SWAMID-3207: Added lookup.cert.sunet.semd-2023-10-10-v02

author: Johan Wassberg <jocar@sunet.se> 2023-10-10 10:48:09 +0200
committer: Johan Wassberg <jocar@sunet.se> 2023-10-10 10:48:09 +0200
commit: 506d4337308f261214df9e6e649715fd13e26787 (patch)
tree: a05d9954212c11839dfb570e9abddd28ef5bdb14
parent: 67fa7bf42ecca8948ec935ef1799c2cc98fb2b05 (diff)
2 files changed, 123 insertions, 0 deletions
diff --git a/metadata/swamid-2.0/lookup.cert.sunet.se-shibboleth.xml b/metadata/swamid-2.0/lookup.cert.sunet.se-shibboleth.xml
new file mode 100644
index 00000000..b36d466e
--- /dev/null
+++ b/metadata/swamid-2.0/lookup.cert.sunet.se-shibboleth.xml
@@ -0,0 +1,122 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute" xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="https://lookup.cert.sunet.se/shibboleth">
+  <md:Extensions>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
+    <mdrpi:RegistrationInfo registrationAuthority="http://www.swamid.se/" registrationInstant="2023-10-09T18:04:12Z">
+      <mdrpi:RegistrationPolicy xml:lang="en">http://swamid.se/policy/mdrps</mdrpi:RegistrationPolicy>
+    </mdrpi:RegistrationInfo>
+    <mdattr:EntityAttributes>
+      <samla:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+        <samla:AttributeValue>https://refeds.org/category/personalized</samla:AttributeValue>
+      </samla:Attribute>
+    </mdattr:EntityAttributes>
+  </md:Extensions>
+  <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+    <md:Extensions>
+      <init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://lookup.cert.sunet.se/Shibboleth.sso/Login"/>
+      <idpdisc:DiscoveryResponse Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://lookup.cert.sunet.se/Shibboleth.sso/Login" index="1"/>
+      <mdui:UIInfo>
+        <mdui:Description xml:lang="en">Check or report IOCs to SUNETs MISP community</mdui:Description>
+        <mdui:Description xml:lang="sv">Sök eller rapportera IOCer till SUNETs MISP community</mdui:Description>
+        <mdui:DisplayName xml:lang="en">SUNET CERT IOC Lookup</mdui:DisplayName>
+        <mdui:DisplayName xml:lang="sv">SUNET CERT IOC Lookup</mdui:DisplayName>
+        <mdui:InformationURL xml:lang="en">https://wiki.sunet.se/display/SUNETCERT/IOC-Lookup</mdui:InformationURL>
+        <mdui:InformationURL xml:lang="sv">https://wiki.sunet.se/display/SUNETCERT/IOC-Lookup</mdui:InformationURL>
+        <mdui:PrivacyStatementURL xml:lang="en">https://wiki.sunet.se/display/SUNETCERT/Data+Protection+Code+of+Conduct</mdui:PrivacyStatementURL>
+        <mdui:PrivacyStatementURL xml:lang="sv">https://wiki.sunet.se/display/SUNETCERT/Data+Protection+Code+of+Conduct</mdui:PrivacyStatementURL>
+      </mdui:UIInfo>
+    </md:Extensions>
+    <md:KeyDescriptor>
+      <ds:KeyInfo>
+        <ds:KeyName>lookup</ds:KeyName>
+        <ds:X509Data>
+          <ds:X509SubjectName>CN=lookup</ds:X509SubjectName>
+          <ds:X509Certificate>MIID5DCCAkygAwIBAgIUdnSjEhfcAgpIfJrw8w8aUanzGXAwDQYJKoZIhvcNAQEL
+BQAwETEPMA0GA1UEAxMGbG9va3VwMB4XDTIzMTAwOTEzNTExOVoXDTMzMTAwNjEz
+NTExOVowETEPMA0GA1UEAxMGbG9va3VwMIIBojANBgkqhkiG9w0BAQEFAAOCAY8A
+MIIBigKCAYEAvQZF/9tFuRX7ooSa8uatx+Zyv34qyIJvml2i8YBBsV3hn8bqjIKa
+JwBA6GNe48/Ll4SPn+7Eqr9wPKybzgfLhG1RDR6eelw+JtOPQV9I0XLH7EEowuZn
+j7g47SzGXpPZxsGLP4A+dXtkqXVKCvmeV/Pa5Bgm05NByVvCZDsJQaiRSanM4lFG
+kzysxNSf8DEAsWKWi8zSP/Aa2qlgIzkRWXOjJ5rJb4LWqbeWzxRjjG4T+d09jCYK
+pP6S9p1lJVJ6UtkGYMiCwgqE/+KTy/0rL1NQe1ARVCEVULX1OJEPLZn1B3dXd6xL
+YIPw+7HsYsKG7xuqDBg6hLIhA0YKVvFFqVs5osi9T11/mectFw01I9x17KUBOolS
+Y5kbmG2wJ4EOWN3ekkD4wlmTZev47n5eXktF3PGrYGwHDl4Dv9DbjZzTK5HtE0nZ
+yawAuLvmSs4RE4bOUOyD6tsfeRyRMBSrvfTlsjDNP/x+dCL1yKSq8F52oTXLSYrk
+TzO9Ktl95ApDAgMBAAGjNDAyMBEGA1UdEQQKMAiCBmxvb2t1cDAdBgNVHQ4EFgQU
+qBHryJHSjGg+05ZRyufJUmIkyR8wDQYJKoZIhvcNAQELBQADggGBAFd8Ux/D18v6
+W0j3UF7Pif/FDFUlmhw28Cx1ut6NcoLedTIb092nw/GSRmDojT92dESVyCCDkwiU
+kVInGL37DOxf+kl1G1TA/t/gsb728fEQ6IwEjaZHkDV+qAZmve5kkJLwZ8P1HbvN
+lRp7p6FTnpqaUzt8Ah2Af7ztHdI721u309nUZ+UT62cCUpBvqlrZymIizpFORzV9
