diff options
-rw-r--r-- | swamid-externals-1.0/idp.shibboleth.net.xml | 16 | ||||
-rw-r--r-- | swamid-externals-1.0/issues.shibboleth.net.xml | 22 | ||||
-rw-r--r-- | swamid-externals-1.0/wiki.shibboleth.net.xml | 18 |
3 files changed, 46 insertions, 10 deletions
diff --git a/swamid-externals-1.0/idp.shibboleth.net.xml b/swamid-externals-1.0/idp.shibboleth.net.xml index a230dfd6..1946e6b8 100644 --- a/swamid-externals-1.0/idp.shibboleth.net.xml +++ b/swamid-externals-1.0/idp.shibboleth.net.xml @@ -1,6 +1,13 @@ <?xml version="1.0"?> <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://idp.shibboleth.net/idp/shibboleth"> - + + <Extensions> + <mdalg:DigestMethod xmlns:mdalg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> + <mdalg:DigestMethod xmlns:mdalg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <mdalg:SigningMethod xmlns:mdalg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> + <mdalg:SigningMethod xmlns:mdalg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> + </Extensions> + <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> <Extensions> @@ -9,7 +16,7 @@ <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui"> <mdui:DisplayName xml:lang="en">Shibboleth.net</mdui:DisplayName> <mdui:Description xml:lang="en">An identity provider hosted and used by the developers of Shibboleth.</mdui:Description> - <mdui:Logo height="60" width="47">https://discovery.shibboleth.net/images/gryphon_47x60.png</mdui:Logo> + <mdui:Logo height="82" width="64">https://discovery.shibboleth.net/images/gryphon_64x82.png</mdui:Logo> </mdui:UIInfo> </Extensions> @@ -37,6 +44,11 @@ BXD36HfGBXk= </ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> + <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/> + <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> + <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> + <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/> + <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/> </KeyDescriptor> <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> diff --git a/swamid-externals-1.0/issues.shibboleth.net.xml b/swamid-externals-1.0/issues.shibboleth.net.xml index 12cc0442..2933ab99 100644 --- a/swamid-externals-1.0/issues.shibboleth.net.xml +++ b/swamid-externals-1.0/issues.shibboleth.net.xml @@ -1,10 +1,18 @@ <?xml version="1.0"?> <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://issues.shibboleth.net/shibboleth"> - + + <Extensions> + <mdalg:DigestMethod xmlns:mdalg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> + <mdalg:DigestMethod xmlns:mdalg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <mdalg:SigningMethod xmlns:mdalg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> + <mdalg:SigningMethod xmlns:mdalg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> + </Extensions> + <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol urn:oasis:names:tc:SAML:2.0:protocol"> <Extensions> <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://issues.shibboleth.net/jira/Shibboleth.sso/Login"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://issues.shibboleth.net/jira/Shibboleth.sso/Login" index="1"/> <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui"> @@ -14,9 +22,8 @@ Unauthenticated users may view submitted issues. Authenticated users may submit new issues and comment on existing ones. </mdui:Description> - <mdui:Logo height="90" width="62">https://discovery.shibboleth.net/images/gryphon_62x90.png</mdui:Logo> - </mdui:UIInfo> - + <mdui:Logo height="82" width="64">https://discovery.shibboleth.net/images/gryphon_64x82.png</mdui:Logo> + </mdui:UIInfo> </Extensions> <KeyDescriptor> @@ -46,6 +53,11 @@ uQfWf/K4Fj4CqCzMOU3mmvy7ricwz/4Kzas= </ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> + <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/> + <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> + <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> + <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/> + <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/> </KeyDescriptor> <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://issues.shibboleth.net/jira/Shibboleth.sso/Artifact/SOAP" index="0"/> @@ -65,7 +77,7 @@ uQfWf/K4Fj4CqCzMOU3mmvy7ricwz/4Kzas= <ServiceDescription xml:lang="en"> An issue (bugs, feature requests, tasks) tracking service with automatic registration for users who can supply a supported identifier, such as eduPersonPrincipalName or swissEduPersonUniqueID. </ServiceDescription> - <RequestedAttribute FriendlyName="eduPersonPrincipalName" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> + <RequestedAttribute FriendlyName="eduPersonPrincipalName" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> <RequestedAttribute FriendlyName="mail" Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> <RequestedAttribute FriendlyName="displayName" Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> </AttributeConsumingService> diff --git a/swamid-externals-1.0/wiki.shibboleth.net.xml b/swamid-externals-1.0/wiki.shibboleth.net.xml index 39b1548a..7bf6b5c0 100644 --- a/swamid-externals-1.0/wiki.shibboleth.net.xml +++ b/swamid-externals-1.0/wiki.shibboleth.net.xml @@ -1,10 +1,18 @@ <?xml version="1.0"?> <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://wiki.shibboleth.net/shibboleth"> + + <Extensions> + <mdalg:DigestMethod xmlns:mdalg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> + <mdalg:DigestMethod xmlns:mdalg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <mdalg:SigningMethod xmlns:mdalg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> + <mdalg:SigningMethod xmlns:mdalg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> + </Extensions> <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol urn:oasis:names:tc:SAML:2.0:protocol"> <Extensions> <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://wiki.shibboleth.net/confluence/Shibboleth.sso/Login"/> + <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://wiki.shibboleth.net/confluence/Shibboleth.sso/Login" index="1"/> <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui"> @@ -13,9 +21,8 @@ The wiki hosting the documentation for Shibboleth. Unauthenticated user may view the existing documentation. Authenticated users may create new documentation pages and edit existing ones. </mdui:Description> - <mdui:Logo height="90" width="62">https://discovery.shibboleth.net/images/gryphon_62x90.png</mdui:Logo> + <mdui:Logo height="82" width="64">https://discovery.shibboleth.net/images/gryphon_64x82.png</mdui:Logo> </mdui:UIInfo> - </Extensions> <KeyDescriptor> @@ -45,6 +52,11 @@ NtrvvBkq2tvnd6wm1DJNDzZQB/nRpCadwp4a64Qa0XJiGCoxFUvkd1+RSHqbBsEF </ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> + <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/> + <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> + <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> + <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/> + <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/> </KeyDescriptor> <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://wiki.shibboleth.net/confluence/Shibboleth.sso/Artifact/SOAP" index="0"/> @@ -64,7 +76,7 @@ NtrvvBkq2tvnd6wm1DJNDzZQB/nRpCadwp4a64Qa0XJiGCoxFUvkd1+RSHqbBsEF <ServiceDescription xml:lang="en"> A shared Wiki service with automatic registration for users who can supply a supported identifier, such as eduPersonPrincipalName or swissEduPersonUniqueID. </ServiceDescription> - <RequestedAttribute FriendlyName="eduPersonPrincipalName" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> + <RequestedAttribute FriendlyName="eduPersonPrincipalName" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> <RequestedAttribute FriendlyName="mail" Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> <RequestedAttribute FriendlyName="displayName" Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/> </AttributeConsumingService> |