<?xml version="1.0"?>
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://idp.dfn-cert.de/idp/shibboleth">
    <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
      <Extensions>
        <saml1md:Scope xmlns:saml1md="urn:mace:shibboleth:metadata:1.0" regexp="false">dfn-cert.de</saml1md:Scope>
      </Extensions>
      <KeyDescriptor use="encryption">
        <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
          <ds:KeyName>idp.dfn-cert.de</ds:KeyName>
          <ds:X509Data>
            <ds:X509SubjectName>CN=idp.dfn-cert.de,O=DFN-CERT Services GmbH,C=DE</ds:X509SubjectName>
            <ds:X509Certificate>MIIFIjCCBAqgAwIBAgIECgy5XDANBgkqhkiG9w0BAQUFADBYMQswCQYDVQQGEwJE
RTEfMB0GA1UEChMWREZOLUNFUlQgU2VydmljZXMgR21iSDEoMCYGA1UEAxMfREZO
LUNFUlQgU2VydmljZXMgR21iSCBDQSAtIEcwMjAeFw0wNzAzMDYxMDAwNDdaFw0x
MjAzMDQxMDAwNDdaMEgxCzAJBgNVBAYTAkRFMR8wHQYDVQQKExZERk4tQ0VSVCBT
ZXJ2aWNlcyBHbWJIMRgwFgYDVQQDEw9pZHAuZGZuLWNlcnQuZGUwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfUZBEY/6TQKhaAi5+mSuzC7qBGTiKvnbL
nPSJ9axhZVV36kNvq/vexr9RbU3W8iSXVhLh738us/6jGDs8GSiyOK2EWKFH7r1P
OSFNewb7ry0xArh8z0FrLpg2EUQvPpGsItKCMV4uReLxS8/7XYGIxoT1mTz5wgZr
lZZcNiMOZ6uN0A6nrwGfd031Q/MceEU90gEKzhHp3NVm4qDE0jhJMyGa6qiCvqZh
3LnGagT2RDgKXP1jKb4ULdF6Xbl0hRtV3muqk4nq1NJtksAYqFYWzqVT4D7HKhni
/+VaBLNxetcqDbfs4UZlJtb+wrtqCq0qUamgBY7K1R9KC2JsOB5JAgMBAAGjggIC
MIIB/jAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcD
AgYIKwYBBQUHAwEwHQYDVR0OBBYEFLAcXeAt16k87Y1X6GZNW5YeVNg2MB8GA1Ud
IwQYMBaAFMaLz/pE/DpqS2ir6Oe/OCPlugqWMCAGA1UdEQQZMBeBFXdlYm1hc3Rl
ckBkZm4tY2VydC5kZTCBowYDVR0fBIGbMIGYMEqgSKBGhkRodHRwOi8vY2RwMS5w
Y2EuZGZuLmRlL2Rmbi1jZXJ0LXNlcnZpY2VzLWdtYmgtY2EvcHViL2NybC9nX2Nh
Y3JsLmNybDBKoEigRoZEaHR0cDovL2NkcDIucGNhLmRmbi5kZS9kZm4tY2VydC1z
ZXJ2aWNlcy1nbWJoLWNhL3B1Yi9jcmwvZ19jYWNybC5jcmwwgbwGCCsGAQUFBwEB
BIGvMIGsMFQGCCsGAQUFBzAChkhodHRwOi8vY2RwMS5wY2EuZGZuLmRlL2Rmbi1j
ZXJ0LXNlcnZpY2VzLWdtYmgtY2EvcHViL2NhY2VydC9nX2NhY2VydC5jcnQwVAYI
KwYBBQUHMAKGSGh0dHA6Ly9jZHAyLnBjYS5kZm4uZGUvZGZuLWNlcnQtc2Vydmlj
ZXMtZ21iaC1jYS9wdWIvY2FjZXJ0L2dfY2FjZXJ0LmNydDANBgkqhkiG9w0BAQUF
AAOCAQEADblakZvUL5nbzFPnAhhrNvBDBcv0RgVS72S2xuDZhxpXQS9CK9hR6ZYy
KD382AtI4MXM30Jo/tRtnB6O/jMoZ+SWROe0PhYFw6jGgOEfp9iGdi8FCXWp7O4+
ctzn9c+jheJi0FaB3nPxLQUaNlV49g0rIEPXsqBkhT3V7Q+Mol8XB/D/geKwMGwr
