blob: 2f9b92ae01779407f73b8458193b0d0420a97a99 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
|
<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute" xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="https://account.tst.ki.se/shibboleth">
<md:Extensions>
<mdrpi:RegistrationInfo registrationAuthority="http://www.swamid.se/" registrationInstant="2019-05-09T07:47:08Z">
<mdrpi:RegistrationPolicy xml:lang="en">http://swamid.se/policy/mdrps</mdrpi:RegistrationPolicy>
</mdrpi:RegistrationInfo>
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
<alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
<mdattr:EntityAttributes>
<samla:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category">
<samla:AttributeValue>http://www.geant.net/uri/dataprotection-code-of-conduct/v1</samla:AttributeValue>
<samla:AttributeValue>https://refeds.org/category/code-of-conduct/v2</samla:AttributeValue>
</samla:Attribute>
</mdattr:EntityAttributes>
</md:Extensions>
<md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<md:Extensions>
<init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://account.tst.ki.se/Shibboleth.sso/Login"/>
<mdui:UIInfo>
<mdui:DisplayName xml:lang="sv">KI Account (test)</mdui:DisplayName>
<mdui:DisplayName xml:lang="en">KI Account (test)</mdui:DisplayName>
<mdui:Description xml:lang="sv">Kontohantering/aktivering för anställda, studenter, m.fl. som har konto på KI</mdui:Description>
<mdui:Description xml:lang="en">Account management/activation for employees, students and others with accounts at KI</mdui:Description>
<mdui:InformationURL xml:lang="en">https://account.ki.se</mdui:InformationURL>
<mdui:InformationURL xml:lang="sv">https://account.ki.se</mdui:InformationURL>
<mdui:PrivacyStatementURL xml:lang="en">https://account.ki.se/pp_en.html</mdui:PrivacyStatementURL>
<mdui:PrivacyStatementURL xml:lang="sv">https://account.ki.se/pp_sv.html</mdui:PrivacyStatementURL>
</mdui:UIInfo>
</md:Extensions>
<md:KeyDescriptor use="signing">
<ds:KeyInfo>
<ds:KeyName>kitstaccount02</ds:KeyName>
<ds:X509Data>
<ds:X509SubjectName>CN=kitstaccount02</ds:X509SubjectName>
<ds:X509Certificate>MIID8TCCAlmgAwIBAgIJAJ0SjQN6wIZYMA0GCSqGSIb3DQEBCwUAMBkxFzAVBgNV
BAMTDmtpdHN0YWNjb3VudDAyMB4XDTE4MDkyNzEyNTIxN1oXDTI4MDkyNDEyNTIx
N1owGTEXMBUGA1UEAxMOa2l0c3RhY2NvdW50MDIwggGiMA0GCSqGSIb3DQEBAQUA
A4IBjwAwggGKAoIBgQCcfM1KYqRlCTWqwGcem8xaW29vyr85d5oTHjncMk4qZgAk
llZZfpx6ZgimC0CfBXl135eixHtoYNDNxrU5ymRqSlWPAVUVRmZbYrwaD5W/MI66
SjJCeahNJu9HnEFkmhoOb+30MU3FmyHhhJ3H4MgUKNX0sJvYUUkXqMCwsgv567cN
8VH4mA1cXUS3+tuVN+Frm9SXIoLkerQ8UlfXa0Hmw1j3V86j/NXGEvh2NmMVl0dL
