blob: f227356cc9ce87a709d33c6756fb551b9bc6d0e8 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
|
<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute" xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="https://cocov1-2.release-check.swamid.se/shibboleth">
<md:Extensions>
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
<alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
<mdrpi:RegistrationInfo registrationAuthority="http://www.swamid.se/" registrationInstant="2021-10-19T15:49:00Z">
<mdrpi:RegistrationPolicy xml:lang="en">http://swamid.se/policy/mdrps</mdrpi:RegistrationPolicy>
</mdrpi:RegistrationInfo>
<mdattr:EntityAttributes>
<samla:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<samla:AttributeValue>http://www.geant.net/uri/dataprotection-code-of-conduct/v1</samla:AttributeValue>
</samla:Attribute>
</mdattr:EntityAttributes>
</md:Extensions>
<md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<md:Extensions>
<init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://cocov1-2.release-check.swamid.se/Shibboleth.sso/Login"/>
<idpdisc:DiscoveryResponse Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://cocov1-2.release-check.swamid.se/Shibboleth.sso/Login" index="1"/>
<init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://cocov1-2.release-check.swamid.se/Shibboleth.sso/DS/swamid-test"/>
<idpdisc:DiscoveryResponse Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://cocov1-2.release-check.swamid.se/Shibboleth.sso/DS/swamid-test" index="2"/>
<init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://cocov1-2.release-check.swamid.se/Shibboleth.sso/DS/seamless-access"/>
<idpdisc:DiscoveryResponse Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://cocov1-2.release-check.swamid.se/Shibboleth.sso/DS/seamless-access" index="3"/>
<mdui:UIInfo>
<mdui:Description xml:lang="en">This is a test service for Identity Provider administrators to test that they follow the SWAMID Best Current Practice for Entity Category Attribute Release.</mdui:Description>
<mdui:Description xml:lang="sv">Detta är en testtjänst avsedd för systemadministratörer med identitetsutgivare registrerade i SWAMID. Tjänsten testar om identitetsutfärdaren följer SWAMID Best Current Practice for Entity Category Attribute Release.</mdui:Description>
<mdui:DisplayName xml:lang="en">SWAMID Entity Category Release Check - GÉANT CoCo part 2</mdui:DisplayName>
<mdui:DisplayName xml:lang="sv">SWAMID Entity Category Release Check - GÉANT CoCo del 2</mdui:DisplayName>
<mdui:InformationURL xml:lang="en">https://release-check.swamid.se/</mdui:InformationURL>
<mdui:InformationURL xml:lang="sv">https://release-check.swamid.se/</mdui:InformationURL>
<mdui:Logo xml:lang="en" height="100" width="115">https://release-check.swamid.se/swamid-logo-2-100x115.png</mdui:Logo>