hjKb/SBTEKdhw3oU03dA+Nq0ArEkv6cNtl7SissdLrldlO0+RrErxoRoMENWyRRM
kxizoRL67fo5CD8AlSb0NXkF5q9pcE9lRxvKfB2/xz4TcVtUcZwr6qP8ezmaf56m
D/A7NPOzlDHnSCXZk6Hgsm2ng5GGfA==
</ds:X509Certificate>
          </ds:X509Data>
        </ds:KeyInfo>
      </KeyDescriptor>
      <KeyDescriptor use="signing">
        <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
          <ds:KeyName>idp.dfn-cert.de</ds:KeyName>
          <ds:X509Data>
            <ds:X509SubjectName>CN=idp.dfn-cert.de,O=DFN-CERT Services GmbH,C=DE</ds:X509SubjectName>
            <ds:X509Certificate>MIIFIjCCBAqgAwIBAgIECgy5XDANBgkqhkiG9w0BAQUFADBYMQswCQYDVQQGEwJE
RTEfMB0GA1UEChMWREZOLUNFUlQgU2VydmljZXMgR21iSDEoMCYGA1UEAxMfREZO
LUNFUlQgU2VydmljZXMgR21iSCBDQSAtIEcwMjAeFw0wNzAzMDYxMDAwNDdaFw0x
MjAzMDQxMDAwNDdaMEgxCzAJBgNVBAYTAkRFMR8wHQYDVQQKExZERk4tQ0VSVCBT
ZXJ2aWNlcyBHbWJIMRgwFgYDVQQDEw9pZHAuZGZuLWNlcnQuZGUwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfUZBEY/6TQKhaAi5+mSuzC7qBGTiKvnbL
nPSJ9axhZVV36kNvq/vexr9RbU3W8iSXVhLh738us/6jGDs8GSiyOK2EWKFH7r1P
OSFNewb7ry0xArh8z0FrLpg2EUQvPpGsItKCMV4uReLxS8/7XYGIxoT1mTz5wgZr
lZZcNiMOZ6uN0A6nrwGfd031Q/MceEU90gEKzhHp3NVm4qDE0jhJMyGa6qiCvqZh
3LnGagT2RDgKXP1jKb4ULdF6Xbl0hRtV3muqk4nq1NJtksAYqFYWzqVT4D7HKhni
/+VaBLNxetcqDbfs4UZlJtb+wrtqCq0qUamgBY7K1R9KC2JsOB5JAgMBAAGjggIC
MIIB/jAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcD
AgYIKwYBBQUHAwEwHQYDVR0OBBYEFLAcXeAt16k87Y1X6GZNW5YeVNg2MB8GA1Ud
IwQYMBaAFMaLz/pE/DpqS2ir6Oe/OCPlugqWMCAGA1UdEQQZMBeBFXdlYm1hc3Rl
ckBkZm4tY2VydC5kZTCBowYDVR0fBIGbMIGYMEqgSKBGhkRodHRwOi8vY2RwMS5w
Y2EuZGZuLmRlL2Rmbi1jZXJ0LXNlcnZpY2VzLWdtYmgtY2EvcHViL2NybC9nX2Nh
Y3JsLmNybDBKoEigRoZEaHR0cDovL2NkcDIucGNhLmRmbi5kZS9kZm4tY2VydC1z
ZXJ2aWNlcy1nbWJoLWNhL3B1Yi9jcmwvZ19jYWNybC5jcmwwgbwGCCsGAQUFBwEB
BIGvMIGsMFQGCCsGAQUFBzAChkhodHRwOi8vY2RwMS5wY2EuZGZuLmRlL2Rmbi1j
ZXJ0LXNlcnZpY2VzLWdtYmgtY2EvcHViL2NhY2VydC9nX2NhY2VydC5jcnQwVAYI
KwYBBQUHMAKGSGh0dHA6Ly9jZHAyLnBjYS5kZm4uZGUvZGZuLWNlcnQtc2Vydmlj
ZXMtZ21iaC1jYS9wdWIvY2FjZXJ0L2dfY2FjZXJ0LmNydDANBgkqhkiG9w0BAQUF
AAOCAQEADblakZvUL5nbzFPnAhhrNvBDBcv0RgVS72S2xuDZhxpXQS9CK9hR6ZYy
KD382AtI4MXM30Jo/tRtnB6O/jMoZ+SWROe0PhYFw6jGgOEfp9iGdi8FCXWp7O4+
ctzn9c+jheJi0FaB3nPxLQUaNlV49g0rIEPXsqBkhT3V7Q+Mol8XB/D/geKwMGwr
hjKb/SBTEKdhw3oU03dA+Nq0ArEkv6cNtl7SissdLrldlO0+RrErxoRoMENWyRRM
