metadata/swamid-edugain/edusign.geant.org-shibboleth.xml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165

<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute" xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="https://edusign.geant.org/shibboleth">
  <md:Extensions>
    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
    <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
    <mdattr:EntityAttributes>
      <samla:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
        <samla:AttributeValue>http://refeds.org/category/research-and-scholarship</samla:AttributeValue>
        <samla:AttributeValue>http://www.geant.net/uri/dataprotection-code-of-conduct/v1</samla:AttributeValue>
        <samla:AttributeValue>https://refeds.org/category/code-of-conduct/v2</samla:AttributeValue>
      </samla:Attribute>
    </mdattr:EntityAttributes>
    <mdrpi:RegistrationInfo registrationAuthority="http://www.swamid.se/" registrationInstant="2023-06-22T12:12:10Z">
      <mdrpi:RegistrationPolicy xml:lang="en">http://swamid.se/policy/mdrps</mdrpi:RegistrationPolicy>
    </mdrpi:RegistrationInfo>
  </md:Extensions>
  <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
    <md:Extensions>
      <init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://edusign.geant.org/Shibboleth.sso/Login"/>
      <idpdisc:DiscoveryResponse Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://edusign.geant.org/Shibboleth.sso/Login" index="1"/>
      <mdui:UIInfo>
        <mdui:Description xml:lang="en">GEANT eduSIGN Service makes it easy to electronically sign documents</mdui:Description>
        <mdui:Description xml:lang="sv">GEANT eduSIGN gör det enkelt att arbeta med e-signaturer</mdui:Description>
        <mdui:DisplayName xml:lang="en">GEANT eduSIGN Service</mdui:DisplayName>
        <mdui:DisplayName xml:lang="sv">GEANT eduSIGN - tjänst för e-signaturer</mdui:DisplayName>
        <mdui:InformationURL xml:lang="sv">https://www.sunet.se/services/sakerhet/edusign/</mdui:InformationURL>
        <mdui:PrivacyStatementURL xml:lang="sv">https://wiki.sunet.se/display/info/eduSign+Privacy+Policy?showLanguage=sv_SE</mdui:PrivacyStatementURL>
        <mdui:InformationURL xml:lang="en">https://www.sunet.se/services/sakerhet/edusign/</mdui:InformationURL>
        <mdui:PrivacyStatementURL xml:lang="en">https://wiki.sunet.se/display/info/eduSign+Privacy+Policy?showLanguage=en_GB</mdui:PrivacyStatementURL>
      </mdui:UIInfo>
    </md:Extensions>
    <md:KeyDescriptor use="signing">
      <ds:KeyInfo>
        <ds:KeyName>edusign.geant.org</ds:KeyName>
        <ds:X509Data>
          <ds:X509SubjectName>CN=edusign.geant.org</ds:X509SubjectName>
          <ds:X509Certificate>MIIEBTCCAm2gAwIBAgIUf6cxShpXwhpt+2SCwogMG/+be/cwDQYJKoZIhvcNAQEL
BQAwHDEaMBgGA1UEAxMRZWR1c2lnbi5nZWFudC5vcmcwHhcNMjMwNjIxMTAzMDQy
WhcNMzMwNjE4MTAzMDQyWjAcMRowGAYDVQQDExFlZHVzaWduLmdlYW50Lm9yZzCC
AaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAJXllXKm6gTjNBKKuWgr74rf
jNRoPE4yrpB6Zrv+Y+sO4V4p920HD7FAbt46qq7PkD+3aWnL5xWAkARbMSFZTsaB
KNyLXaUMfCQ3pkNgZCaagKlBQ+SByiyJrTaphvG+BeL7yAKpxutKogWJBHS77jh/
9iVmy/Py2cmGXgssVZ0uj4g00CV3RQQTK8QDdcgP1swL+KPMLK+ZnJzEU5MGcpeI