<mdui:Logo xml:lang="sv" height="100" width="115">https://release-check.swamid.se/swamid-logo-2-100x115.png</mdui:Logo>
<mdui:PrivacyStatementURL xml:lang="en">https://wiki.sunet.se/display/SWAMID/SWAMID+Entity+Category+Release+Check+-+Privacy+Policy?showLanguage=en_GB</mdui:PrivacyStatementURL>
<mdui:PrivacyStatementURL xml:lang="sv">https://wiki.sunet.se/display/SWAMID/SWAMID+Entity+Category+Release+Check+-+Privacy+Policy?showLanguage=sv_SE</mdui:PrivacyStatementURL>
</mdui:UIInfo>
</md:Extensions>
<md:KeyDescriptor use="signing">
<ds:KeyInfo>
<ds:KeyName>release-check.swamid.se</ds:KeyName>
<ds:X509Data>
<ds:X509SubjectName>CN=release-check.swamid.se</ds:X509SubjectName>
<ds:X509Certificate>MIIFFzCCAv+gAwIBAgIUGZLlVQ7uTEGlHeuHGjnDuUAbhMcwDQYJKoZIhvcNAQEL
BQAwIjEgMB4GA1UEAxMXcmVsZWFzZS1jaGVjay5zd2FtaWQuc2UwHhcNMjIwNzAx
MDgzMjU4WhcNMzIwNjI4MDgzMjU4WjAiMSAwHgYDVQQDExdyZWxlYXNlLWNoZWNr
LnN3YW1pZC5zZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAJx9KHev
+KNPo0kGHnwzyk4V1ye8ZxSy9GR1QqAtsg3C6ObDf8Zc8Xak1c8niWqIET0NjdXV
9CImXFBqiViIoEfDsv2HYCfflbQeGUPm1dZINdUvjE0ImqYOpOIrPf9+ewJW1NE0
jdksHCa5Kb2f0JITuF2DJoNXJA3iq07iLo81ZghdozQPQiiVktnnYH3ziuIB1OBE
DKNBD/kCAUZs+4TICN8SzCW13oXlgEfn+WVG76D95V/zdEHXO+18ktl8o4G/x/4h
zuhu9gnp2k38+UibXl5rfQOgG4W4Xf7yf4Ev9VxTtbCXX5mJN5q7ymZeZg85EuTf
+gDFmJ1yYj82EtJQoNQHq4SuR6oWxnV3Gpe5hX8TJB5KaDaeLMpPnynRT83NhQ+l
L74gEooEet8uhfAaUS/QFHYHtue4QjdMhOKRr+px0EnMAYAkL/a7QoUDkoF+Uiaw
R3ZnrqP4mlja6TNluXaNYClP1r1QZFLkXISl+jVjz9spJiuoLrd5qyWHcw6WoqPT
iSBM4dHWgRSNAUEE3KE6PdZKB6QYmd+4sbnenHFpv/0JTyiz4W/OtujzaW7nINAl
q/vtv58MxN0z3Lo+soqYyCCGzBSmM93FGs1EdjJBapO1DWRpK3OJ1SD/Vd7/a4Yb
YqF9vls3IqzzI6/KuhC7Ln03q9UbsDcgd5xlAgMBAAGjRTBDMCIGA1UdEQQbMBmC
F3JlbGVhc2UtY2hlY2suc3dhbWlkLnNlMB0GA1UdDgQWBBQbU2ryATd41HCxSKj/
jRbnr9QNoDANBgkqhkiG9w0BAQsFAAOCAgEAlZCv03aX6k3705AmjW3jEOwhq+6Y
ceALENoDoaqCatDtzEpsXwuM7VK+Bkr893mgGFU45GayIMDvCPikVENo9Y2jHGhr
bMUJcHPQUDEWPUndwDcxMcvbw5RrMFncfiksDTI/H1nZT5xzDspIns3ziTiVKg0n
mw62aLIMawmleqP93AgJ3A4GSmklA6+rSa96/Aw/Rf2MGDe2b3CfBrjj5OFQu6Qf
huW2+c6q+qJmhcY5xu3qdtnhTE3ndUPkSRNBcRV5129CpwZ9oZ2gZpfvRkmoJFE4
RAi555XnduQkRrftB7Cdj/pspoF+4PfyTtnlrxm2Dds8AwNwlWzvg6tYmlDy6ZLD
5z+McekKF2R28pbVpd4rI32D+h0mpDLsc3rlhH7qn2rOoIKfOOSGURVWFwbIi/Qi
GxR64BtHHGjMMdOb5B27Rudw/pifzj/eRueDV4hM5xGY3FtyB5nPpia5kQjx4qEo
+ZmwKbmR5RnyQ9Gt0W9XBmafWinhoeiUYrw2/hGGlOGKUp0dbnGmoY7dKLuVB6Cl
B3ueMq7hBEPvSPDa1xUKJ6ZalS1rwDwET7jRaueC0E59HLAVyRF0ZeC+n7lTzUez
TAmqiu49Fkne+ti/T3CI+FgG8fof2byidIbFNYELZWQgA2Wa07SOTSGeDrIcmAW1
h6xrfpon4qdarT0=
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
<md:KeyDescriptor use="encryption">
<ds:KeyInfo>
<ds:KeyName>release-check.swamid.se</ds:KeyName>
<ds:X509Data>
<ds:X509SubjectName>CN=release-check.swamid.se</ds:X509SubjectName>