kxizoRL67fo5CD8AlSb0NXkF5q9pcE9lRxvKfB2/xz4TcVtUcZwr6qP8ezmaf56m
D/A7NPOzlDHnSCXZk6Hgsm2ng5GGfA==
</ds:X509Certificate>
          </ds:X509Data>
        </ds:KeyInfo>
      </KeyDescriptor>
      <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.dfn-cert.de:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
      <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.dfn-cert.de:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
      <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
      <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
      <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.dfn-cert.de/idp/profile/SAML2/POST/SSO"/>
      <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.dfn-cert.de/idp/profile/SAML2/Redirect/SSO"/>
      <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp.dfn-cert.de/idp/profile/SAML2/POST-SimpleSign/SSO"/>
      <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.dfn-cert.de/idp/profile/Shibboleth/SSO"/>
    </IDPSSODescriptor>
    <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
      <Extensions>
        <saml1md:Scope xmlns:saml1md="urn:mace:shibboleth:metadata:1.0" regexp="false">dfn-cert.de</saml1md:Scope>
      </Extensions>
      <KeyDescriptor use="encryption">
        <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
          <ds:KeyName>idp.dfn-cert.de</ds:KeyName>
          <ds:X509Data>
            <ds:X509SubjectName>CN=idp.dfn-cert.de,O=DFN-CERT Services GmbH,C=DE</ds:X509SubjectName>
            <ds:X509Certificate>MIIFIjCCBAqgAwIBAgIECgy5XDANBgkqhkiG9w0BAQUFADBYMQswCQYDVQQGEwJE
RTEfMB0GA1UEChMWREZOLUNFUlQgU2VydmljZXMgR21iSDEoMCYGA1UEAxMfREZO
LUNFUlQgU2VydmljZXMgR21iSCBDQSAtIEcwMjAeFw0wNzAzMDYxMDAwNDdaFw0x
MjAzMDQxMDAwNDdaMEgxCzAJBgNVBAYTAkRFMR8wHQYDVQQKExZERk4tQ0VSVCBT
ZXJ2aWNlcyBHbWJIMRgwFgYDVQQDEw9pZHAuZGZuLWNlcnQuZGUwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfUZBEY/6TQKhaAi5+mSuzC7qBGTiKvnbL
nPSJ9axhZVV36kNvq/vexr9RbU3W8iSXVhLh738us/6jGDs8GSiyOK2EWKFH7r1P
OSFNewb7ry0xArh8z0FrLpg2EUQvPpGsItKCMV4uReLxS8/7XYGIxoT1mTz5wgZr
lZZcNiMOZ6uN0A6nrwGfd031Q/MceEU90gEKzhHp3NVm4qDE0jhJMyGa6qiCvqZh
3LnGagT2RDgKXP1jKb4ULdF6Xbl0hRtV3muqk4nq1NJtksAYqFYWzqVT4D7HKhni
/+VaBLNxetcqDbfs4UZlJtb+wrtqCq0qUamgBY7K1R9KC2JsOB5JAgMBAAGjggIC
