SWAMID-525, Keyrollover part 1 for 4 SP:s at math.su.se

author: Björn Mattsson <bjorn@sunet.se> 2021-12-03 12:21:00 +0100
committer: Björn Mattsson <bjorn@sunet.se> 2021-12-03 12:21:00 +0100
commit: 807761e113fe2bfc315027145620f6f1e1578f9c (patch)
tree: 4a10fb205f1717fcfa1bb808fa3d7bc7bda1ee06 /swamid-2.0
parent: f9c0306d39dc33ea7dc2b2371d8c7dc899aacc41 (diff)
4 files changed, 275 insertions, 73 deletions
diff --git a/swamid-2.0/etenta.math.su.se-shibboleth.xml b/swamid-2.0/etenta.math.su.se-shibboleth.xml
index da24d51a..a3a0781e 100644
--- a/swamid-2.0/etenta.math.su.se-shibboleth.xml
+++ b/swamid-2.0/etenta.math.su.se-shibboleth.xml
@@ -9,6 +9,22 @@
         <samla:AttributeValue>http://www.geant.net/uri/dataprotection-code-of-conduct/v1</samla:AttributeValue>
       </samla:Attribute>
     </mdattr:EntityAttributes>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
   </md:Extensions>
   <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
     <md:Extensions>
@@ -20,8 +36,11 @@
         <mdui:PrivacyStatementURL xml:lang="sv">https://www.su.se/matematiska-institutionen/om-institutionen/organisation/elektronisk-tentamen-f%C3%B6r-studenter-p%C3%A5-matematiska-institutionen-vid-stockholms-universitet-1.584847</mdui:PrivacyStatementURL>
         <mdui:PrivacyStatementURL xml:lang="en">https://www.su.se/department-of-mathematics/about-the-department/organisation/electronic-exams-for-students-at-the-department-of-mathematics-at-stockholm-university-1.584848</mdui:PrivacyStatementURL>
       </mdui:UIInfo>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://etenta.math.su.se/Shibboleth.sso/WAYF/idp.it.su.se"/>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://etenta.math.su.se/Shibboleth.sso/WAYF/antagning"/>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://etenta.math.su.se/Shibboleth.sso/WAYF/idp.hig.se"/>
     </md:Extensions>
-    <md:KeyDescriptor use="signing">
+    <md:KeyDescriptor>
       <ds:KeyInfo>
         <ds:KeyName>etenta.math.su.se</ds:KeyName>
         <ds:X509Data>
@@ -53,53 +72,70 @@ vC40Zznf98QP1QaaAJ1B90WydJegGcz28vmrn1SEIIlOtTic
 </ds:X509Certificate>
         </ds:X509Data>
       </ds:KeyInfo>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
     </md:KeyDescriptor>
     <md:KeyDescriptor use="encryption">
       <ds:KeyInfo>
         <ds:KeyName>etenta.math.su.se</ds:KeyName>
         <ds:X509Data>
-          <ds:X509SubjectName>CN=etenta.math.su.se,O=Stockholms universitet,C=SE</ds:X509SubjectName>
-          <ds:X509Certificate>MIIEcDCCA1igAwIBAgIQPeuEmtzAXHUS0vug+BLA6TANBgkqhkiG9w0BAQUFADA2
-MQswCQYDVQQGEwJOTDEPMA0GA1UEChMGVEVSRU5BMRYwFAYDVQQDEw1URVJFTkEg
-U1NMIENBMB4XDTEwMDExNTAwMDAwMFoXDTEzMDExNDIzNTk1OVowSjELMAkGA1UE
-BhMCU0UxHzAdBgNVBAoTFlN0b2NraG9sbXMgdW5pdmVyc2l0ZXQxGjAYBgNVBAMT
-EWV0ZW50YS5tYXRoLnN1LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