lQmUqoK3Nnmx9HAKp9Lmv1WMf+qTTGyz9GpLzKAdNQzvb1TVdRcpJuQUrh8iRbC6
UUz5grQ4E5AhVKz1nrxtay3AGyL1/d3kOoZTxVW9Rxp+JqaJKD7oE4iBRjCcmpAf
G0Z6L+0WKuyhHIyAZYCRMuOYqJan9seFkchn5FzvkZGtKWuIP5PEovEZ35+d3PU+
VBRtd67jpzPBMuu89iPq9p01x3NJOvPauMdg/SVcrF7RJSDey2XDOrsPSyyz5JJR
fJanu4NUHOr/MQz36qgDZPFOFFnLBsW6TYaWGIMo5QIDAQABoz8wPTAcBgNVHREE
FTATghFlZHVzaWduLmdlYW50Lm9yZzAdBgNVHQ4EFgQUh2P3qmWFcvwTdrR4lgQi
UjSDyFIwDQYJKoZIhvcNAQELBQADggGBAHiYuhohEoOlSOjNGQFi1asD8EfUx1Pr
Bjr1+8tELUNq1dMVvA2rrJ+LFy3jy0dNxw1SELQi2YYQGOKPjoItL4ct644LbJBn
Q4+48LN3Q68/BGJhOBHL0X50e6S+BnT+LejhV2uA07xrg5EO+u8jp646qKZwf55/
MwTP04xuBJhZfnLBKyTzac8771sy8Nm9xNjQ1xSDbmCJ4j+UvTEjD1gNR2zXXyGa
7kyEkdgqjuhXI3uyUWyfE2oQHOVKZUIjRbMvO93hS9YL2upbqmfgQLD9uVjNJ9xw
iKXSoHGPt6u4Em2ioXOM+hxNGIuk9YTR5uwVugAkM4uhnHLbC+sWykvErh0Idmqb
ko2DCfDbJqPnC1mvzPNQbWZUY7bp9hZzOkQiY6Y+szN6WjO4ur/6v91X0dSyxBoS
AHkL+cUIkV5Yo4Lg1NGV+S2cB4V0cDp/H3KR/dstDJigzy1Xl7RWMD8cucD6TNp6
D0JLX3MeVkkRHB6FTUzg+qJG2Fiv5Eva+g==</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
    </md:KeyDescriptor>
    <md:KeyDescriptor use="encryption">
      <ds:KeyInfo>
        <ds:KeyName>edusign.geant.org</ds:KeyName>
        <ds:X509Data>
          <ds:X509SubjectName>CN=edusign.geant.org</ds:X509SubjectName>
          <ds:X509Certificate>MIIEBTCCAm2gAwIBAgIUf6cxShpXwhpt+2SCwogMG/+be/cwDQYJKoZIhvcNAQEL
BQAwHDEaMBgGA1UEAxMRZWR1c2lnbi5nZWFudC5vcmcwHhcNMjMwNjIxMTAzMDQy
WhcNMzMwNjE4MTAzMDQyWjAcMRowGAYDVQQDExFlZHVzaWduLmdlYW50Lm9yZzCC
AaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAJXllXKm6gTjNBKKuWgr74rf
jNRoPE4yrpB6Zrv+Y+sO4V4p920HD7FAbt46qq7PkD+3aWnL5xWAkARbMSFZTsaB
KNyLXaUMfCQ3pkNgZCaagKlBQ+SByiyJrTaphvG+BeL7yAKpxutKogWJBHS77jh/
9iVmy/Py2cmGXgssVZ0uj4g00CV3RQQTK8QDdcgP1swL+KPMLK+ZnJzEU5MGcpeI
lQmUqoK3Nnmx9HAKp9Lmv1WMf+qTTGyz9GpLzKAdNQzvb1TVdRcpJuQUrh8iRbC6
UUz5grQ4E5AhVKz1nrxtay3AGyL1/d3kOoZTxVW9Rxp+JqaJKD7oE4iBRjCcmpAf
G0Z6L+0WKuyhHIyAZYCRMuOYqJan9seFkchn5FzvkZGtKWuIP5PEovEZ35+d3PU+
VBRtd67jpzPBMuu89iPq9p01x3NJOvPauMdg/SVcrF7RJSDey2XDOrsPSyyz5JJR
fJanu4NUHOr/MQz36qgDZPFOFFnLBsW6TYaWGIMo5QIDAQABoz8wPTAcBgNVHREE
FTATghFlZHVzaWduLmdlYW50Lm9yZzAdBgNVHQ4EFgQUh2P3qmWFcvwTdrR4lgQi
UjSDyFIwDQYJKoZIhvcNAQELBQADggGBAHiYuhohEoOlSOjNGQFi1asD8EfUx1Pr
Bjr1+8tELUNq1dMVvA2rrJ+LFy3jy0dNxw1SELQi2YYQGOKPjoItL4ct644LbJBn
Q4+48LN3Q68/BGJhOBHL0X50e6S+BnT+LejhV2uA07xrg5EO+u8jp646qKZwf55/
MwTP04xuBJhZfnLBKyTzac8771sy8Nm9xNjQ1xSDbmCJ4j+UvTEjD1gNR2zXXyGa
7kyEkdgqjuhXI3uyUWyfE2oQHOVKZUIjRbMvO93hS9YL2upbqmfgQLD9uVjNJ9xw
iKXSoHGPt6u4Em2ioXOM+hxNGIuk9YTR5uwVugAkM4uhnHLbC+sWykvErh0Idmqb
ko2DCfDbJqPnC1mvzPNQbWZUY7bp9hZzOkQiY6Y+szN6WjO4ur/6v91X0dSyxBoS
AHkL+cUIkV5Yo4Lg1NGV+S2cB4V0cDp/H3KR/dstDJigzy1Xl7RWMD8cucD6TNp6
D0JLX3MeVkkRHB6FTUzg+qJG2Fiv5Eva+g==</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
    </md:KeyDescriptor>
    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://edusign.geant.org/Shibboleth.sso/Artifact/SOAP" index="1"/>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://edusign.geant.org/Shibboleth.sso/SLO/SOAP"/>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://edusign.geant.org/Shibboleth.sso/SLO/Redirect"/>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://edusign.geant.org/Shibboleth.sso/SLO/POST"/>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://edusign.geant.org/Shibboleth.sso/SLO/Artifact"/>