MIIB/jAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcD
AgYIKwYBBQUHAwEwHQYDVR0OBBYEFLAcXeAt16k87Y1X6GZNW5YeVNg2MB8GA1Ud
IwQYMBaAFMaLz/pE/DpqS2ir6Oe/OCPlugqWMCAGA1UdEQQZMBeBFXdlYm1hc3Rl
ckBkZm4tY2VydC5kZTCBowYDVR0fBIGbMIGYMEqgSKBGhkRodHRwOi8vY2RwMS5w
Y2EuZGZuLmRlL2Rmbi1jZXJ0LXNlcnZpY2VzLWdtYmgtY2EvcHViL2NybC9nX2Nh
Y3JsLmNybDBKoEigRoZEaHR0cDovL2NkcDIucGNhLmRmbi5kZS9kZm4tY2VydC1z
ZXJ2aWNlcy1nbWJoLWNhL3B1Yi9jcmwvZ19jYWNybC5jcmwwgbwGCCsGAQUFBwEB
BIGvMIGsMFQGCCsGAQUFBzAChkhodHRwOi8vY2RwMS5wY2EuZGZuLmRlL2Rmbi1j
ZXJ0LXNlcnZpY2VzLWdtYmgtY2EvcHViL2NhY2VydC9nX2NhY2VydC5jcnQwVAYI
KwYBBQUHMAKGSGh0dHA6Ly9jZHAyLnBjYS5kZm4uZGUvZGZuLWNlcnQtc2Vydmlj
ZXMtZ21iaC1jYS9wdWIvY2FjZXJ0L2dfY2FjZXJ0LmNydDANBgkqhkiG9w0BAQUF
AAOCAQEADblakZvUL5nbzFPnAhhrNvBDBcv0RgVS72S2xuDZhxpXQS9CK9hR6ZYy
KD382AtI4MXM30Jo/tRtnB6O/jMoZ+SWROe0PhYFw6jGgOEfp9iGdi8FCXWp7O4+
ctzn9c+jheJi0FaB3nPxLQUaNlV49g0rIEPXsqBkhT3V7Q+Mol8XB/D/geKwMGwr
hjKb/SBTEKdhw3oU03dA+Nq0ArEkv6cNtl7SissdLrldlO0+RrErxoRoMENWyRRM
kxizoRL67fo5CD8AlSb0NXkF5q9pcE9lRxvKfB2/xz4TcVtUcZwr6qP8ezmaf56m
D/A7NPOzlDHnSCXZk6Hgsm2ng5GGfA==
</ds:X509Certificate>
          </ds:X509Data>
        </ds:KeyInfo>
      </KeyDescriptor>
      <KeyDescriptor use="signing">
        <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
          <ds:KeyName>idp.dfn-cert.de</ds:KeyName>
          <ds:X509Data>
            <ds:X509SubjectName>CN=idp.dfn-cert.de,O=DFN-CERT Services GmbH,C=DE</ds:X509SubjectName>
            <ds:X509Certificate>MIIFIjCCBAqgAwIBAgIECgy5XDANBgkqhkiG9w0BAQUFADBYMQswCQYDVQQGEwJE
RTEfMB0GA1UEChMWREZOLUNFUlQgU2VydmljZXMgR21iSDEoMCYGA1UEAxMfREZO
LUNFUlQgU2VydmljZXMgR21iSCBDQSAtIEcwMjAeFw0wNzAzMDYxMDAwNDdaFw0x
MjAzMDQxMDAwNDdaMEgxCzAJBgNVBAYTAkRFMR8wHQYDVQQKExZERk4tQ0VSVCBT
ZXJ2aWNlcyBHbWJIMRgwFgYDVQQDEw9pZHAuZGZuLWNlcnQuZGUwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfUZBEY/6TQKhaAi5+mSuzC7qBGTiKvnbL
nPSJ9axhZVV36kNvq/vexr9RbU3W8iSXVhLh738us/6jGDs8GSiyOK2EWKFH7r1P
OSFNewb7ry0xArh8z0FrLpg2EUQvPpGsItKCMV4uReLxS8/7XYGIxoT1mTz5wgZr
lZZcNiMOZ6uN0A6nrwGfd031Q/MceEU90gEKzhHp3NVm4qDE0jhJMyGa6qiCvqZh
3LnGagT2RDgKXP1jKb4ULdF6Xbl0hRtV3muqk4nq1NJtksAYqFYWzqVT4D7HKhni
/+VaBLNxetcqDbfs4UZlJtb+wrtqCq0qUamgBY7K1R9KC2JsOB5JAgMBAAGjggIC
