<?xml version="1.0" encoding="UTF-8"?> <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute" xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="https://account.tst.ki.se/shibboleth"> <md:Extensions> <mdrpi:RegistrationInfo registrationAuthority="http://www.swamid.se/" registrationInstant="2019-05-09T07:47:08Z"> <mdrpi:RegistrationPolicy xml:lang="en">http://swamid.se/policy/mdrps</mdrpi:RegistrationPolicy> </mdrpi:RegistrationInfo> <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/> <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/> <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/> <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/> <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/> <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/> <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/> <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/> <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/> <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/> <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/> <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/> <mdattr:EntityAttributes> <samla:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category"> <samla:AttributeValue>http://www.geant.net/uri/dataprotection-code-of-conduct/v1</samla:AttributeValue> <samla:AttributeValue>https://refeds.org/category/code-of-conduct/v2</samla:AttributeValue> </samla:Attribute> </mdattr:EntityAttributes> </md:Extensions> <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> <md:Extensions> <init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://account.tst.ki.se/Shibboleth.sso/Login"/> <mdui:UIInfo> <mdui:DisplayName xml:lang="sv">KI Account (test)</mdui:DisplayName> <mdui:DisplayName xml:lang="en">KI Account (test)</mdui:DisplayName> <mdui:Description xml:lang="sv">Kontohantering/aktivering för anställda, studenter, m.fl. som har konto på KI</mdui:Description> <mdui:Description xml:lang="en">Account management/activation for employees, students and others with accounts at KI</mdui:Description> <mdui:InformationURL xml:lang="en">https://account.ki.se</mdui:InformationURL> <mdui:InformationURL xml:lang="sv">https://account.ki.se</mdui:InformationURL> <mdui:PrivacyStatementURL xml:lang="en">https://account.ki.se/pp_en.html</mdui:PrivacyStatementURL> <mdui:PrivacyStatementURL xml:lang="sv">https://account.ki.se/pp_sv.html</mdui:PrivacyStatementURL> </mdui:UIInfo> </md:Extensions> <md:KeyDescriptor use="signing"> <ds:KeyInfo> <ds:KeyName>kitstaccount02</ds:KeyName> <ds:X509Data> <ds:X509SubjectName>CN=kitstaccount02</ds:X509SubjectName> <ds:X509Certificate>MIID8TCCAlmgAwIBAgIJAJ0SjQN6wIZYMA0GCSqGSIb3DQEBCwUAMBkxFzAVBgNV BAMTDmtpdHN0YWNjb3VudDAyMB4XDTE4MDkyNzEyNTIxN1oXDTI4MDkyNDEyNTIx N1owGTEXMBUGA1UEAxMOa2l0c3RhY2NvdW50MDIwggGiMA0GCSqGSIb3DQEBAQUA A4IBjwAwggGKAoIBgQCcfM1KYqRlCTWqwGcem8xaW29vyr85d5oTHjncMk4qZgAk llZZfpx6ZgimC0CfBXl135eixHtoYNDNxrU5ymRqSlWPAVUVRmZbYrwaD5W/MI66 