7KX1rbd74j1puzcq7uRUpppvy0DbC9TZNRC4jid1percYwzsjcJACSlub6dxqeme
mNh3psGddav0CTY9pdLOGJIDKEghYoults8sMo3+hTs83Mg4A7vmxTx7H1yhL1jN
zHcuefmkMC65oc+ZNq9yw9jIJgz+vJygAautj4v1aha0wBpp+9Whf447uVGE+f+5
yJEn8wOxArGl05xFpYCiVZpZDiYK2ruaTIw4oCJd40u8uEcTahEIoC+J26LFC/Sl
MqS9s9syb8JHLcW2zL0CAwEAAaM8MDowGQYDVR0RBBIwEIIOa2l0c3RhY2NvdW50
MDIwHQYDVR0OBBYEFDJCqeH7IJpZUArfCvfRLNpzXZeaMA0GCSqGSIb3DQEBCwUA
A4IBgQAtdWnvfBQYhRMYj16vUyu2xAqcQ9FM5Gez4B/PN+qg+Nz64RBdcae5d2c+
aadpPYA6acvEopG8q4qn5AG85eOYqyfSNJtVpmQ4WfI7PPpj3Co44XErI8uKCVWH
9rjmEUhMcBZ2Fa5I/tuoMSwx/qZ1G5rTHqCNe5/E4CRVfrUwV7Frq78jA2MXeLsm
xA/RR0AwAs7FcqD9cFSaC9zUpWA+RJj8mjkInkrrMRLN/xeBEQ2nOdPKABvApXs8
vYzlwHuTfLpdsvqOXKIEDUG3KehgFIzAjtJjSG7/kEpoFij180PtFMnXhWCR2Gyp
ttbi4fP8kTUFoNecbfbyVqW+gkTv0hb0uq3ZhjXcJlqxviMrIeBzSczutAFlwhPg
9kK8rsZ2TnYgxwIyh/ZH9krgP7CExuRQ7LSsvT9/jHA0xIwZtx2Sq0M7kkYnEws4
pmOkF0I1lUtUOqbm/le2XL6qO1AJ7kIxn4yF+7naPCtrP86Ysv0HB4bbhFhvAerA
WPYTbJ4=
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
<md:KeyDescriptor use="encryption">
<ds:KeyInfo>
<ds:KeyName>kitstaccount02</ds:KeyName>
<ds:X509Data>
<ds:X509SubjectName>CN=kitstaccount02</ds:X509SubjectName>
<ds:X509Certificate>MIID8TCCAlmgAwIBAgIJAJddqaaAnjFpMA0GCSqGSIb3DQEBCwUAMBkxFzAVBgNV
BAMTDmtpdHN0YWNjb3VudDAyMB4XDTE4MDkyNzEyNTIxN1oXDTI4MDkyNDEyNTIx
N1owGTEXMBUGA1UEAxMOa2l0c3RhY2NvdW50MDIwggGiMA0GCSqGSIb3DQEBAQUA
A4IBjwAwggGKAoIBgQDrJXjS5W4NOGb1texcFHePcOTHb4figMMti44+QtRZJAqa
v2ce86Fd72ZWW6h8Kok/hakkJpCOEYfPFDLVcRpUsuVTxrZqmKZo0K6bAcV1wU62
3IAICXGxL4JLJt7b9xE5jpzL02cmTe6ahZT+2iU1LBcIvCi/wDmaqbUYFtoC4zcj
XSig0hR7I6BA/pjV+NRmggxpFAt3IkeSZtbyuPBnCRhDD5FoNNK2Qb8eb93iaQIZ
lsd4bmDoJD2WbndGchkEmRTLju8ir2GLNpduJp5KMscKK4Z+EhyD69IK+0AJGYUR
kHFODSbEQ98JrYUCYKDfMVXtlwNQQNuR+UkEEEHZ81RUpGrbo5N6mBSKNS61HA/0
A5ObLrxtpwbcl0ANF10ImoyPKHe3/8J5+dlrRnarxRb0oPh4mtN479DwsvTo+FTJ
k+KiRTvUaZx6HSlgsshCP5FjGWhxK1WTTi6B8dF9BnhSKDyHBLMqXwmGvX6r4Ofe
5PQNEK7RGncxQzy9DWsCAwEAAaM8MDowGQYDVR0RBBIwEIIOa2l0c3RhY2NvdW50
MDIwHQYDVR0OBBYEFCj0cPgMkGwdXVg/53a7e7ekjGv/MA0GCSqGSIb3DQEBCwUA
A4IBgQCPwfVpCrucR8oKRO3MtLOv9eAg5MuMES9MHKOZcXuFp4pLCRf3344N+jik
zL9R+c/FsIcbdEOwe4GT8Q4t2wzW3n8X5j3oTIfqZtSxpm32O1/7TTS8bltRPBEa
5RELYyx+Umbv6Vuk6SgORu4PQqhCbCNCxbYhOWVmdC2khAVyAduGnHTtuv+ZuXuP
q+f8j88zpAh8GSCJHH7+4WyDQV0Kj68BKOyP3W+zPK4FTPd5oENo1QiSo+AIiXwm
BhbH3AKgNRZoXUjg+7yciEDzksO7f5h+lmSfMhiOgkUZ4B63OAXIF25g7FTic12O
S94QjNh8PBmhpdK5IdKWxiaOFkCERwj+XXE+Np9Hk/ysdrsNxXjXFysl3jVEvHON
nI9Ix5nMnL/N/Tt9aDuYtAywFX9kPlS4u3LGRhjqaljXz5/dMOq98FpHZqoL2Xrn
HfEtdyWoym5tQj7qZhcgcrOVZoMO+28u3cdTVFVKGNHxRzM56vgGvJL1jIQe18D+
+8NqzrQ=
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
<md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
