<?xml version="1.0" encoding="UTF-8"?>
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://member.goodpractice.net/shibboleth">
  <!--
		This is a Shibboleth SP for Good Practice Limited.
	-->
  <Extensions>
    <mdrpi:RegistrationInfo xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" registrationAuthority="http://ukfederation.org.uk"/>
    <DigestMethod xmlns="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
    <DigestMethod xmlns="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
    <DigestMethod xmlns="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
    <DigestMethod xmlns="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
    <DigestMethod xmlns="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
    <SigningMethod xmlns="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
    <SigningMethod xmlns="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
    <SigningMethod xmlns="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
    <SigningMethod xmlns="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
    <SigningMethod xmlns="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
    <SigningMethod xmlns="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
    <SigningMethod xmlns="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
    <SigningMethod xmlns="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
    <SigningMethod xmlns="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
    <SigningMethod xmlns="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
    <SigningMethod xmlns="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
  </Extensions>
  <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
    <Extensions>
      <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://member.goodpractice.net/Shibboleth.sso/DS" index="1"/>
    </Extensions>
    <KeyDescriptor use="signing">
      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:X509Data>
          <ds:X509Certificate>
						MIIC2TCCAcGgAwIBAgIJANAQiZL85UcxMA0GCSqGSIb3DQEBBQUAMBExDzANBgNV
						BAMTBmdwd2ViMTAeFw0wOTEwMjkwOTQyMDhaFw0xOTEwMjcwOTQyMDhaMBExDzAN
						BgNVBAMTBmdwd2ViMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJo3
						K9NuAfabszZBVr7jycgfy5gF5CuTKcE7E3NKECb80e5tBzNZMtVP9bysddyd6m51
						BcUb6B/f/iE6Qjve9+RyIsGtXshJTfPKfNyt0m+hp5PS9JNxhwW1GQRYgAXMRAXI
						1c4U1TT/ZVyriupfhjjmm4gNH7MFWlC73jPEImN3Azykz/9/SKAYSH5DQVcE30wC
						I0q6Nl99CBcgBxPU4KT1eBxlWtXwCA/2brBBUnBkcB8MiHljAbHI3qDi3pAvPfNd
						/88T0Gh76moQIzjYc34FInQ9bdbsnebyFvtFuXT819lo6dL+1i688wxUMJlklKWq
						m+juOoKmeL6XoXRGZN8CAwEAAaM0MDIwEQYDVR0RBAowCIIGZ3B3ZWIxMB0GA1Ud
						DgQWBBS+l+ek7zsiE7FuieyU4W19XwhfNzANBgkqhkiG9w0BAQUFAAOCAQEALofg
						bvE4ztxhrWJMt5IDwYrc/c31N3+xSMsyLZjKSRY5jKN1sd5s7xDi3aXduMua1MKV
						BFOuiXQqWS8wv/5GOrI1/K0yFxasQEOzPGhrj3ceMfut8iP7peeBWQrNOQyi+SkV
						axuK3oO/KhVtGaPWpv+c/RzLMP7UXF7Zw4O/OsdYHPppr7UF0BgibN2jCiIPUBOd
						4fobI74SpX1VIQa8pyC6NOR6lPU7Ozex4xzKCq6nnS4OxObTjylU/2d8YdGB/Zda
						hgAqoNDf0vZ9o4I+/6GGvgcEbYv7mKbt3TUuccRc5lIFVpggzB037hyw4n055xO+
						1GNLhUn46SUcF9uHqw==
					</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
    </KeyDescriptor>
    <KeyDescriptor use="encryption">
      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:X509Data>
          <ds:X509Certificate>
						MIIC2TCCAcGgAwIBAgIJANAQiZL85UcxMA0GCSqGSIb3DQEBBQUAMBExDzANBgNV
						BAMTBmdwd2ViMTAeFw0wOTEwMjkwOTQyMDhaFw0xOTEwMjcwOTQyMDhaMBExDzAN
						BgNVBAMTBmdwd2ViMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJo3
						K9NuAfabszZBVr7jycgfy5gF5CuTKcE7E3NKECb80e5tBzNZMtVP9bysddyd6m51
						BcUb6B/f/iE6Qjve9+RyIsGtXshJTfPKfNyt0m+hp5PS9JNxhwW1GQRYgAXMRAXI
						1c4U1TT/ZVyriupfhjjmm4gNH7MFWlC73jPEImN3Azykz/9/SKAYSH5DQVcE30wC
						I0q6Nl99CBcgBxPU4KT1eBxlWtXwCA/2brBBUnBkcB8MiHljAbHI3qDi3pAvPfNd
						/88T0Gh76moQIzjYc34FInQ9bdbsnebyFvtFuXT819lo6dL+1i688wxUMJlklKWq
						m+juOoKmeL6XoXRGZN8CAwEAAaM0MDIwEQYDVR0RBAowCIIGZ3B3ZWIxMB0GA1Ud
						DgQWBBS+l+ek7zsiE7FuieyU4W19XwhfNzANBgkqhkiG9w0BAQUFAAOCAQEALofg
						bvE4ztxhrWJMt5IDwYrc/c31N3+xSMsyLZjKSRY5jKN1sd5s7xDi3aXduMua1MKV