MIIB/jAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcD
AgYIKwYBBQUHAwEwHQYDVR0OBBYEFLAcXeAt16k87Y1X6GZNW5YeVNg2MB8GA1Ud
IwQYMBaAFMaLz/pE/DpqS2ir6Oe/OCPlugqWMCAGA1UdEQQZMBeBFXdlYm1hc3Rl
ckBkZm4tY2VydC5kZTCBowYDVR0fBIGbMIGYMEqgSKBGhkRodHRwOi8vY2RwMS5w
Y2EuZGZuLmRlL2Rmbi1jZXJ0LXNlcnZpY2VzLWdtYmgtY2EvcHViL2NybC9nX2Nh
Y3JsLmNybDBKoEigRoZEaHR0cDovL2NkcDIucGNhLmRmbi5kZS9kZm4tY2VydC1z
ZXJ2aWNlcy1nbWJoLWNhL3B1Yi9jcmwvZ19jYWNybC5jcmwwgbwGCCsGAQUFBwEB
BIGvMIGsMFQGCCsGAQUFBzAChkhodHRwOi8vY2RwMS5wY2EuZGZuLmRlL2Rmbi1j
ZXJ0LXNlcnZpY2VzLWdtYmgtY2EvcHViL2NhY2VydC9nX2NhY2VydC5jcnQwVAYI
KwYBBQUHMAKGSGh0dHA6Ly9jZHAyLnBjYS5kZm4uZGUvZGZuLWNlcnQtc2Vydmlj
ZXMtZ21iaC1jYS9wdWIvY2FjZXJ0L2dfY2FjZXJ0LmNydDANBgkqhkiG9w0BAQUF
AAOCAQEADblakZvUL5nbzFPnAhhrNvBDBcv0RgVS72S2xuDZhxpXQS9CK9hR6ZYy
KD382AtI4MXM30Jo/tRtnB6O/jMoZ+SWROe0PhYFw6jGgOEfp9iGdi8FCXWp7O4+
ctzn9c+jheJi0FaB3nPxLQUaNlV49g0rIEPXsqBkhT3V7Q+Mol8XB/D/geKwMGwr
hjKb/SBTEKdhw3oU03dA+Nq0ArEkv6cNtl7SissdLrldlO0+RrErxoRoMENWyRRM
kxizoRL67fo5CD8AlSb0NXkF5q9pcE9lRxvKfB2/xz4TcVtUcZwr6qP8ezmaf56m
D/A7NPOzlDHnSCXZk6Hgsm2ng5GGfA==
</ds:X509Certificate>
          </ds:X509Data>
        </ds:KeyInfo>
      </KeyDescriptor>
      <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.dfn-cert.de:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
      <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.dfn-cert.de:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
      <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
      <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
    </AttributeAuthorityDescriptor>
    <Organization>
      <OrganizationName xml:lang="de">DFN-CERT Services GmbH</OrganizationName>
      <OrganizationDisplayName xml:lang="de">DFN-CERT Services GmbH</OrganizationDisplayName>
      <OrganizationURL xml:lang="de">http://www.dfn-cert.de</OrganizationURL>
    </Organization>
    <ContactPerson contactType="administrative">
      <GivenName>Reimer</GivenName>
      <SurName>Karlsen-Masur</SurName>
      <EmailAddress>dfnpca@dfn-cert.de</EmailAddress>
    </ContactPerson>
    <ContactPerson contactType="technical">
      <GivenName>Reimer</GivenName>
      <SurName>Karlsen-Masur</SurName>
      <EmailAddress>dfnpca@dfn-cert.de</EmailAddress>
    </ContactPerson>
  </EntityDescriptor>