    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://edusign.geant.org/Shibboleth.sso/SAML2/POST" index="1"/>
    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://edusign.geant.org/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://edusign.geant.org/Shibboleth.sso/SAML2/Artifact" index="3"/>
    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://edusign.geant.org/Shibboleth.sso/SAML2/ECP" index="4"/>
    <md:AttributeConsumingService index="1">
      <md:ServiceName xml:lang="en">GEANT eduSIGN Service</md:ServiceName>
      <md:ServiceName xml:lang="sv">GEANT eduSIGN - tjänst för e-signaturer</md:ServiceName>
      <md:RequestedAttribute FriendlyName="displayName" Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
      <md:RequestedAttribute FriendlyName="eduPersonAssurance" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.11" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
      <md:RequestedAttribute FriendlyName="eduPersonPrincipalName" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
      <md:RequestedAttribute FriendlyName="givenName" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
      <md:RequestedAttribute FriendlyName="mail" Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
      <md:RequestedAttribute FriendlyName="mailLocalAddress" Name="urn:oid:2.16.840.1.113730.3.1.13" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
      <md:RequestedAttribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
    </md:AttributeConsumingService>
  </md:SPSSODescriptor>
  <md:Organization>
    <md:OrganizationName xml:lang="en">GEANT</md:OrganizationName>
    <md:OrganizationName xml:lang="sv">GEANT</md:OrganizationName>
    <md:OrganizationDisplayName xml:lang="en">GEANT</md:OrganizationDisplayName>
    <md:OrganizationDisplayName xml:lang="sv">GEANT</md:OrganizationDisplayName>
    <md:OrganizationURL xml:lang="en">https://www.geant.org</md:OrganizationURL>
    <md:OrganizationURL xml:lang="sv">https://www.geant.org</md:OrganizationURL>
  </md:Organization>
  <md:ContactPerson contactType="support">
    <md:GivenName>SUNET</md:GivenName>
    <md:SurName>NOC</md:SurName>
    <md:EmailAddress>mailto:noc@sunet.se</md:EmailAddress>
    <md:TelephoneNumber>+46 90-20 59 100</md:TelephoneNumber>
  </md:ContactPerson>
  <md:ContactPerson contactType="technical">
    <md:GivenName>SUNET</md:GivenName>
    <md:SurName>NOC</md:SurName>
    <md:EmailAddress>mailto:noc@sunet.se</md:EmailAddress>
    <md:TelephoneNumber>+46 8 20 78 60</md:TelephoneNumber>
  </md:ContactPerson>
  <md:ContactPerson contactType="administrative">
    <md:GivenName>SUNET</md:GivenName>
    <md:SurName>NOC</md:SurName>
    <md:EmailAddress>mailto:noc@sunet.se</md:EmailAddress>
  </md:ContactPerson>
  <md:ContactPerson xmlns:remd="http://refeds.org/metadata" contactType="other" remd:contactType="http://refeds.org/metadata/contactType/security">
    <md:GivenName>SUNET CERT</md:GivenName>
    <md:EmailAddress>mailto:cert@cert.sunet.se</md:EmailAddress>
  </md:ContactPerson>
</md:EntityDescriptor>