						BFOuiXQqWS8wv/5GOrI1/K0yFxasQEOzPGhrj3ceMfut8iP7peeBWQrNOQyi+SkV
						axuK3oO/KhVtGaPWpv+c/RzLMP7UXF7Zw4O/OsdYHPppr7UF0BgibN2jCiIPUBOd
						4fobI74SpX1VIQa8pyC6NOR6lPU7Ozex4xzKCq6nnS4OxObTjylU/2d8YdGB/Zda
						hgAqoNDf0vZ9o4I+/6GGvgcEbYv7mKbt3TUuccRc5lIFVpggzB037hyw4n055xO+
						1GNLhUn46SUcF9uHqw==
					</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
      <EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
      <EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
      <EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
      <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
      <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
      <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
      <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
      <EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
      <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
    </KeyDescriptor>
    <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://member.goodpractice.net/Shibboleth.sso/SLO/SOAP"/>
    <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://member.goodpractice.net/Shibboleth.sso/SLO/Redirect"/>
    <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://member.goodpractice.net/Shibboleth.sso/SLO/POST"/>
    <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://member.goodpractice.net/Shibboleth.sso/SLO/Artifact"/>
    <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://member.goodpractice.net/Shibboleth.sso/NIM/SOAP"/>
    <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://member.goodpractice.net/Shibboleth.sso/NIM/Redirect"/>
    <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://member.goodpractice.net/Shibboleth.sso/NIM/POST"/>
    <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://member.goodpractice.net/Shibboleth.sso/NIM/Artifact"/>
    <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://member.goodpractice.net/Shibboleth.sso/SAML2/POST" index="1"/>
    <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://member.goodpractice.net/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
    <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://member.goodpractice.net/Shibboleth.sso/SAML2/Artifact" index="3"/>
    <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://member.goodpractice.net/Shibboleth.sso/SAML2/ECP" index="4"/>
    <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://member.goodpractice.net/Shibboleth.sso/SAML/POST" index="5"/>
    <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://member.goodpractice.net/Shibboleth.sso/SAML/Artifact" index="6"/>
    <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://umentor.goodpractice.net/Shibboleth.sso/SAML2/POST" index="7"/>
    <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://umentor.goodpractice.net/Shibboleth.sso/SAML2/POST-SimpleSign" index="8"/>
    <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://umentor.goodpractice.net/Shibboleth.sso/SAML2/Artifact" index="9"/>
    <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://umentor.goodpractice.net/Shibboleth.sso/SAML2/ECP" index="10"/>
    <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://umentor.goodpractice.net/Shibboleth.sso/SAML/POST" index="11"/>
    <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://umentor.goodpractice.net/Shibboleth.sso/SAML/Artifact" index="12"/>
  </SPSSODescriptor>
  <Organization>
    <OrganizationName xml:lang="en">Good Practice Limited</OrganizationName>
    <OrganizationDisplayName xml:lang="en">Good Practice</OrganizationDisplayName>
    <OrganizationURL xml:lang="en">http://www.goodpractice.net/</OrganizationURL>
  </Organization>
  <ContactPerson contactType="support">
    <GivenName>Owen</GivenName>
    <SurName>Ferguson</SurName>
    <EmailAddress>mailto:oferguson@goodpractice.com</EmailAddress>
  </ContactPerson>
  <ContactPerson contactType="technical">
    <GivenName>Jonny</GivenName>
    <SurName>Anderson</SurName>
    <EmailAddress>mailto:janderson@goodpractice.com</EmailAddress>
  </ContactPerson>
</EntityDescriptor>