SWAMID-525, Keyrollover part 1 for 4 SP:s at math.su.se

author: Björn Mattsson <bjorn@sunet.se> 2021-12-03 12:21:00 +0100
committer: Björn Mattsson <bjorn@sunet.se> 2021-12-03 12:21:00 +0100
commit: 807761e113fe2bfc315027145620f6f1e1578f9c (patch)
tree: 4a10fb205f1717fcfa1bb808fa3d7bc7bda1ee06 /swamid-2.0/kurser.math.su.se-shibboleth.xml
parent: f9c0306d39dc33ea7dc2b2371d8c7dc899aacc41 (diff)
1 files changed, 73 insertions, 37 deletions
diff --git a/swamid-2.0/kurser.math.su.se-shibboleth.xml b/swamid-2.0/kurser.math.su.se-shibboleth.xml
index d40049eb..31290b5e 100644
--- a/swamid-2.0/kurser.math.su.se-shibboleth.xml
+++ b/swamid-2.0/kurser.math.su.se-shibboleth.xml
@@ -11,6 +11,22 @@
         <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
       </samla:Attribute>
     </mdattr:EntityAttributes>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
   </md:Extensions>
   <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
     <md:Extensions>
@@ -22,8 +38,12 @@
         <mdui:PrivacyStatementURL xml:lang="sv">https://www.su.se/matematiska-institutionen/om-institutionen/organisation/kurssida-f%C3%B6r-matematiska-institutionen-vid-stockholms-universitet-1.582621</mdui:PrivacyStatementURL>
         <mdui:PrivacyStatementURL xml:lang="en">https://www.su.se/department-of-mathematics/about-the-department/organisation/course-site-for-the-department-of-mathematics-at-stockholm-university-1.582628</mdui:PrivacyStatementURL>
       </mdui:UIInfo>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://kurser.math.su.se/Shibboleth.sso/WAYF/idp.it.su.se"/>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://kurser.math.su.se/Shibboleth.sso/WAYF/idp.hig.se"/>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://kurser.math.su.se/Shibboleth.sso/WAYF/saml.sys.kth.se"/>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://kurser.math.su.se/Shibboleth.sso/WAYF/antagning"/>
     </md:Extensions>
-    <md:KeyDescriptor use="signing">
+    <md:KeyDescriptor>
       <ds:KeyInfo>
         <ds:KeyName>kurser.math.su.se</ds:KeyName>
         <ds:X509Data>
@@ -55,54 +75,70 @@ orcBunWAqfoXXOHt4HTclLpL01R8y9T5LvZBWpEN75u3fkRHWS/kQIXHprWp07xv
 </ds:X509Certificate>
         </ds:X509Data>
       </ds:KeyInfo>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
     </md:KeyDescriptor>
     <md:KeyDescriptor use="encryption">
       <ds:KeyInfo>
         <ds:KeyName>kurser.math.su.se</ds:KeyName>
         <ds:X509Data>
-          <ds:X509SubjectName>CN=kurser.math.su.se,O=Stockholms universitet,C=SE</ds:X509SubjectName>
-          <ds:X509Certificate>MIIEcDCCA1igAwIBAgIQE1y2ZmHRWdeouH6Sf5z+WjANBgkqhkiG9w0BAQUFADA2
-MQswCQYDVQQGEwJOTDEPMA0GA1UEChMGVEVSRU5BMRYwFAYDVQQDEw1URVJFTkEg
-U1NMIENBMB4XDTEwMDExOTAwMDAwMFoXDTEzMDExODIzNTk1OVowSjELMAkGA1UE
-BhMCU0UxHzAdBgNVBAoTFlN0b2NraG9sbXMgdW5pdmVyc2l0ZXQxGjAYBgNVBAMT
-EWt1cnNlci5tYXRoLnN1LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
-AQEA6BmSQGmI4Efp95B1PMcAPi0/KsW6CZHRku76vh8IS+DBD3zV/A5EFWwlGIBt