-AQEAqTegRf6kffNbA8D4Lrij26Zu81qPigIokEhLdZrGsx5DEH5jsmoIrhoEZshV
-vBGwIJIA/IoxRZFEjcTWvaJcYG01oSr3/XBKeYjEVRSX3KxbcU5Dd2qN5YnvyxoW
-oldlTmU22TuOovup0UjkKpQ7VPzgcMU3gQ6Cx0oUHJ0KAgI6yCMooX/cR0CCjfZ6
-XTPTqtnoSYr+j2ZWGNcHUBd0AFXu6fNBxmpy/HTNY+UVeaWF5shrg2tginZkQQ2m
-1R/RFiNxC5JPv5IBrZ8YkkvLOz7rQAkVCnXAVl7bp75qpxQ3R9mAJV4KpcFHY04e
-7plxQY1ISBvoqNPJkOIhDr/sdwIDAQABo4IBZDCCAWAwHwYDVR0jBBgwFoAUDL2T
-aAzz3qujSWsrN1dH6pDjue0wHQYDVR0OBBYEFEEgsYJkGCGrGtB3mPmAQMXlCOru
-MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUF
-BwMBBggrBgEFBQcDAjAYBgNVHSAEETAPMA0GCysGAQQBsjEBAgIdMDoGA1UdHwQz
-MDEwL6AtoCuGKWh0dHA6Ly9jcmwudGNzLnRlcmVuYS5vcmcvVEVSRU5BU1NMQ0Eu
-Y3JsMG0GCCsGAQUFBwEBBGEwXzA1BggrBgEFBQcwAoYpaHR0cDovL2NydC50Y3Mu
-dGVyZW5hLm9yZy9URVJFTkFTU0xDQS5jcnQwJgYIKwYBBQUHMAGGGmh0dHA6Ly9v
-Y3NwLnRjcy50ZXJlbmEub3JnMBwGA1UdEQQVMBOCEWV0ZW50YS5tYXRoLnN1LnNl
-MA0GCSqGSIb3DQEBBQUAA4IBAQBSD+s+1zbkDWniGmAo0iqclGzJQU6UKqmZuIF/
-0dOT5vZ6XyyZfhRqVVAew9m+E7IUg9iZcpKF4XtL1awUR+3tAyFJs05WWX0dcIFk
-qgvOsb54NBLDwdmM1f0B5yedJVZ6VFf3pqig17V25phElY/ArJe4XyqOS0JnXrd5
-UayFwWyOsjbZ5W0YhKAi8CCOdjQkz01Es3PCo6c0AL3uKOUNvVVmF8Jrku6DPzT2
-m27FphoUCoQa8mZRcxd4h/fmEhQMg2ZTVbLz+jwjI865pueFODIgf/8IAfiTDM6y
-vC40Zznf98QP1QaaAJ1B90WydJegGcz28vmrn1SEIIlOtTic
+          <ds:X509SubjectName>CN=etenta.math.su.se</ds:X509SubjectName>
+          <ds:X509Certificate>MIIEBTCCAm2gAwIBAgIUFKLyDLSe7897FbHGnpSTlgM0d0gwDQYJKoZIhvcNAQEL
+BQAwHDEaMBgGA1UEAxMRZXRlbnRhLm1hdGguc3Uuc2UwHhcNMjExMTMwMTIzMDM2
+WhcNMzExMTI4MTIzMDM2WjAcMRowGAYDVQQDExFldGVudGEubWF0aC5zdS5zZTCC
+AaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAK+yZ4TeWny5hE+Duv/bi/lz
+0Qrx6FQ2kEDzzYBcGL0N+jvJTJm21r+16XuqUrzE+O2+CaAgNtLRZtb8sI8MfI4V
+NoO5h32eliGc1uvgLJs7P9/9Bn/pDIKV88yVr4z7Gk9StkB1Fj314YlGLSY2LHKi
+lia59TBD4A4t9Mdh1N4dIEkGls0Jz8sRjs7+H97Fp+YnpBHi2pvxxb3et01YXoSS
+DxcgBAB2xMd7ypaRs0YTzxRAcFKAPNxCSyD9yeXENdGV7/wornXVl7LjKPsg6C1S
+Ru8oH4BIKiFIhFEa441w0Oo4hAu3kboXzYcuB+u9WoI6jQ9viAfD58wXI73O/u4u
+TIx18BSJwNFP16Q8tqS25blO+9miAY9aQDCDpuJYNEkFuQlqDK+AIjV8K901l57j
+KF4zY6rtbCRYqu5iEFGYZ7OxM+M+DJHjX4EajkpF70fnGjVvoxKbOgHRqpnVJq/O
+vhSShcPWwuHVrgnbYjptrWYcl18GKHJ2pPi/FBik9wIDAQABoz8wPTAcBgNVHREE
+FTATghFldGVudGEubWF0aC5zdS5zZTAdBgNVHQ4EFgQUgGrzcKsYtH0eFgAj/FCD
+1FfPqWUwDQYJKoZIhvcNAQELBQADggGBAF/KSsKOMJ5MQUV50b/NHaTixuvaKYNm
+0mTNk++Ta7Nj5IsrH1CbvoKDUc3EgDU7EieFoWb6cH2CtUcqh2HQQ1TN5G6E7ztu
+E2vyChfVyjWQEyqjywOFBtIo8ZmWd6uC0wuKy9ACN8TNy6nAZe1wHIJV3cb4dzv+
+i5FbyVhVKN+q+nQniQJLiylJ9xUspsfmOnxcuqgMqNNc6Q4EOT1SDXt7CnValWKx
+p8FbLokLykq/W3ONHJ4uBOiDSHpsngbajSF8XWwkRKAgpzp/zVHAve0JZElhB/kR
+az+8Z32Uu0svyhnqlqeYGehnCVYizAy73ZxO5NjH5aKuLgMPl/LefFBj7VCl9h5z
+uzT3DVRtNRl+ae1XxDtObJFOtVzasOivJkHzbHbsP2yikNBPkX4D7Soys72n8yle
+/e01Gkb3S6A/QFp0DJ+oIuD9Bq42uS3aGKx7YQP+984vg2PMlTkjoVlijr5nRZzK
+QUYfhLzUYuNWskoLQLCXtieByzsjSJGSPQ==
 </ds:X509Certificate>
