<?xml version="1.0" encoding="UTF-8"?>
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://idp.dfn-cert.de/idp/shibboleth">
  <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
    <Extensions>
      <saml1md:Scope xmlns:saml1md="urn:mace:shibboleth:metadata:1.0" regexp="false">dfn-cert.de</saml1md:Scope>
    </Extensions>
    <KeyDescriptor use="encryption">
      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:KeyName>idp.dfn-cert.de</ds:KeyName>
        <ds:X509Data>
          <ds:X509SubjectName>CN=idp.dfn-cert.de,O=DFN-CERT Services GmbH,C=DE</ds:X509SubjectName>
          <ds:X509Certificate>MIIFAzCCA+ugAwIBAgIHE1nFqSIIizANBgkqhkiG9w0BAQUFADBYMQswCQYDVQQG
EwJERTEfMB0GA1UEChMWREZOLUNFUlQgU2VydmljZXMgR21iSDEoMCYGA1UEAxMf
REZOLUNFUlQgU2VydmljZXMgR21iSCBDQSAtIEcwMjAeFw0xMjAyMTQxMTQwMTBa
Fw0xNzAyMTIxMTQwMTBaMEgxCzAJBgNVBAYTAkRFMR8wHQYDVQQKExZERk4tQ0VS
VCBTZXJ2aWNlcyBHbWJIMRgwFgYDVQQDEw9pZHAuZGZuLWNlcnQuZGUwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfUZBEY/6TQKhaAi5+mSuzC7qBGTiK
vnbLnPSJ9axhZVV36kNvq/vexr9RbU3W8iSXVhLh738us/6jGDs8GSiyOK2EWKFH
7r1POSFNewb7ry0xArh8z0FrLpg2EUQvPpGsItKCMV4uReLxS8/7XYGIxoT1mTz5
wgZrlZZcNiMOZ6uN0A6nrwGfd031Q/MceEU90gEKzhHp3NVm4qDE0jhJMyGa6qiC
vqZh3LnGagT2RDgKXP1jKb4ULdF6Xbl0hRtV3muqk4nq1NJtksAYqFYWzqVT4D7H
Khni/+VaBLNxetcqDbfs4UZlJtb+wrtqCq0qUamgBY7K1R9KC2JsOB5JAgMBAAGj
ggHgMIIB3DAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAdBgNVHSUEFjAUBggrBgEF
BQcDAgYIKwYBBQUHAwEwHQYDVR0OBBYEFLAcXeAt16k87Y1X6GZNW5YeVNg2MB8G
A1UdIwQYMBaAFMaLz/pE/DpqS2ir6Oe/OCPlugqWMIGjBgNVHR8EgZswgZgwSqBI
oEaGRGh0dHA6Ly9jZHAxLnBjYS5kZm4uZGUvZGZuLWNlcnQtc2VydmljZXMtZ21i
aC1jYS9wdWIvY3JsL2dfY2FjcmwuY3JsMEqgSKBGhkRodHRwOi8vY2RwMi5wY2Eu
ZGZuLmRlL2Rmbi1jZXJ0LXNlcnZpY2VzLWdtYmgtY2EvcHViL2NybC9nX2NhY3Js
LmNybDCBvAYIKwYBBQUHAQEEga8wgawwVAYIKwYBBQUHMAKGSGh0dHA6Ly9jZHAx
LnBjYS5kZm4uZGUvZGZuLWNlcnQtc2VydmljZXMtZ21iaC1jYS9wdWIvY2FjZXJ0
L2dfY2FjZXJ0LmNydDBUBggrBgEFBQcwAoZIaHR0cDovL2NkcDIucGNhLmRmbi5k
ZS9kZm4tY2VydC1zZXJ2aWNlcy1nbWJoLWNhL3B1Yi9jYWNlcnQvZ19jYWNlcnQu
Y3J0MA0GCSqGSIb3DQEBBQUAA4IBAQCcSKzlUFeCSHaZZwzS1+SW57QtFICzLUef
BKp/s1syyrCi9IwyASFvKz/xXf2F5GocDsOeChQEdqyNe36wn7zAS/jWl4HfuyHA
3H/XkqI5F8uoAZbwANkY/D+nLEivSLYICnfGHc3a0ZlJxNgW4Sa4pK7uYaxnudeC
