metadata/swamid-2.0/update-connect.sunet.se-shibboleth.xml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177

<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute" xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="https://update-connect.sunet.se/shibboleth">
  <md:Extensions>
    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
    <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
    <mdattr:EntityAttributes>
      <samla:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
        <samla:AttributeValue>http://www.geant.net/uri/dataprotection-code-of-conduct/v1</samla:AttributeValue>
        <samla:AttributeValue>https://refeds.org/category/code-of-conduct/v2</samla:AttributeValue>
      </samla:Attribute>
    </mdattr:EntityAttributes>
    <mdrpi:RegistrationInfo registrationAuthority="http://www.swamid.se/" registrationInstant="2023-05-10T13:25:06Z">
      <mdrpi:RegistrationPolicy xml:lang="en">http://swamid.se/policy/mdrps</mdrpi:RegistrationPolicy>
    </mdrpi:RegistrationInfo>
  </md:Extensions>
  <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
    <md:Extensions>
      <init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://update-connect.sunet.se/Shibboleth.sso/Login"/>
      <idpdisc:DiscoveryResponse Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://update-connect.sunet.se/Shibboleth.sso/Login" index="1"/>
      <init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://update-connect.sunet.se/Shibboleth.sso/DS/seamless-access"/>
      <idpdisc:DiscoveryResponse Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://update-connect.sunet.se/Shibboleth.sso/DS/seamless-access" index="2"/>
      <init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://update-connect.sunet.se/Shibboleth.sso/DS/thiss.io"/>
      <idpdisc:DiscoveryResponse Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://update-connect.sunet.se/Shibboleth.sso/DS/thiss.io" index="3"/>
      <mdui:UIInfo>
        <mdui:Description xml:lang="en">SUNET Update connect service</mdui:Description>
        <mdui:Description xml:lang="sv">SUNET Update connect service</mdui:Description>
        <mdui:DisplayName xml:lang="en">SUNET Update connect</mdui:DisplayName>
        <mdui:DisplayName xml:lang="sv">SUNET Update connect</mdui:DisplayName>
        <mdui:InformationURL xml:lang="en">https://wiki.sunet.se/display/EDUID</mdui:InformationURL>
        <mdui:InformationURL xml:lang="sv">https://wiki.sunet.se/display/EDUID</mdui:InformationURL>
        <mdui:PrivacyStatementURL xml:lang="en">https://wiki.sunet.se/display/info/Update+Connect+Privacy+Policy?showLanguage=en_GB</mdui:PrivacyStatementURL>
        <mdui:PrivacyStatementURL xml:lang="sv">https://wiki.sunet.se/display/info/Update+Connect+Privacy+Policy?showLanguage=sv_SE</mdui:PrivacyStatementURL>
      </mdui:UIInfo>
    </md:Extensions>
    <md:KeyDescriptor use="signing">
      <ds:KeyInfo>
        <ds:KeyName>update-connect.sunet.se</ds:KeyName>
        <ds:X509Data>
          <ds:X509SubjectName>CN=update-connect.sunet.se</ds:X509SubjectName>
          <ds:X509Certificate>MIIFFzCCAv+gAwIBAgIUTqcKKGpmPUhavRnuyQblotkVnTkwDQYJKoZIhvcNAQEL
BQAwIjEgMB4GA1UEAxMXdXBkYXRlLWNvbm5lY3Quc3VuZXQuc2UwHhcNMjMwNTA4
MTExOTA1WhcNMzMwNTA1MTExOTA1WjAiMSAwHgYDVQQDExd1cGRhdGUtY29ubmVj
dC5zdW5ldC5zZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMRy8mE4
TT7yPak+sTRHxDuIheen5kZZ9wgVwHdYBcM06EHoxLercp70csjq2UuucwTTVoDH
zbI2bEVv7mcjbiK0m2Xh/Uss6XJ2Qe9/YnY6DXzSsc91D8FI7imtIjuOeuk4jEJD
UrtJKa7f1gfnd4CbJkWqI1EDqhTaMrdp90gvNZk7+pK0nT31DqhblMfgf/dj6Ez8