         </ds:X509Data>
       </ds:KeyInfo>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
     </md:KeyDescriptor>
-    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://etenta.math.su.se/Shibboleth.sso/SLO/SOAP"/>
-    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://etenta.math.su.se/Shibboleth.sso/SLO/Redirect"/>
-    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://etenta.math.su.se/Shibboleth.sso/SLO/POST"/>
+    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://etenta.math.su.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
     <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://etenta.math.su.se/Shibboleth.sso/SLO/Artifact"/>
-    <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://etenta.math.su.se/Shibboleth.sso/NIM/SOAP"/>
-    <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://etenta.math.su.se/Shibboleth.sso/NIM/Redirect"/>
-    <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://etenta.math.su.se/Shibboleth.sso/NIM/POST"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://etenta.math.su.se/Shibboleth.sso/SLO/POST"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://etenta.math.su.se/Shibboleth.sso/SLO/Redirect"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://etenta.math.su.se/Shibboleth.sso/SLO/SOAP"/>
     <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://etenta.math.su.se/Shibboleth.sso/NIM/Artifact"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://etenta.math.su.se/Shibboleth.sso/SAML2/POST" index="1"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://etenta.math.su.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://etenta.math.su.se/Shibboleth.sso/SAML2/ECP" index="4"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://etenta.math.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+    <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://etenta.math.su.se/Shibboleth.sso/NIM/POST"/>
+    <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://etenta.math.su.se/Shibboleth.sso/NIM/Redirect"/>
+    <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://etenta.math.su.se/Shibboleth.sso/NIM/SOAP"/>
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://etenta.math.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://etenta.math.su.se/Shibboleth.sso/SAML/POST" index="7"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://etenta.math.su.se/Shibboleth.sso/SAML2/Artifact" index="8"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://etenta.math.su.se/Shibboleth.sso/SAML2/ECP" index="9"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://etenta.math.su.se/Shibboleth.sso/SAML2/POST" index="10"/>
     <md:AttributeConsumingService index="0">
       <md:ServiceName xml:lang="en">etenta.math.su.se</md:ServiceName>
       <md:ServiceName xml:lang="sv">etenta.math.su.se</md:ServiceName>