WSq4tGkmKUohZqozTC516HM6q62Gx5aI1ue/kKz13sX6YXSKxx73HJTTz9G/OIqX
DhbibRKIEWUj38LD1Ch27wnyhfkMZFrhDoqdGOpVK37+Y6vaIM3gvJsOaljzRONt
qyOgc+RqwPzmxl8ZI0GATuXgNJ7wJWxULj9tonaiJEtKHHqN062f
</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
    </KeyDescriptor>
    <KeyDescriptor use="signing">
      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:KeyName>idp.dfn-cert.de</ds:KeyName>
        <ds:X509Data>
          <ds:X509SubjectName>CN=idp.dfn-cert.de,O=DFN-CERT Services GmbH,C=DE</ds:X509SubjectName>
          <ds:X509Certificate>MIIFAzCCA+ugAwIBAgIHE1nFqSIIizANBgkqhkiG9w0BAQUFADBYMQswCQYDVQQG
EwJERTEfMB0GA1UEChMWREZOLUNFUlQgU2VydmljZXMgR21iSDEoMCYGA1UEAxMf
REZOLUNFUlQgU2VydmljZXMgR21iSCBDQSAtIEcwMjAeFw0xMjAyMTQxMTQwMTBa
Fw0xNzAyMTIxMTQwMTBaMEgxCzAJBgNVBAYTAkRFMR8wHQYDVQQKExZERk4tQ0VS
VCBTZXJ2aWNlcyBHbWJIMRgwFgYDVQQDEw9pZHAuZGZuLWNlcnQuZGUwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfUZBEY/6TQKhaAi5+mSuzC7qBGTiK
vnbLnPSJ9axhZVV36kNvq/vexr9RbU3W8iSXVhLh738us/6jGDs8GSiyOK2EWKFH
7r1POSFNewb7ry0xArh8z0FrLpg2EUQvPpGsItKCMV4uReLxS8/7XYGIxoT1mTz5
wgZrlZZcNiMOZ6uN0A6nrwGfd031Q/MceEU90gEKzhHp3NVm4qDE0jhJMyGa6qiC
vqZh3LnGagT2RDgKXP1jKb4ULdF6Xbl0hRtV3muqk4nq1NJtksAYqFYWzqVT4D7H
Khni/+VaBLNxetcqDbfs4UZlJtb+wrtqCq0qUamgBY7K1R9KC2JsOB5JAgMBAAGj
ggHgMIIB3DAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAdBgNVHSUEFjAUBggrBgEF
BQcDAgYIKwYBBQUHAwEwHQYDVR0OBBYEFLAcXeAt16k87Y1X6GZNW5YeVNg2MB8G
A1UdIwQYMBaAFMaLz/pE/DpqS2ir6Oe/OCPlugqWMIGjBgNVHR8EgZswgZgwSqBI
oEaGRGh0dHA6Ly9jZHAxLnBjYS5kZm4uZGUvZGZuLWNlcnQtc2VydmljZXMtZ21i
aC1jYS9wdWIvY3JsL2dfY2FjcmwuY3JsMEqgSKBGhkRodHRwOi8vY2RwMi5wY2Eu
ZGZuLmRlL2Rmbi1jZXJ0LXNlcnZpY2VzLWdtYmgtY2EvcHViL2NybC9nX2NhY3Js
LmNybDCBvAYIKwYBBQUHAQEEga8wgawwVAYIKwYBBQUHMAKGSGh0dHA6Ly9jZHAx
LnBjYS5kZm4uZGUvZGZuLWNlcnQtc2VydmljZXMtZ21iaC1jYS9wdWIvY2FjZXJ0
L2dfY2FjZXJ0LmNydDBUBggrBgEFBQcwAoZIaHR0cDovL2NkcDIucGNhLmRmbi5k
ZS9kZm4tY2VydC1zZXJ2aWNlcy1nbWJoLWNhL3B1Yi9jYWNlcnQvZ19jYWNlcnQu
Y3J0MA0GCSqGSIb3DQEBBQUAA4IBAQCcSKzlUFeCSHaZZwzS1+SW57QtFICzLUef
BKp/s1syyrCi9IwyASFvKz/xXf2F5GocDsOeChQEdqyNe36wn7zAS/jWl4HfuyHA
3H/XkqI5F8uoAZbwANkY/D+nLEivSLYICnfGHc3a0ZlJxNgW4Sa4pK7uYaxnudeC
WSq4tGkmKUohZqozTC516HM6q62Gx5aI1ue/kKz13sX6YXSKxx73HJTTz9G/OIqX
