Middleware Applications at Internet2 Technical Exchange
25-29 Settembre 2016, Miami,...


IDEM ha completato la transizione della policy di...
L'Assemblea dei Membri della federazione IDEM, che si...
  Carissimi partecipanti della Federazione...
  Dear Italy-IDEM Federation...
In occasione del IV Convegno IDEM che si terrà dal 2...