diff --git a/swamid-2.0/kurser.math.su.se-shibboleth.xml b/swamid-2.0/kurser.math.su.se-shibboleth.xml
index d40049eb..31290b5e 100644
--- a/swamid-2.0/kurser.math.su.se-shibboleth.xml
+++ b/swamid-2.0/kurser.math.su.se-shibboleth.xml
@@ -11,6 +11,22 @@
         <samla:AttributeValue>http://www.swamid.se/category/research-and-education</samla:AttributeValue>
       </samla:Attribute>
     </mdattr:EntityAttributes>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
   </md:Extensions>
   <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
     <md:Extensions>
@@ -22,8 +38,12 @@
         <mdui:PrivacyStatementURL xml:lang="sv">https://www.su.se/matematiska-institutionen/om-institutionen/organisation/kurssida-f%C3%B6r-matematiska-institutionen-vid-stockholms-universitet-1.582621</mdui:PrivacyStatementURL>
         <mdui:PrivacyStatementURL xml:lang="en">https://www.su.se/department-of-mathematics/about-the-department/organisation/course-site-for-the-department-of-mathematics-at-stockholm-university-1.582628</mdui:PrivacyStatementURL>
       </mdui:UIInfo>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://kurser.math.su.se/Shibboleth.sso/WAYF/idp.it.su.se"/>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://kurser.math.su.se/Shibboleth.sso/WAYF/idp.hig.se"/>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://kurser.math.su.se/Shibboleth.sso/WAYF/saml.sys.kth.se"/>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://kurser.math.su.se/Shibboleth.sso/WAYF/antagning"/>
     </md:Extensions>
-    <md:KeyDescriptor use="signing">
+    <md:KeyDescriptor>
       <ds:KeyInfo>
         <ds:KeyName>kurser.math.su.se</ds:KeyName>
         <ds:X509Data>
@@ -55,54 +75,70 @@ orcBunWAqfoXXOHt4HTclLpL01R8y9T5LvZBWpEN75u3fkRHWS/kQIXHprWp07xv
 </ds:X509Certificate>
         </ds:X509Data>
       </ds:KeyInfo>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
     </md:KeyDescriptor>
     <md:KeyDescriptor use="encryption">
       <ds:KeyInfo>
         <ds:KeyName>kurser.math.su.se</ds:KeyName>
         <ds:X509Data>
-          <ds:X509SubjectName>CN=kurser.math.su.se,O=Stockholms universitet,C=SE</ds:X509SubjectName>
-          <ds:X509Certificate>MIIEcDCCA1igAwIBAgIQE1y2ZmHRWdeouH6Sf5z+WjANBgkqhkiG9w0BAQUFADA2
-MQswCQYDVQQGEwJOTDEPMA0GA1UEChMGVEVSRU5BMRYwFAYDVQQDEw1URVJFTkEg
-U1NMIENBMB4XDTEwMDExOTAwMDAwMFoXDTEzMDExODIzNTk1OVowSjELMAkGA1UE
-BhMCU0UxHzAdBgNVBAoTFlN0b2NraG9sbXMgdW5pdmVyc2l0ZXQxGjAYBgNVBAMT
-EWt1cnNlci5tYXRoLnN1LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
-AQEA6BmSQGmI4Efp95B1PMcAPi0/KsW6CZHRku76vh8IS+DBD3zV/A5EFWwlGIBt
-TohN+f6dp5ed4/9C6zlfdSyUblqb607LLeCTsmA4YPFWVon63VdE5GQL0x6Ii55I
-mD+z5d9fhNcL/NAffDAVDLB5HH7YEeX1CBa56NWQO6FHb4f2xX1eURt9+TRxCijQ
-LxhUt/RyMSCujqXE8a2j6JO5UksK7549uHd2zFXwpNMmMr8XnsEwcSj7jCT2MXyZ