DhbibRKIEWUj38LD1Ch27wnyhfkMZFrhDoqdGOpVK37+Y6vaIM3gvJsOaljzRONt
qyOgc+RqwPzmxl8ZI0GATuXgNJ7wJWxULj9tonaiJEtKHHqN062f
</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
    </KeyDescriptor>
    <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.dfn-cert.de:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
    <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.dfn-cert.de:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
    <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
    <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
    <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.dfn-cert.de/idp/profile/SAML2/POST/SSO"/>
    <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.dfn-cert.de/idp/profile/SAML2/Redirect/SSO"/>
    <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp.dfn-cert.de/idp/profile/SAML2/POST-SimpleSign/SSO"/>
    <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.dfn-cert.de/idp/profile/Shibboleth/SSO"/>
  </IDPSSODescriptor>
  <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
    <Extensions>
      <saml1md:Scope xmlns:saml1md="urn:mace:shibboleth:metadata:1.0" regexp="false">dfn-cert.de</saml1md:Scope>
    </Extensions>
    <KeyDescriptor use="encryption">
      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:KeyName>idp.dfn-cert.de</ds:KeyName>
        <ds:X509Data>
          <ds:X509SubjectName>CN=idp.dfn-cert.de,O=DFN-CERT Services GmbH,C=DE</ds:X509SubjectName>
          <ds:X509Certificate>MIIFAzCCA+ugAwIBAgIHE1nFqSIIizANBgkqhkiG9w0BAQUFADBYMQswCQYDVQQG
EwJERTEfMB0GA1UEChMWREZOLUNFUlQgU2VydmljZXMgR21iSDEoMCYGA1UEAxMf
REZOLUNFUlQgU2VydmljZXMgR21iSCBDQSAtIEcwMjAeFw0xMjAyMTQxMTQwMTBa
Fw0xNzAyMTIxMTQwMTBaMEgxCzAJBgNVBAYTAkRFMR8wHQYDVQQKExZERk4tQ0VS
VCBTZXJ2aWNlcyBHbWJIMRgwFgYDVQQDEw9pZHAuZGZuLWNlcnQuZGUwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfUZBEY/6TQKhaAi5+mSuzC7qBGTiK
vnbLnPSJ9axhZVV36kNvq/vexr9RbU3W8iSXVhLh738us/6jGDs8GSiyOK2EWKFH
7r1POSFNewb7ry0xArh8z0FrLpg2EUQvPpGsItKCMV4uReLxS8/7XYGIxoT1mTz5
wgZrlZZcNiMOZ6uN0A6nrwGfd031Q/MceEU90gEKzhHp3NVm4qDE0jhJMyGa6qiC
vqZh3LnGagT2RDgKXP1jKb4ULdF6Xbl0hRtV3muqk4nq1NJtksAYqFYWzqVT4D7H