0pKoVwV7lT7mKQftFnOZbaS2RkNMC5F2HBJrNNbp+RYtll5xmaP1E+NdLlAOajX+
szE2svZHFllwODGPigHtW/eZblviRH33HEsk0VgPngCsM2Ur5lgD4PFR0UbymOAT
NBKuQIQGtm3QweF1O68kri6CwYe8Wev4HgdXyvsVxZV7AtgpCgrhbExk6x6C+Wpz
iZ4GWpt+ji60FmI+zVuP1XzIglkF/D4fq/8G2PwDLa6ese6tKYgyfWX/PDAdxRzD
p+PKY/xhvy47nj/w7w3jdirua8tkf7AauocO8pvbZHJjGLB5dRiLcbKJNhLu9rK6
WwkAPS0z9BPooy8NWha0ZfJv28YlBKjabxfP6UaVRr+QA4IPBG4xIkZ9gvH3e1CR
mh5zNCSfQNAeaRQwpdOMwCk/4Akysp/DOGUf4AvZxnubF6FFAphzsW9Ho6Qbt5Eu
MH09Ph/UsjSfD1ZbCJ2GVz2ZDwIe12raaHbbAgMBAAGjRTBDMCIGA1UdEQQbMBmC
F3VwZGF0ZS1jb25uZWN0LnN1bmV0LnNlMB0GA1UdDgQWBBTMwx4nHYEa+pmUrru+
Y/Kuve3rXDANBgkqhkiG9w0BAQsFAAOCAgEAw3dFLWiwih1f0DTi6qmHt4szTp/T
77c9ELx+vkGT9mS2RB/QbZc9ll40eSAcHMjWfCPvexEtBSqYJVZUlY0xHq6oK5TX
7NoOwhoWgY3F/mFMSqlitWtyrZk/l/PAAiWIm6JBiAUunMdfrVVasG5u1eWfzIXJ
fShBM/Ufd2hIM5OIcbykCFBR00ewtzNynI2zt9YtXjykps0Ahy2Hnk4ZrYQ/lj4x
2PgFjNdrABjDCPikGK4ZkkwN2k+PsFUTF2EY+7xj4+bwii0h2ZopAc1hSPkwfmQE
gKep2bXopXOjtKY0VSAGUCQ1ctR5BRWXXQ0LvbSn1Lh6K2Lx4CnPd8Ik8D2hAKgP
UQN2kq2ME/SRSIh3H77+GucfVcpLM3cqGa9uN1lD0WKDrAVkolJLkTSf1WaXKUaT
ZEZA5w3LD69rk8m9unHzu+JKgdsxsjlf8Y1jDj/ylQ4ETzUPO2ACkvMlYh4l72tC
jijNPVlHOPezIWVUfx8vBWbJxHmfo8K4rvn+XoTrzDrFIm9mfXItrcenLWJm1TpP
TM3wjnWIQx8b44m/BwZt95eGqoDLod0GMj3UNTCLneKO2F0o1WvF0cmxmbdVYyNf
0HjSdwk1y0ZfRsd1oSVqbB3G5SvynhHA4u5fdf6lksb3YXUR/S7A+38kRE27UNNj
Lx73fgSryU6hA44=</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
    </md:KeyDescriptor>
    <md:KeyDescriptor use="encryption">
      <ds:KeyInfo>
        <ds:KeyName>update-connect.sunet.se</ds:KeyName>
        <ds:X509Data>
          <ds:X509SubjectName>CN=update-connect.sunet.se</ds:X509SubjectName>
          <ds:X509Certificate>MIIFFzCCAv+gAwIBAgIULuziWEr5PpEozg8XdNMuWtKiB/cwDQYJKoZIhvcNAQEL
BQAwIjEgMB4GA1UEAxMXdXBkYXRlLWNvbm5lY3Quc3VuZXQuc2UwHhcNMjMwNTA4
MTExOTA1WhcNMzMwNTA1MTExOTA1WjAiMSAwHgYDVQQDExd1cGRhdGUtY29ubmVj
dC5zdW5ldC5zZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK6sgmtS
d4rMJ7cnHOUHFiRANBP+h4OIgubv1KQgFU6GjwG+kHKM/wai72JrDGhe7p8bwZiY
2jCbQPQlcmXpyueKMZRRvAK3SdnWV1x03Oguen2XAdL3f+fCuVrNzcyEu6eDshUt
5+ey12ljd7dnr5XY0A0LZrCMUiebs3Zm8iOuje16LNUE4jAW3R1mH/g6XGyvzzeg
TNYL17QuG55Aec1Lb87tp+gouy6oY4dWVd6tanHcrcLTDxzrZ1jGooqLeM1Pz+86
2IBLaEP2cAZ3u6KuBAIR4su9HpuNmUQ3cxQaU4uvktX/RyWzcnnFHKoJCbICXr/n
XlGHhPoeHNbNJVZ5Mug6mAy8ak8GWVyQsT7QRur3AYmumAk33vWiO5tsLKQ+vsh6
TU5x71qPyxnt/NMCHRe+vffWzYL37xZV8PnNp4mlIFogo64wBZ0euwuBjRr4u08C
lJYSvd0s5vPy2WqgoYl/MGvtNnZq5Cm431YL9w4U1ZYMBTuBue3Y3kbKJ9HPtcDN
NrlHaBDIFXWXMOZ+bza3gfHTETySsz1XP/7V0NFqKW4+wpJn9Qa4vaDtHnrSg3wX
tttqzAGlCZXPmYk9i3Bh2mlZjtubxqc+DjqcGGfId3tOnmw+tsh5/zvtOzyMBCNB
1SdsEq7g5rW7wNbEI/ceQjXCu+pT6wRiFqvnAgMBAAGjRTBDMCIGA1UdEQQbMBmC
F3VwZGF0ZS1jb25uZWN0LnN1bmV0LnNlMB0GA1UdDgQWBBTW758MNoe5OoW0P0NG
3/qftQG8xjANBgkqhkiG9w0BAQsFAAOCAgEAAR9wggKDdFRtoz+gXCKGTBaQjZ9w
g13hrdNJGvdOcp0aevsZft6huHz4GLeUQPj1xaQXBfbOr5vZjPCtKUfvjZKA5StU
Nif20A1RUacT8QBPneWYMVKNq6mlHwezuftpc1X5+VUNOdxdFapnS+HSR/5xeoWs
oqDWz9SBK7AeEC6Xmj8R8rmu4T6F64yX1yCs0TyvkxRVOlG5FjAyNcBNLxJ6yC+C
WcBFKcyn3BrWajbzyMAtK77DoSbtTMMscuYCvbIbSJjCdTuUtQFWaJ52ene7PefV
MLNlNwEPl+icZYYRjB7D7lRr7F4xUJDsxpDIgTsdbG7aT9iu7PhFziep+LxsQaW3
7Ev+rlId+O+yB2S0y8/CnUZyE1PIIPY/H/gG8qaauiQkukcNCo+ybpHjwYI1BxNR
TZDSRVPU/krXe+nhXr17y19M6NHTwGSAne1euEVGwQIJkGazDW+0UKx3IBoeSkdR
NfiZu0n8CpmEYYuYKf0vlqcoIVfOBzrqxTaDY8uNS1RK/pzWpsoK58QFNc/se5Oq
gA165bapVUCMOiwZE2ggfXh0AHIVZwbx9T1qzbdgcwENWZeGgKwUDeWmy47GUjte
rYGkmYWrFtfrcQExEMZ8IL5is/C5mnXkEHkTjJ+lKXcQz0BbqUjxCwXE+5ddZABT
poFuABRVWaoZFxw=</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
    </md:KeyDescriptor>