-jQoGXTTCOORX2tBsWdN/q0XunCxWybZntLih2G3Q5WF0+6NVDuJtVPWsooqZlnre
-jYsPPvMiryeEVv1l6uGq6G+/FwIDAQABo4IBZDCCAWAwHwYDVR0jBBgwFoAUDL2T
-aAzz3qujSWsrN1dH6pDjue0wHQYDVR0OBBYEFAZIY/QOfeb6IU8E3CmoV4n7u57a
-MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUF
-BwMBBggrBgEFBQcDAjAYBgNVHSAEETAPMA0GCysGAQQBsjEBAgIdMDoGA1UdHwQz
-MDEwL6AtoCuGKWh0dHA6Ly9jcmwudGNzLnRlcmVuYS5vcmcvVEVSRU5BU1NMQ0Eu
-Y3JsMG0GCCsGAQUFBwEBBGEwXzA1BggrBgEFBQcwAoYpaHR0cDovL2NydC50Y3Mu
-dGVyZW5hLm9yZy9URVJFTkFTU0xDQS5jcnQwJgYIKwYBBQUHMAGGGmh0dHA6Ly9v
-Y3NwLnRjcy50ZXJlbmEub3JnMBwGA1UdEQQVMBOCEWt1cnNlci5tYXRoLnN1LnNl
-MA0GCSqGSIb3DQEBBQUAA4IBAQCfqwDPk9vrMyV/Lv9bzX5nCQKWAuAYlo6qX9lI
-W2IM1IES3LYHzBOt1Rbde4r56HYVy/F8z1DiG/SDTT/WZciArryOozZSTmjfkD1J
-BoRtWsNKnGckWCigaxDS/ai1aGl+X8kZTxUAMQtHIJtkeLZaz1aYv5BMCK0aDPCz
-+jK9xMSMbBhWrVhs6HnkFnGhr71s7ZFbMxRv6psLSPl055grTLQK4eLQ63pWNeTM
-orcBunWAqfoXXOHt4HTclLpL01R8y9T5LvZBWpEN75u3fkRHWS/kQIXHprWp07xv
-2Zkq+NG9O7ixLXCdQrd/dZlG8/RITegnw2rhMIpEf25eTkvl
+          <ds:X509SubjectName>CN=kurser.math.su.se</ds:X509SubjectName>
+          <ds:X509Certificate>MIIEBTCCAm2gAwIBAgIUfSPUjmhuivvSbIbCjXstP/Vhj9YwDQYJKoZIhvcNAQEL
+BQAwHDEaMBgGA1UEAxMRa3Vyc2VyLm1hdGguc3Uuc2UwHhcNMjExMTMwMTIyODA0
+WhcNMzExMTI4MTIyODA0WjAcMRowGAYDVQQDExFrdXJzZXIubWF0aC5zdS5zZTCC
+AaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAM4H7FfA3lIh6IaSwnvrr2mW
+nKMMyenHo3LVH41BzLeVp+H2T6lnijqzM7SrJd39yQ0lKkn52LjB4lDLK7aSM2JA
+gxVPyb1nTcuVzMmi6HXSmuvdvL3Tg4mzKHPurgdI9JSv5xgJuF0CK0GWW4CfDVfX
+ItkvLm9u9DXeYnDEOCi7HUiPhVXeDtI/InHFFFgI7uf6Rc5aFkj2gs+A7sjbh/Wt
+kbzAFZxb+PDDrsegwhS/AFxY47uPFE9d1Re7nLX0aP05bu0n/NSU+6FeBun916Hn
+QW/+pKEF5OZjBCFS/DBXoNzSKHNH4gRtDyQyBIS93j0uSFrC0hZ08TEl8a59ziDX
+oRlGLq/S95UX9H4mMnCbxlv/N0Nrt2mgErADFodXWxmCiXoYem7PTx5iMuBQ0QEZ
+I2C/RYY4xPEmwFUMmacHUrb5QWdsl52OHJIhO+SLEoweBex5E8sXUa2QLk6v/gNu
+IYAMxVoBpdx6NUyNzaKcAZctiL90BJ/EF+IpqqXudQIDAQABoz8wPTAcBgNVHREE
+FTATghFrdXJzZXIubWF0aC5zdS5zZTAdBgNVHQ4EFgQUXHaytMyCWANOjlfhripq
+vsq+RyQwDQYJKoZIhvcNAQELBQADggGBAGQgcxHimx3bnCav2nKK3JpHJBu/Oqm4
+ABT0DnGWv2BKnwJoT/xbNDxnpMpASFUV9wmLB8SWaGORcI+USO78uhwK3kIvN9Qp
+LooFKNL0YEYW7Za67y68lOiS5bKpUlAheRd0LZwdMCfpMLrB3QGJhstVrqNsVwlh
+zX0jsFCDm0BAUwe+rvkqmsHnfdTPC+VW/ovFBMVxHKjagFonAmYYWx3iV19f0f6Q
+3ZGUu7aYp3Cpz+reK0KUWMDe8iFp6HD5GjvHooKHcXD611hvIPldKjMmVaaQhufA
+DOyJnXBj8uia8mhMtiw7EFJk4teXZH2ZtFo/k/voHCxf9d0zh5SP+Dea3V1WLxnn
+Oq4HnqaiHgWhmwDFPVEdCJlvWfcG1VpCPIy0Mmvu2jlKPSN7KT6vn/m7UXPdT+G5
+EnptQmLb4VO37U5RrgQHAkjeyTtn60wQ74wWmuIkCNmsV1i5UMCD5nxyrFEy6ant
+r+TncAEB8Ab193KqbVs9FpIQ120x4uecog==
 </ds:X509Certificate>
         </ds:X509Data>
       </ds:KeyInfo>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
     </md:KeyDescriptor>
-    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://kurser.math.su.se/Shibboleth.sso/SLO/SOAP"/>
-    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://kurser.math.su.se/Shibboleth.sso/SLO/Redirect"/>