SjJCeahNJu9HnEFkmhoOb+30MU3FmyHhhJ3H4MgUKNX0sJvYUUkXqMCwsgv567cN 8VH4mA1cXUS3+tuVN+Frm9SXIoLkerQ8UlfXa0Hmw1j3V86j/NXGEvh2NmMVl0dL 7KX1rbd74j1puzcq7uRUpppvy0DbC9TZNRC4jid1percYwzsjcJACSlub6dxqeme mNh3psGddav0CTY9pdLOGJIDKEghYoults8sMo3+hTs83Mg4A7vmxTx7H1yhL1jN zHcuefmkMC65oc+ZNq9yw9jIJgz+vJygAautj4v1aha0wBpp+9Whf447uVGE+f+5 yJEn8wOxArGl05xFpYCiVZpZDiYK2ruaTIw4oCJd40u8uEcTahEIoC+J26LFC/Sl MqS9s9syb8JHLcW2zL0CAwEAAaM8MDowGQYDVR0RBBIwEIIOa2l0c3RhY2NvdW50 MDIwHQYDVR0OBBYEFDJCqeH7IJpZUArfCvfRLNpzXZeaMA0GCSqGSIb3DQEBCwUA A4IBgQAtdWnvfBQYhRMYj16vUyu2xAqcQ9FM5Gez4B/PN+qg+Nz64RBdcae5d2c+ aadpPYA6acvEopG8q4qn5AG85eOYqyfSNJtVpmQ4WfI7PPpj3Co44XErI8uKCVWH 9rjmEUhMcBZ2Fa5I/tuoMSwx/qZ1G5rTHqCNe5/E4CRVfrUwV7Frq78jA2MXeLsm xA/RR0AwAs7FcqD9cFSaC9zUpWA+RJj8mjkInkrrMRLN/xeBEQ2nOdPKABvApXs8 vYzlwHuTfLpdsvqOXKIEDUG3KehgFIzAjtJjSG7/kEpoFij180PtFMnXhWCR2Gyp ttbi4fP8kTUFoNecbfbyVqW+gkTv0hb0uq3ZhjXcJlqxviMrIeBzSczutAFlwhPg 9kK8rsZ2TnYgxwIyh/ZH9krgP7CExuRQ7LSsvT9/jHA0xIwZtx2Sq0M7kkYnEws4 pmOkF0I1lUtUOqbm/le2XL6qO1AJ7kIxn4yF+7naPCtrP86Ysv0HB4bbhFhvAerA WPYTbJ4=</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </md:KeyDescriptor> <md:KeyDescriptor use="encryption"> <ds:KeyInfo> <ds:KeyName>kitstaccount02</ds:KeyName> <ds:X509Data> <ds:X509SubjectName>CN=kitstaccount02</ds:X509SubjectName> <ds:X509Certificate>MIID8TCCAlmgAwIBAgIJAJddqaaAnjFpMA0GCSqGSIb3DQEBCwUAMBkxFzAVBgNV BAMTDmtpdHN0YWNjb3VudDAyMB4XDTE4MDkyNzEyNTIxN1oXDTI4MDkyNDEyNTIx N1owGTEXMBUGA1UEAxMOa2l0c3RhY2NvdW50MDIwggGiMA0GCSqGSIb3DQEBAQUA A4IBjwAwggGKAoIBgQDrJXjS5W4NOGb1texcFHePcOTHb4figMMti44+QtRZJAqa v2ce86Fd72ZWW6h8Kok/hakkJpCOEYfPFDLVcRpUsuVTxrZqmKZo0K6bAcV1wU62 3IAICXGxL4JLJt7b9xE5jpzL02cmTe6ahZT+2iU1LBcIvCi/wDmaqbUYFtoC4zcj XSig0hR7I6BA/pjV+NRmggxpFAt3IkeSZtbyuPBnCRhDD5FoNNK2Qb8eb93iaQIZ lsd4bmDoJD2WbndGchkEmRTLju8ir2GLNpduJp5KMscKK4Z+EhyD69IK+0AJGYUR kHFODSbEQ98JrYUCYKDfMVXtlwNQQNuR+UkEEEHZ81RUpGrbo5N6mBSKNS61HA/0 A5ObLrxtpwbcl0ANF10ImoyPKHe3/8J5+dlrRnarxRb0oPh4mtN479DwsvTo+FTJ k+KiRTvUaZx6HSlgsshCP5FjGWhxK1WTTi6B8dF9BnhSKDyHBLMqXwmGvX6r4Ofe 5PQNEK7RGncxQzy9DWsCAwEAAaM8MDowGQYDVR0RBBIwEIIOa2l0c3RhY2NvdW50 MDIwHQYDVR0OBBYEFCj0cPgMkGwdXVg/53a7e7ekjGv/MA0GCSqGSIb3DQEBCwUA A4IBgQCPwfVpCrucR8oKRO3MtLOv9eAg5MuMES9MHKOZcXuFp4pLCRf3344N+jik zL9R+c/FsIcbdEOwe4GT8Q4t2wzW3n8X5j3oTIfqZtSxpm32O1/7TTS8bltRPBEa 5RELYyx+Umbv6Vuk6SgORu4PQqhCbCNCxbYhOWVmdC2khAVyAduGnHTtuv+ZuXuP q+f8j88zpAh8GSCJHH7+4WyDQV0Kj68BKOyP3W+zPK4FTPd5oENo1QiSo+AIiXwm BhbH3AKgNRZoXUjg+7yciEDzksO7f5h+lmSfMhiOgkUZ4B63OAXIF25g7FTic12O S94QjNh8PBmhpdK5IdKWxiaOFkCERwj+XXE+Np9Hk/ysdrsNxXjXFysl3jVEvHON nI9Ix5nMnL/N/Tt9aDuYtAywFX9kPlS4u3LGRhjqaljXz5/dMOq98FpHZqoL2Xrn HfEtdyWoym5tQj7qZhcgcrOVZoMO+28u3cdTVFVKGNHxRzM56vgGvJL1jIQe18D+ +8NqzrQ=</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/> <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/> <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/> <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/> <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/> <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/> <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/> </md:KeyDescriptor> <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://account.tst.ki.se/Shibboleth.sso/Artifact/SOAP" index="1"/> <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://account.tst.ki.se/Shibboleth.sso/SLO/SOAP"/> <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://account.tst.ki.se/Shibboleth.sso/SLO/Redirect"/> <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://account.tst.ki.se/Shibboleth.sso/SLO/POST"/> <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://account.tst.ki.se/Shibboleth.sso/SLO/Artifact"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://account.tst.ki.se/Shibboleth.sso/SAML2/POST" index="1"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://account.tst.ki.se/Shibboleth.sso/SAML2/Artifact" index="3"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://account.tst.ki.se/Shibboleth.sso/SAML2/ECP" index="4"/> <md:AttributeConsumingService index="1"> <md:ServiceName xml:lang="en">KI Account (test)</md:ServiceName> <md:ServiceName xml:lang="sv">KI Account (test)</md:ServiceName> <md:RequestedAttribute FriendlyName="norEduPersonNIN" Name="urn:oid:1.3.6.1.4.1.2428.90.1.5" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> <md:RequestedAttribute FriendlyName="eduPersonAssurance" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.11" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/> </md:AttributeConsumingService> </md:SPSSODescriptor> <md:Organization> <md:OrganizationName xml:lang="en">Karolinska Institutet</md:OrganizationName> <md:OrganizationName xml:lang="sv">Karolinska Institutet</md:OrganizationName> <md:OrganizationDisplayName xml:lang="sv">Karolinska Institutet</md:OrganizationDisplayName> <md:OrganizationDisplayName xml:lang="en">Karolinska Institutet</md:OrganizationDisplayName> <md:OrganizationURL xml:lang="en">https://ki.se</md:OrganizationURL> <md:OrganizationURL xml:lang="sv">https://ki.se</md:OrganizationURL> </md:Organization> <md:ContactPerson contactType="administrative"> <md:Company>Karolinska Institutet</md:Company> <md:EmailAddress>mailto:selfservice@ki.se</md:EmailAddress> </md:ContactPerson> <md:ContactPerson contactType="technical"> <md:Company>Karolinska Institutet</md:Company> <md:EmailAddress>mailto:selfservice@ki.se</md:EmailAddress> </md:ContactPerson> <md:ContactPerson contactType="support"> <md:Company>Karolinska Institutet</md:Company> <md:EmailAddress>mailto:selfservice@ki.se</md:EmailAddress> <md:TelephoneNumber>+46 8 524 82222</md:TelephoneNumber> </md:ContactPerson> <md:ContactPerson xmlns:remd="http://refeds.org/metadata" contactType="other" remd:contactType="http://refeds.org/metadata/contactType/security"> <md:Company>Karolinska Institutet</md:Company> <md:GivenName>Security Response Team</md:GivenName> <md:EmailAddress>mailto:abuse@ki.se</md:EmailAddress> </md:ContactPerson> </md:EntityDescriptor>