<ds:X509Certificate>MIIFFzCCAv+gAwIBAgIUQ+3ByPKW+MpUKh+52zwsWvbVqLcwDQYJKoZIhvcNAQEL
BQAwIjEgMB4GA1UEAxMXcmVsZWFzZS1jaGVjay5zd2FtaWQuc2UwHhcNMjIwNzAx
MDgzMjU4WhcNMzIwNjI4MDgzMjU4WjAiMSAwHgYDVQQDExdyZWxlYXNlLWNoZWNr
LnN3YW1pZC5zZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALO9yFoT
yA/iJv4qzBpL/KzROnLAFWYdC4fGxQfwT7HCdKFk35h6QVl8YtwgP3EvZTN77elX
/kXh7kxP+zwbvwrQXlJeoFHFUmYH9Qu9Ejs7tJb+AqWFFIs3/CauEk2qnw8/DfVW
cAY9jXsY/MgNjjtO4F8tA60UdlL4VYc1dDuYVJvDRncGH2MrrIskJ79Pf5mhECoo
fplDsi447JTADioWz5oKu0OmzCKD7EApt1KUXB5UDd1NXIcSfD/QH2p+hphbCBL5
6Jd5mLSxqylLflG1dXzoQPf+biNgghP4IjtSt+TECnbzTLOcrZYrpHWWhOTei3+H
WxqdF5NhYwKL5syK3ycEAOuenf3AEEsLlmX80A7HFwIFQlQdCcv6tR95aq5xQXyX
ihSFbx8oJ0JYO10+6me4SvQ/3FN9WYRZz76rM1JiAKD3uxXC4vhsLAEkSap3phE1
Y5jCwRXP/i/eBqZ5OyEIOYf0OqVJBjLjLJcNjVFLgn2R22rN4H+eGk6++vqyOTMu
KMYSXVHvzSmRXJaqdsSYYA+92nPvKg5//kjldplyDZ6NdJIVqkVOBq5ziee60hQm
+L5joqosfJ0yXJJvq6MQgXrVLjfqHCRcSD2bleubrY2Y27S134jk59fpczIlqTsE
epuD3g8unj+ZFpmlag6yI6VMCKztFEwXKOgzAgMBAAGjRTBDMCIGA1UdEQQbMBmC
F3JlbGVhc2UtY2hlY2suc3dhbWlkLnNlMB0GA1UdDgQWBBTHMQO9umbTE5hDulV+
xwEkNqyS6TANBgkqhkiG9w0BAQsFAAOCAgEApbkKljjaOR1D/+9B6HfCy9eYyXOw
GrhoMb8FAVXxpoVlUTEQqAzPcNi/D8jJVpYUBIg908tIl2qyTAYgzlHD7SiIh/P0
HPBFdOR/YL2jY9T3lb9ZdCVQjBoBbAy/UTlUxZTZfT78L0cbPvSrfG0tK+e1dugd
QbGv8nkeGA+F6YYtlRtiiyf25Hov/+eN0+Rzh9aSU/vFyw5Mzw2cT5h/3+UBOTAa
lV7oB5Vwgsqzm7G6At4ftwfnuNdveHwRjBhNhiwiuFe1St+//7NrX8wFrztEC40q
Alx6tAXZF7MuRq++w0L5xFpnKQZG8qg0b/iOS+BIqWEItI39XbJvnkAlk447Y3oc
2s2A3F6FRTrghAAM788GZ5sSBn2IESTOAp2HkGJdMGrBfi6wygeXQQaarar2ruwr
KISgbDg+2w4tnP3l6pIH3d2mlAbj0Ubhv5+8q+kukJ+/gpQhaMtAgIp/6i3kEkQV
JbQ2kA+bERhoKXszGpwHb8rBslWNloOPkpsEKhqeR3lRQ6FEDoy2PwCz3ulIr9Vu
Ao5BpXXeju6s7+XovTPuvmHeDHJE94H1br1dnW2uc21J2fxDCXTmjOZNebbv4I8Y
BYaSPpUjtlSq2k22e/g3akDlsvxFg4xrVSgHc2bKo7YJjzBEhIdMvpQtstwty6Ch
B74Mrn0TheZeZB4=
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
<md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
</md:KeyDescriptor>
<md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://cocov1-2.release-check.swamid.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://cocov1-2.release-check.swamid.se/Shibboleth.sso/SLO/SOAP"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://cocov1-2.release-check.swamid.se/Shibboleth.sso/SLO/Redirect"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://cocov1-2.release-check.swamid.se/Shibboleth.sso/SLO/POST"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://cocov1-2.release-check.swamid.se/Shibboleth.sso/SLO/Artifact"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://cocov1-2.release-check.swamid.se/Shibboleth.sso/SAML2/POST" index="1"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://cocov1-2.release-check.swamid.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://cocov1-2.release-check.swamid.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://cocov1-2.release-check.swamid.se/Shibboleth.sso/SAML2/ECP" index="4"/>