-    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://kurser.math.su.se/Shibboleth.sso/SLO/POST"/>
+    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://kurser.math.su.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
     <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://kurser.math.su.se/Shibboleth.sso/SLO/Artifact"/>
-    <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://kurser.math.su.se/Shibboleth.sso/NIM/SOAP"/>
-    <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://kurser.math.su.se/Shibboleth.sso/NIM/Redirect"/>
-    <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://kurser.math.su.se/Shibboleth.sso/NIM/POST"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://kurser.math.su.se/Shibboleth.sso/SLO/POST"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://kurser.math.su.se/Shibboleth.sso/SLO/Redirect"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://kurser.math.su.se/Shibboleth.sso/SLO/SOAP"/>
     <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://kurser.math.su.se/Shibboleth.sso/NIM/Artifact"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://kurser.math.su.se/Shibboleth.sso/SAML2/POST" index="1"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://kurser.math.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://kurser.math.su.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://kurser.math.su.se/Shibboleth.sso/SAML2/ECP" index="4"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://kurser.math.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+    <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://kurser.math.su.se/Shibboleth.sso/NIM/POST"/>
+    <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://kurser.math.su.se/Shibboleth.sso/NIM/Redirect"/>
+    <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://kurser.math.su.se/Shibboleth.sso/NIM/SOAP"/>
     <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://kurser.math.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://kurser.math.su.se/Shibboleth.sso/SAML/POST" index="7"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://kurser.math.su.se/Shibboleth.sso/SAML2/Artifact" index="8"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://kurser.math.su.se/Shibboleth.sso/SAML2/ECP" index="9"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://kurser.math.su.se/Shibboleth.sso/SAML2/POST" index="10"/>
     <md:AttributeConsumingService index="0">
       <md:ServiceName xml:lang="en">kurser.math.su.se</md:ServiceName>
       <md:ServiceName xml:lang="sv">kurser.math.su.se</md:ServiceName>
diff --git a/swamid-2.0/prep.math.su.se-shibboleth.xml b/swamid-2.0/prep.math.su.se-shibboleth.xml
index 1e94369d..7d61927c 100644
--- a/swamid-2.0/prep.math.su.se-shibboleth.xml
+++ b/swamid-2.0/prep.math.su.se-shibboleth.xml