Khni/+VaBLNxetcqDbfs4UZlJtb+wrtqCq0qUamgBY7K1R9KC2JsOB5JAgMBAAGj
ggHgMIIB3DAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAdBgNVHSUEFjAUBggrBgEF
BQcDAgYIKwYBBQUHAwEwHQYDVR0OBBYEFLAcXeAt16k87Y1X6GZNW5YeVNg2MB8G
A1UdIwQYMBaAFMaLz/pE/DpqS2ir6Oe/OCPlugqWMIGjBgNVHR8EgZswgZgwSqBI
oEaGRGh0dHA6Ly9jZHAxLnBjYS5kZm4uZGUvZGZuLWNlcnQtc2VydmljZXMtZ21i
aC1jYS9wdWIvY3JsL2dfY2FjcmwuY3JsMEqgSKBGhkRodHRwOi8vY2RwMi5wY2Eu
ZGZuLmRlL2Rmbi1jZXJ0LXNlcnZpY2VzLWdtYmgtY2EvcHViL2NybC9nX2NhY3Js
LmNybDCBvAYIKwYBBQUHAQEEga8wgawwVAYIKwYBBQUHMAKGSGh0dHA6Ly9jZHAx
LnBjYS5kZm4uZGUvZGZuLWNlcnQtc2VydmljZXMtZ21iaC1jYS9wdWIvY2FjZXJ0
L2dfY2FjZXJ0LmNydDBUBggrBgEFBQcwAoZIaHR0cDovL2NkcDIucGNhLmRmbi5k
ZS9kZm4tY2VydC1zZXJ2aWNlcy1nbWJoLWNhL3B1Yi9jYWNlcnQvZ19jYWNlcnQu
Y3J0MA0GCSqGSIb3DQEBBQUAA4IBAQCcSKzlUFeCSHaZZwzS1+SW57QtFICzLUef
BKp/s1syyrCi9IwyASFvKz/xXf2F5GocDsOeChQEdqyNe36wn7zAS/jWl4HfuyHA
3H/XkqI5F8uoAZbwANkY/D+nLEivSLYICnfGHc3a0ZlJxNgW4Sa4pK7uYaxnudeC
WSq4tGkmKUohZqozTC516HM6q62Gx5aI1ue/kKz13sX6YXSKxx73HJTTz9G/OIqX
DhbibRKIEWUj38LD1Ch27wnyhfkMZFrhDoqdGOpVK37+Y6vaIM3gvJsOaljzRONt
qyOgc+RqwPzmxl8ZI0GATuXgNJ7wJWxULj9tonaiJEtKHHqN062f
</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
    </KeyDescriptor>
    <KeyDescriptor use="signing">
      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:KeyName>idp.dfn-cert.de</ds:KeyName>
        <ds:X509Data>
          <ds:X509SubjectName>CN=idp.dfn-cert.de,O=DFN-CERT Services GmbH,C=DE</ds:X509SubjectName>
          <ds:X509Certificate>MIIFAzCCA+ugAwIBAgIHE1nFqSIIizANBgkqhkiG9w0BAQUFADBYMQswCQYDVQQG
EwJERTEfMB0GA1UEChMWREZOLUNFUlQgU2VydmljZXMgR21iSDEoMCYGA1UEAxMf
REZOLUNFUlQgU2VydmljZXMgR21iSCBDQSAtIEcwMjAeFw0xMjAyMTQxMTQwMTBa
Fw0xNzAyMTIxMTQwMTBaMEgxCzAJBgNVBAYTAkRFMR8wHQYDVQQKExZERk4tQ0VS
VCBTZXJ2aWNlcyBHbWJIMRgwFgYDVQQDEw9pZHAuZGZuLWNlcnQuZGUwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfUZBEY/6TQKhaAi5+mSuzC7qBGTiK
vnbLnPSJ9axhZVV36kNvq/vexr9RbU3W8iSXVhLh738us/6jGDs8GSiyOK2EWKFH
7r1POSFNewb7ry0xArh8z0FrLpg2EUQvPpGsItKCMV4uReLxS8/7XYGIxoT1mTz5
wgZrlZZcNiMOZ6uN0A6nrwGfd031Q/MceEU90gEKzhHp3NVm4qDE0jhJMyGa6qiC
vqZh3LnGagT2RDgKXP1jKb4ULdF6Xbl0hRtV3muqk4nq1NJtksAYqFYWzqVT4D7H
Khni/+VaBLNxetcqDbfs4UZlJtb+wrtqCq0qUamgBY7K1R9KC2JsOB5JAgMBAAGj