<md:AttributeConsumingService index="1">
<md:ServiceName xml:lang="en">Release-check for SWAMID</md:ServiceName>
<md:ServiceName xml:lang="sv">Release-check for SWAMID</md:ServiceName>
<md:RequestedAttribute FriendlyName="c" Name="urn:oid:2.5.4.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="cn" Name="urn:oid:2.5.4.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="co" Name="urn:oid:0.9.2342.19200300.100.1.43" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="displayName" Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="eduPersonPrincipalName" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="eduPersonTargetedID" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="givenName" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="mail" Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="norEduOrgAcronym" Name="urn:oid:1.3.6.1.4.1.2428.90.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="o" Name="urn:oid:2.5.4.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="schacHomeOrganization" Name="urn:oid:1.3.6.1.4.1.25178.1.2.9" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
</md:AttributeConsumingService>
</md:SPSSODescriptor>
<md:Organization>
<md:OrganizationName xml:lang="en">The Swedish Research Council</md:OrganizationName>
<md:OrganizationName xml:lang="sv">Vetenskapsrådet</md:OrganizationName>
<md:OrganizationDisplayName xml:lang="en">Swedish Academic Identity Federation (SWAMID)</md:OrganizationDisplayName>
<md:OrganizationDisplayName xml:lang="sv">Swedish Academic Identity Federation (SWAMID)</md:OrganizationDisplayName>
<md:OrganizationURL xml:lang="en">http://www.swamid.se</md:OrganizationURL>
<md:OrganizationURL xml:lang="sv">http://www.swamid.se</md:OrganizationURL>
</md:Organization>
<md:ContactPerson contactType="administrative">
<md:GivenName>SWAMID Operations</md:GivenName>
<md:EmailAddress>mailto:operations@swamid.se</md:EmailAddress>
</md:ContactPerson>
<md:ContactPerson contactType="technical">
<md:GivenName>SWAMID Operations</md:GivenName>
<md:EmailAddress>mailto:operations@swamid.se</md:EmailAddress>
</md:ContactPerson>
<md:ContactPerson contactType="support">
<md:GivenName>SWAMID Operations</md:GivenName>
<md:EmailAddress>mailto:operations@swamid.se</md:EmailAddress>
</md:ContactPerson>
<md:ContactPerson xmlns:remd="http://refeds.org/metadata" contactType="other" remd:contactType="http://refeds.org/metadata/contactType/security">
<md:GivenName>Security Response Team</md:GivenName>
<md:EmailAddress>mailto:abuse@sunet.se</md:EmailAddress>
</md:ContactPerson>
</md:EntityDescriptor>
|