@@ -12,6 +12,22 @@
         <samla:AttributeValue>http://www.swamid.se/category/sfs-1993-1153</samla:AttributeValue>
       </samla:Attribute>
     </mdattr:EntityAttributes>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
   </md:Extensions>
   <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
     <md:Extensions>
@@ -53,6 +69,55 @@ pGb7MIeSW79eyk7seLTBvfcHQ/dHPtCq2wY20g==
 </ds:X509Certificate>
         </ds:X509Data>
       </ds:KeyInfo>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
+    </md:KeyDescriptor>
+    <md:KeyDescriptor use="encryption">
+      <ds:KeyInfo>
+        <ds:KeyName>prep.math.su.se</ds:KeyName>
+        <ds:X509Data>
+          <ds:X509SubjectName>CN=prep.math.su.se</ds:X509SubjectName>
+          <ds:X509Certificate>MIID/zCCAmegAwIBAgIUI3u1acH7jlxaPc0ivRWEkoz5xO0wDQYJKoZIhvcNAQEL
+BQAwGjEYMBYGA1UEAxMPcHJlcC5tYXRoLnN1LnNlMB4XDTIxMTEzMDEyMjkzOFoX
+DTMxMTEyODEyMjkzOFowGjEYMBYGA1UEAxMPcHJlcC5tYXRoLnN1LnNlMIIBojAN
+BgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEA5Lr7MSfSgMC0AzhBAGBHLmaMoRfW
+DkfEsy4vWC4qBTAxKiDh089kh9/uYk0jr58Lo7oLbb/oUwJH1L7YcUQM82LXfTQG
+PHrkyAMwDNmSeX1HdoPiu6qKbvVoIpuS1ZX+ehwsOoTX30y1Grn5Xj++hwQndab+
+NbNnl+So1IuZdoqdi43CX4r7hqXQSoTRs5EK3FI+n18Z5xmt36/VNVQJBTXOfnlR
+Jbd9lzP5+jfFIS+Ubm59DBXVNXaRGYy9Of4IfEIitvEAiPSiJD42BAEbShoUwISx
+apNbVwPrCgSu3P3Oy8YjNZE7oPDYkFEE0lQD8MFDzslAsLL6mQfE0spsCZJeKE2R
+77qaS6tdBq5b5TNSOcXZ9u/G6epO/QfTx5gg5BLSTFxwly0tuBPf93BNTqQej5GI
+vsqrc9wLriHEqOne/1pmUaPTqJibO2StlHzEbblSVASRNwuxFV06cSc5bMMna121
+60VQEKB4zfH9rsM+B1AGUiOaPATVJiv6W8OVAgMBAAGjPTA7MBoGA1UdEQQTMBGC
+D3ByZXAubWF0aC5zdS5zZTAdBgNVHQ4EFgQUPtckLIcgLmwwRr0/8CCIHKq9hPQw
+DQYJKoZIhvcNAQELBQADggGBAH1b+NzTxtTrIttzL30MI21m2NZ44sIHnsNoNICn
+HR1K2VxgPuWLr92yJNUV7/J0W4UnHeybJQ73j9e+McMfigMNjj0KJP1HDO1E7UHG
+qmBcQ4cAP8FMAlJVJ9gu9nAz7N1TTKfOqXVQPYCuKHBJ8pOeRbDgDrQbJLZAzjWY
+HROdZC2UhU1DURRn/HYz7TbgVjYUl/WBo2auQbQxcg4C63hOit1HknpVL3v/bjSq
+fM1PKwCprU2Cy6hkR/CMeuaGyHoCxgroSV86wy6gJ9AQkSJSoH4/YUgLcNO9bPQg
+pDsixJ8QsvM7z1zxhYHdzCMHELy9Xzjm+xlw6FEhCwdq7x4vBtE9KHe7PCE/2dxX
+lS08SSYatavgUdNGAcU/2ERP3ORCCqCxVNyB9Fq9GbJJWxeU9Dp9UkaXSvm4kCR4
+DAwGNleVTeuPv/igbiRE0ewOJW6l/OpnDTk9PjgRv2hEuSHv/8ch73WnaTxSf3Ns
+CbhpbqNPsz3I/+a1r4ELhjSDig==
+</ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
     </md:KeyDescriptor>
     <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://prep.math.su.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
     <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://prep.math.su.se/Shibboleth.sso/SLO/SOAP"/>
diff --git a/swamid-2.0/utmanande.math.su.se-shibboleth.xml b/swamid-2.0/utmanande.math.su.se-shibboleth.xml
index b43ee515..f0780720 100644
--- a/swamid-2.0/utmanande.math.su.se-shibboleth.xml
+++ b/swamid-2.0/utmanande.math.su.se-shibboleth.xml
@@ -11,6 +11,22 @@