    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://update-connect.sunet.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://update-connect.sunet.se/Shibboleth.sso/SLO/SOAP"/>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://update-connect.sunet.se/Shibboleth.sso/SLO/Redirect"/>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://update-connect.sunet.se/Shibboleth.sso/SLO/POST"/>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://update-connect.sunet.se/Shibboleth.sso/SLO/Artifact"/>
    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://update-connect.sunet.se/Shibboleth.sso/SAML2/POST" index="1"/>
    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://update-connect.sunet.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://update-connect.sunet.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://update-connect.sunet.se/Shibboleth.sso/SAML2/ECP" index="4"/>
    <md:AttributeConsumingService index="1">
      <md:ServiceName xml:lang="en">SUNET Update Connect Service</md:ServiceName>
      <md:ServiceName xml:lang="sv">SUNET Update Connect Service</md:ServiceName>
      <md:RequestedAttribute FriendlyName="eduPersonAssurance" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.11" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
      <md:RequestedAttribute FriendlyName="eduPersonPrincipalName" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
      <md:RequestedAttribute FriendlyName="eduPersonScopedAffiliation" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
      <md:RequestedAttribute FriendlyName="givenName" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
      <md:RequestedAttribute FriendlyName="mail" Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
      <md:RequestedAttribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
      <md:RequestedAttribute FriendlyName="mailLocalAddress" Name="urn:oid:2.16.840.1.113730.3.1.13" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
      <md:RequestedAttribute FriendlyName="schacDateOfBirth" Name="urn:oid:1.3.6.1.4.1.25178.1.2.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
      <md:RequestedAttribute FriendlyName="norEduPersonNIN" Name="urn:oid:1.3.6.1.4.1.2428.90.1.5" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
    </md:AttributeConsumingService>
  </md:SPSSODescriptor>
  <md:Organization>
    <md:OrganizationName xml:lang="en">The Swedish Research Council</md:OrganizationName>
    <md:OrganizationName xml:lang="sv">Vetenskapsrådet</md:OrganizationName>
    <md:OrganizationDisplayName xml:lang="en">Sunet</md:OrganizationDisplayName>
    <md:OrganizationDisplayName xml:lang="sv">Sunet</md:OrganizationDisplayName>
    <md:OrganizationURL xml:lang="en">https://www.sunet.se</md:OrganizationURL>
    <md:OrganizationURL xml:lang="sv">https://www.sunet.se/</md:OrganizationURL>
  </md:Organization>
  <md:ContactPerson contactType="technical">
    <md:GivenName>Technical</md:GivenName>
    <md:EmailAddress>mailto:noc@sunet.se</md:EmailAddress>
  </md:ContactPerson>
  <md:ContactPerson contactType="support">
    <md:GivenName>Support</md:GivenName>
    <md:EmailAddress>mailto:noc@sunet.se</md:EmailAddress>
  </md:ContactPerson>
  <md:ContactPerson xmlns:remd="http://refeds.org/metadata" contactType="other" remd:contactType="http://refeds.org/metadata/contactType/security">
    <md:GivenName>SUNET CERT</md:GivenName>
    <md:EmailAddress>mailto:cert@cert.sunet.se</md:EmailAddress>
  </md:ContactPerson>
  <md:ContactPerson contactType="administrative">
    <md:GivenName>Noc</md:GivenName>
    <md:EmailAddress>mailto:noc@sunet.se</md:EmailAddress>
  </md:ContactPerson>
</md:EntityDescriptor>