-TohN+f6dp5ed4/9C6zlfdSyUblqb607LLeCTsmA4YPFWVon63VdE5GQL0x6Ii55I
-mD+z5d9fhNcL/NAffDAVDLB5HH7YEeX1CBa56NWQO6FHb4f2xX1eURt9+TRxCijQ
-LxhUt/RyMSCujqXE8a2j6JO5UksK7549uHd2zFXwpNMmMr8XnsEwcSj7jCT2MXyZ
-jQoGXTTCOORX2tBsWdN/q0XunCxWybZntLih2G3Q5WF0+6NVDuJtVPWsooqZlnre
-jYsPPvMiryeEVv1l6uGq6G+/FwIDAQABo4IBZDCCAWAwHwYDVR0jBBgwFoAUDL2T
-aAzz3qujSWsrN1dH6pDjue0wHQYDVR0OBBYEFAZIY/QOfeb6IU8E3CmoV4n7u57a
-MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUF
-BwMBBggrBgEFBQcDAjAYBgNVHSAEETAPMA0GCysGAQQBsjEBAgIdMDoGA1UdHwQz
-MDEwL6AtoCuGKWh0dHA6Ly9jcmwudGNzLnRlcmVuYS5vcmcvVEVSRU5BU1NMQ0Eu
-Y3JsMG0GCCsGAQUFBwEBBGEwXzA1BggrBgEFBQcwAoYpaHR0cDovL2NydC50Y3Mu
-dGVyZW5hLm9yZy9URVJFTkFTU0xDQS5jcnQwJgYIKwYBBQUHMAGGGmh0dHA6Ly9v
-Y3NwLnRjcy50ZXJlbmEub3JnMBwGA1UdEQQVMBOCEWt1cnNlci5tYXRoLnN1LnNl
-MA0GCSqGSIb3DQEBBQUAA4IBAQCfqwDPk9vrMyV/Lv9bzX5nCQKWAuAYlo6qX9lI
-W2IM1IES3LYHzBOt1Rbde4r56HYVy/F8z1DiG/SDTT/WZciArryOozZSTmjfkD1J
-BoRtWsNKnGckWCigaxDS/ai1aGl+X8kZTxUAMQtHIJtkeLZaz1aYv5BMCK0aDPCz
-+jK9xMSMbBhWrVhs6HnkFnGhr71s7ZFbMxRv6psLSPl055grTLQK4eLQ63pWNeTM
-orcBunWAqfoXXOHt4HTclLpL01R8y9T5LvZBWpEN75u3fkRHWS/kQIXHprWp07xv
-2Zkq+NG9O7ixLXCdQrd/dZlG8/RITegnw2rhMIpEf25eTkvl
+          <ds:X509SubjectName>CN=kurser.math.su.se</ds:X509SubjectName>
+          <ds:X509Certificate>MIIEBTCCAm2gAwIBAgIUfSPUjmhuivvSbIbCjXstP/Vhj9YwDQYJKoZIhvcNAQEL
+BQAwHDEaMBgGA1UEAxMRa3Vyc2VyLm1hdGguc3Uuc2UwHhcNMjExMTMwMTIyODA0
+WhcNMzExMTI4MTIyODA0WjAcMRowGAYDVQQDExFrdXJzZXIubWF0aC5zdS5zZTCC
+AaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAM4H7FfA3lIh6IaSwnvrr2mW
+nKMMyenHo3LVH41BzLeVp+H2T6lnijqzM7SrJd39yQ0lKkn52LjB4lDLK7aSM2JA
+gxVPyb1nTcuVzMmi6HXSmuvdvL3Tg4mzKHPurgdI9JSv5xgJuF0CK0GWW4CfDVfX
+ItkvLm9u9DXeYnDEOCi7HUiPhVXeDtI/InHFFFgI7uf6Rc5aFkj2gs+A7sjbh/Wt
+kbzAFZxb+PDDrsegwhS/AFxY47uPFE9d1Re7nLX0aP05bu0n/NSU+6FeBun916Hn
+QW/+pKEF5OZjBCFS/DBXoNzSKHNH4gRtDyQyBIS93j0uSFrC0hZ08TEl8a59ziDX
+oRlGLq/S95UX9H4mMnCbxlv/N0Nrt2mgErADFodXWxmCiXoYem7PTx5iMuBQ0QEZ
+I2C/RYY4xPEmwFUMmacHUrb5QWdsl52OHJIhO+SLEoweBex5E8sXUa2QLk6v/gNu
+IYAMxVoBpdx6NUyNzaKcAZctiL90BJ/EF+IpqqXudQIDAQABoz8wPTAcBgNVHREE
+FTATghFrdXJzZXIubWF0aC5zdS5zZTAdBgNVHQ4EFgQUXHaytMyCWANOjlfhripq
+vsq+RyQwDQYJKoZIhvcNAQELBQADggGBAGQgcxHimx3bnCav2nKK3JpHJBu/Oqm4
+ABT0DnGWv2BKnwJoT/xbNDxnpMpASFUV9wmLB8SWaGORcI+USO78uhwK3kIvN9Qp
+LooFKNL0YEYW7Za67y68lOiS5bKpUlAheRd0LZwdMCfpMLrB3QGJhstVrqNsVwlh
+zX0jsFCDm0BAUwe+rvkqmsHnfdTPC+VW/ovFBMVxHKjagFonAmYYWx3iV19f0f6Q
+3ZGUu7aYp3Cpz+reK0KUWMDe8iFp6HD5GjvHooKHcXD611hvIPldKjMmVaaQhufA
+DOyJnXBj8uia8mhMtiw7EFJk4teXZH2ZtFo/k/voHCxf9d0zh5SP+Dea3V1WLxnn
+Oq4HnqaiHgWhmwDFPVEdCJlvWfcG1VpCPIy0Mmvu2jlKPSN7KT6vn/m7UXPdT+G5
+EnptQmLb4VO37U5RrgQHAkjeyTtn60wQ74wWmuIkCNmsV1i5UMCD5nxyrFEy6ant
+r+TncAEB8Ab193KqbVs9FpIQ120x4uecog==
 </ds:X509Certificate>
         </ds:X509Data>
       </ds:KeyInfo>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
     </md:KeyDescriptor>
-    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://kurser.math.su.se/Shibboleth.sso/SLO/SOAP"/>