         <samla:AttributeValue>http://www.swamid.se/category/hei-service</samla:AttributeValue>
       </samla:Attribute>
     </mdattr:EntityAttributes>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
   </md:Extensions>
   <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
     <md:Extensions>
@@ -58,6 +74,55 @@ cltjAaJBgU+QoDEuKsQtzVwmR/JfWYaVaMDXCh+QwOgvP3MIq8pA
 </ds:X509Certificate>
         </ds:X509Data>
       </ds:KeyInfo>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
+    </md:KeyDescriptor>
+    <md:KeyDescriptor use="encryption">
+      <ds:KeyInfo>
+        <ds:KeyName>utmanande.math.su.se</ds:KeyName>
+        <ds:X509Data>
+          <ds:X509SubjectName>CN=utmanande.math.su.se</ds:X509SubjectName>
+          <ds:X509Certificate>MIIEDjCCAnagAwIBAgIUFF+lEan5ovGKkrij2nx/uJaaUfgwDQYJKoZIhvcNAQEL
+BQAwHzEdMBsGA1UEAxMUdXRtYW5hbmRlLm1hdGguc3Uuc2UwHhcNMjExMTMwMTIz
+MDE4WhcNMzExMTI4MTIzMDE4WjAfMR0wGwYDVQQDExR1dG1hbmFuZGUubWF0aC5z
+dS5zZTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBANUahgFAc18xu4nC
+JFByXjuN3Zv7GapFqTwh6NKq11PWfCsBRGFWwv/px1Cv22OdBLPZzLQvHS4hYAhj
+u0Hq4o4ZDLy0QZhd35oOwSmuYzLnUZYiZ2cP/7/kbQWPh45oTILfNiAHKSPOLhR9
+Okl6sAaBaJvCzw8XttABjcVMMxrCvs1QY5VNEmOQ73wtVZ9sS3DHDj+DH2N0y/Aj
+VCFVxRJo2aXzbQ8oH/Fv9djFw7jO13uXegbDekT8d2a5U0SehhVzscDbyVfV05OX
+KfZF0nDXAPx8mJwdc3hhNJ1/m61IcdK+/lasW+dWx/iYDkSk1hYgvFuhR/YCo8uM
+e6sft3iUr1zT4obAmKHETx5Rp/zSAQqV8JD12Ai5NIXImGz1EhlHZg7yaDEYv/nf
+qjjJnIE+nFb8mwve2rriUVMzk3Bo1AvJW7oBHTHNKEINKUhYBIiDCOd/4i9eIQpw
+QRzpV5rVH51x4IFtCkixmth+wlHQyn9gLcGNr3CuicXhsGaErQIDAQABo0IwQDAf
+BgNVHREEGDAWghR1dG1hbmFuZGUubWF0aC5zdS5zZTAdBgNVHQ4EFgQU4EUK2kEo
++cj+JrM5F8gddZn0LzYwDQYJKoZIhvcNAQELBQADggGBAEBG21OiVxb72AMfIFwf
+P8S86FEG++V1ZWSCMvlFtwOyG5lDxSKvtUJ1LOjnJauqJwTODGdAx2oEgwugcC0y
+XBPy/2q8PZ8lekqN7BNWDxl3GZAslaL1OpILdGydqVReDRPpBF56rkIUP3VdmHiE
+jkFhm/xZflRqek2QBi1HaaHzpkYlUkq/Y3OmP2jq7t5qjJEXbLWAFL5ApTNWRJ4s
+/pA/Qjeeviu9uREBSFocVotxjnCfF8PigG+jzObuV1GS3MyCLg/Xz3zAc7YKTyio
+toqOLSrpUNDssKvaE9EnjgZhiIQ+UwoUVP70Yd4AYZ2FMJoCNpo3TpLeKq+6kxJt
+jMtgWn2yugXnQhnbFgyL19luWzkmtR6DKj+Sf+SUYMjop/viGL88l8wgN90fMAZM
+7QW14LbuqYMosEHOkf3XuVYX7nImMG8LaZxIQX8U77RJ7/1mTpVcDg/dgAvdFDLU
+UWAgYN1/WaIEogIgRbj/RgT6fZue7+m+1tnXfE1qV3/2jA==
+</ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
     </md:KeyDescriptor>
     <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://utmanande.math.su.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
     <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://utmanande.math.su.se/Shibboleth.sso/SLO/Artifact"/>
author	Björn Mattsson <bjorn@sunet.se>	2021-12-03 12:21:00 +0100
committer	Björn Mattsson <bjorn@sunet.se>	2021-12-03 12:21:00 +0100
commit	807761e113fe2bfc315027145620f6f1e1578f9c (patch)
tree	4a10fb205f1717fcfa1bb808fa3d7bc7bda1ee06 /swamid-2.0
parent	f9c0306d39dc33ea7dc2b2371d8c7dc899aacc41 (diff)