</md:KeyDescriptor>
<md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://account.tst.ki.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://account.tst.ki.se/Shibboleth.sso/SLO/SOAP"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://account.tst.ki.se/Shibboleth.sso/SLO/Redirect"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://account.tst.ki.se/Shibboleth.sso/SLO/POST"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://account.tst.ki.se/Shibboleth.sso/SLO/Artifact"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://account.tst.ki.se/Shibboleth.sso/SAML2/POST" index="1"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://account.tst.ki.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://account.tst.ki.se/Shibboleth.sso/SAML2/ECP" index="4"/>
<md:AttributeConsumingService index="1">
<md:ServiceName xml:lang="en">KI Account (test)</md:ServiceName>
<md:ServiceName xml:lang="sv">KI Account (test)</md:ServiceName>
<md:RequestedAttribute FriendlyName="norEduPersonNIN" Name="urn:oid:1.3.6.1.4.1.2428.90.1.5" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
</md:AttributeConsumingService>
</md:SPSSODescriptor>
<md:Organization>
<md:OrganizationName xml:lang="en">Karolinska Institutet</md:OrganizationName>
<md:OrganizationName xml:lang="sv">Karolinska Institutet</md:OrganizationName>
<md:OrganizationDisplayName xml:lang="sv">Karolinska Institutet</md:OrganizationDisplayName>
<md:OrganizationDisplayName xml:lang="en">Karolinska Institutet</md:OrganizationDisplayName>
<md:OrganizationURL xml:lang="en">https://ki.se</md:OrganizationURL>
<md:OrganizationURL xml:lang="sv">https://ki.se</md:OrganizationURL>
</md:Organization>
<md:ContactPerson contactType="administrative">
<md:Company>Karolinska Institutet</md:Company>
<md:EmailAddress>mailto:selfservice@ki.se</md:EmailAddress>
</md:ContactPerson>
<md:ContactPerson contactType="technical">
<md:Company>Karolinska Institutet</md:Company>
<md:EmailAddress>mailto:selfservice@ki.se</md:EmailAddress>
</md:ContactPerson>
<md:ContactPerson contactType="support">
<md:Company>Karolinska Institutet</md:Company>
<md:EmailAddress>mailto:selfservice@ki.se</md:EmailAddress>
<md:TelephoneNumber>+46 8 524 82222</md:TelephoneNumber>
</md:ContactPerson>
<md:ContactPerson xmlns:remd="http://refeds.org/metadata" contactType="other" remd:contactType="http://refeds.org/metadata/contactType/security">
<md:Company>Karolinska Institutet</md:Company>
<md:GivenName>Security Response Team</md:GivenName>
<md:EmailAddress>mailto:abuse@ki.se</md:EmailAddress>
</md:ContactPerson>
</md:EntityDescriptor>
|