ggHgMIIB3DAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAdBgNVHSUEFjAUBggrBgEF
BQcDAgYIKwYBBQUHAwEwHQYDVR0OBBYEFLAcXeAt16k87Y1X6GZNW5YeVNg2MB8G
A1UdIwQYMBaAFMaLz/pE/DpqS2ir6Oe/OCPlugqWMIGjBgNVHR8EgZswgZgwSqBI
oEaGRGh0dHA6Ly9jZHAxLnBjYS5kZm4uZGUvZGZuLWNlcnQtc2VydmljZXMtZ21i
aC1jYS9wdWIvY3JsL2dfY2FjcmwuY3JsMEqgSKBGhkRodHRwOi8vY2RwMi5wY2Eu
ZGZuLmRlL2Rmbi1jZXJ0LXNlcnZpY2VzLWdtYmgtY2EvcHViL2NybC9nX2NhY3Js
LmNybDCBvAYIKwYBBQUHAQEEga8wgawwVAYIKwYBBQUHMAKGSGh0dHA6Ly9jZHAx
LnBjYS5kZm4uZGUvZGZuLWNlcnQtc2VydmljZXMtZ21iaC1jYS9wdWIvY2FjZXJ0
L2dfY2FjZXJ0LmNydDBUBggrBgEFBQcwAoZIaHR0cDovL2NkcDIucGNhLmRmbi5k
ZS9kZm4tY2VydC1zZXJ2aWNlcy1nbWJoLWNhL3B1Yi9jYWNlcnQvZ19jYWNlcnQu
Y3J0MA0GCSqGSIb3DQEBBQUAA4IBAQCcSKzlUFeCSHaZZwzS1+SW57QtFICzLUef
BKp/s1syyrCi9IwyASFvKz/xXf2F5GocDsOeChQEdqyNe36wn7zAS/jWl4HfuyHA
3H/XkqI5F8uoAZbwANkY/D+nLEivSLYICnfGHc3a0ZlJxNgW4Sa4pK7uYaxnudeC
WSq4tGkmKUohZqozTC516HM6q62Gx5aI1ue/kKz13sX6YXSKxx73HJTTz9G/OIqX
DhbibRKIEWUj38LD1Ch27wnyhfkMZFrhDoqdGOpVK37+Y6vaIM3gvJsOaljzRONt
qyOgc+RqwPzmxl8ZI0GATuXgNJ7wJWxULj9tonaiJEtKHHqN062f
</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
    </KeyDescriptor>
    <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.dfn-cert.de:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
    <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.dfn-cert.de:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
    <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
    <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
  </AttributeAuthorityDescriptor>
  <Organization>
    <OrganizationName xml:lang="de">DFN-CERT Services GmbH</OrganizationName>
    <OrganizationDisplayName xml:lang="de">DFN-CERT Services GmbH</OrganizationDisplayName>
    <OrganizationURL xml:lang="de">http://www.dfn-cert.de</OrganizationURL>
  </Organization>
  <ContactPerson contactType="administrative">
    <GivenName>Reimer</GivenName>
    <SurName>Karlsen-Masur</SurName>
    <EmailAddress>dfnpca@dfn-cert.de</EmailAddress>
  </ContactPerson>
  <ContactPerson contactType="technical">
    <GivenName>Reimer</GivenName>
    <SurName>Karlsen-Masur</SurName>
    <EmailAddress>dfnpca@dfn-cert.de</EmailAddress>
  </ContactPerson>
</EntityDescriptor>