+xyM8ugqJdbKHkG5i/lGcwAj2H1mK3igGTOx/y/EutvYt0gLeQhpv/vowuGCUKRlv
+HO0QhqLZ6mQAZRI4Z6vZRSTkt+mpDJX6PpJbaxud3M6cCbUZPv/rt01isEn3H5Op
+gOVvNsIiMsXhTeoZkwC2NzoyjOZKhaxcjFcZAuB3gQbWoLuR5YlDNd6nm86EBnLI
+D63geSu79lNsTIvIbXpaOQfdqmPskrtZlJxmp1TBonKLBAH3s1EG8ZPxky+OT8MO
+fnhrbIJZk17LO1uBkDd6DCG3AXHvOufHGIi+pzM9epF91CkEUiEHag==</ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
+    </md:KeyDescriptor>
+    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://lookup.cert.sunet.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://lookup.cert.sunet.se/Shibboleth.sso/SLO/SOAP"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://lookup.cert.sunet.se/Shibboleth.sso/SLO/Redirect"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://lookup.cert.sunet.se/Shibboleth.sso/SLO/POST"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://lookup.cert.sunet.se/Shibboleth.sso/SLO/Artifact"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://lookup.cert.sunet.se/Shibboleth.sso/SAML2/POST" index="1"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://lookup.cert.sunet.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://lookup.cert.sunet.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://lookup.cert.sunet.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://lookup.cert.sunet.se/Shibboleth.sso/SAML/POST" index="5"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://lookup.cert.sunet.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+  </md:SPSSODescriptor>
+  <md:Organization>
+    <md:OrganizationName xml:lang="en">The Swedish Research Council</md:OrganizationName>
+    <md:OrganizationName xml:lang="sv">Vetenskapsrådet</md:OrganizationName>
+    <md:OrganizationDisplayName xml:lang="en">Sunet</md:OrganizationDisplayName>
+    <md:OrganizationDisplayName xml:lang="sv">Sunet</md:OrganizationDisplayName>
+    <md:OrganizationURL xml:lang="en">https://www.sunet.se</md:OrganizationURL>
+    <md:OrganizationURL xml:lang="sv">https://www.sunet.se</md:OrganizationURL>
+  </md:Organization>
+  <md:ContactPerson contactType="administrative">
+    <md:Company>SUNET</md:Company>
+    <md:GivenName>Security Response Team</md:GivenName>
+    <md:EmailAddress>mailto:cert@sunet.se</md:EmailAddress>
+  </md:ContactPerson>
+  <md:ContactPerson contactType="technical">
+    <md:Company>SUNET</md:Company>
+    <md:GivenName>SUNET SOC</md:GivenName>
+    <md:EmailAddress>mailto:soc@sunet.se</md:EmailAddress>
+  </md:ContactPerson>
+  <md:ContactPerson contactType="support">
+    <md:Company>SUNET</md:Company>
+    <md:GivenName>Security Response Team</md:GivenName>
+    <md:EmailAddress>mailto:cert@sunet.se</md:EmailAddress>
+  </md:ContactPerson>
+  <md:ContactPerson xmlns:remd="http://refeds.org/metadata" contactType="other" remd:contactType="http://refeds.org/metadata/contactType/security">
+    <md:Company>SUNET</md:Company>
+    <md:GivenName>SUNET SOC</md:GivenName>
+    <md:EmailAddress>mailto:soc@sunet.se</md:EmailAddress>
+  </md:ContactPerson>
+</md:EntityDescriptor>
diff --git a/metadata/swamid-sp-2.0.mxml b/metadata/swamid-sp-2.0.mxml
index f54618ad..0aaea082 100644
--- a/metadata/swamid-sp-2.0.mxml
+++ b/metadata/swamid-sp-2.0.mxml
@@ -218,6 +218,7 @@
   <xi:include href="swamid-2.0/login.quicksearch.se-AuthServices.xml"/>
   <xi:include href="swamid-2.0/login.sto3.safespring.com-shibboleth.xml"/>
   <xi:include href="swamid-2.0/login.varbi.com-simplesaml-module.php-saml-sp-metadata.php-varbi-sp.xml"/>
+  <xi:include href="swamid-2.0/lookup.cert.sunet.se-shibboleth.xml"/>
   <xi:include href="swamid-2.0/ltu.hr.evry.se-shibboleth.xml"/>
   <xi:include href="swamid-2.0/lu.beta.instructure.com-saml2.xml"/>
   <xi:include href="swamid-2.0/lu.test.instructure.com-saml2.xml"/>
author	Johan Wassberg <jocar@sunet.se>	2023-10-10 10:48:09 +0200
committer	Johan Wassberg <jocar@sunet.se>	2023-10-10 10:48:09 +0200
commit	506d4337308f261214df9e6e649715fd13e26787 (patch)
tree	a05d9954212c11839dfb570e9abddd28ef5bdb14
parent	67fa7bf42ecca8948ec935ef1799c2cc98fb2b05 (diff)