-    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://kurser.math.su.se/Shibboleth.sso/SLO/Redirect"/>
-    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://kurser.math.su.se/Shibboleth.sso/SLO/POST"/>
+    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://kurser.math.su.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
     <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://kurser.math.su.se/Shibboleth.sso/SLO/Artifact"/>
-    <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://kurser.math.su.se/Shibboleth.sso/NIM/SOAP"/>
-    <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://kurser.math.su.se/Shibboleth.sso/NIM/Redirect"/>
-    <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://kurser.math.su.se/Shibboleth.sso/NIM/POST"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://kurser.math.su.se/Shibboleth.sso/SLO/POST"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://kurser.math.su.se/Shibboleth.sso/SLO/Redirect"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://kurser.math.su.se/Shibboleth.sso/SLO/SOAP"/>
     <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://kurser.math.su.se/Shibboleth.sso/NIM/Artifact"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://kurser.math.su.se/Shibboleth.sso/SAML2/POST" index="1"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://kurser.math.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://kurser.math.su.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://kurser.math.su.se/Shibboleth.sso/SAML2/ECP" index="4"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://kurser.math.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+    <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://kurser.math.su.se/Shibboleth.sso/NIM/POST"/>
+    <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://kurser.math.su.se/Shibboleth.sso/NIM/Redirect"/>
+    <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://kurser.math.su.se/Shibboleth.sso/NIM/SOAP"/>
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://kurser.math.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://kurser.math.su.se/Shibboleth.sso/SAML/POST" index="7"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://kurser.math.su.se/Shibboleth.sso/SAML2/Artifact" index="8"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://kurser.math.su.se/Shibboleth.sso/SAML2/ECP" index="9"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://kurser.math.su.se/Shibboleth.sso/SAML2/POST" index="10"/>
     <md:AttributeConsumingService index="0">
       <md:ServiceName xml:lang="en">kurser.math.su.se</md:ServiceName>
       <md:ServiceName xml:lang="sv">kurser.math.su.se</md:ServiceName>
author	Björn Mattsson <bjorn@sunet.se>	2021-12-03 12:21:00 +0100
committer	Björn Mattsson <bjorn@sunet.se>	2021-12-03 12:21:00 +0100
commit	807761e113fe2bfc315027145620f6f1e1578f9c (patch)
tree	4a10fb205f1717fcfa1bb808fa3d7bc7bda1ee06 /swamid-2.0/kurser.math.su.se-shibboleth.xml
parent	f9c0306d39dc33ea7dc2b2371d8c7dc899aacc41 (diff)