summaryrefslogtreecommitdiff
path: root/swamid-2.0/verify.sunet.se-shibboleth.xml
blob: ab9c30775a35a70beb93bbc61f8eff31193956e2 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute" xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="https://verify.sunet.se/shibboleth">
  <md:Extensions>
    <mdrpi:RegistrationInfo registrationAuthority="http://www.swamid.se/" registrationInstant="2022-03-16T09:08:39Z">
      <mdrpi:RegistrationPolicy xml:lang="en">http://swamid.se/policy/mdrps</mdrpi:RegistrationPolicy>
    </mdrpi:RegistrationInfo>
    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
    <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
    <mdattr:EntityAttributes>
      <samla:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
        <samla:AttributeValue>http://www.geant.net/uri/dataprotection-code-of-conduct/v1</samla:AttributeValue>
      </samla:Attribute>
    </mdattr:EntityAttributes>
  </md:Extensions>
  <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
    <md:Extensions>
      <init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://verify.sunet.se/Shibboleth.sso/Login"/>
      <idpdisc:DiscoveryResponse Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://verify.sunet.se/Shibboleth.sso/Login" index="1"/>
      <init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://verify.sunet.se/Shibboleth.sso/DS/seamless-access"/>
      <idpdisc:DiscoveryResponse Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://verify.sunet.se/Shibboleth.sso/DS/seamless-access" index="2"/>
      <init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://verify.sunet.se/Shibboleth.sso/DS/thiss.io"/>
      <idpdisc:DiscoveryResponse Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://verify.sunet.se/Shibboleth.sso/DS/thiss.io" index="3"/>
      <mdui:UIInfo>
        <mdui:Description xml:lang="en">SUNET User verification</mdui:Description>
        <mdui:DisplayName xml:lang="en">SUNET User verification</mdui:DisplayName>
        <mdui:DisplayName xml:lang="sv">SUNET - användare verifiering</mdui:DisplayName>
        <mdui:InformationURL xml:lang="sv">https://verify.sunet.se</mdui:InformationURL>
        <mdui:InformationURL xml:lang="en">https://verify.sunet.se</mdui:InformationURL>
        <mdui:Description xml:lang="sv">SUNET - användare verifiering</mdui:Description>
        <mdui:PrivacyStatementURL xml:lang="en">https://verify.sunet.se/?Privacy</mdui:PrivacyStatementURL>
        <mdui:PrivacyStatementURL xml:lang="sv">https://verify.sunet.se/?Privacy</mdui:PrivacyStatementURL>
      </mdui:UIInfo>
    </md:Extensions>
    <md:KeyDescriptor use="signing">
      <ds:KeyInfo>
        <ds:KeyName>verify.sunet.se</ds:KeyName>
        <ds:X509Data>
          <ds:X509SubjectName>CN=verify.sunet.se</ds:X509SubjectName>
          <ds:X509Certificate>MIIE/zCCAuegAwIBAgIULbPbOMcqWt3IcywnSmI0oiBelR0wDQYJKoZIhvcNAQEL
BQAwGjEYMBYGA1UEAxMPdmVyaWZ5LnN1bmV0LnNlMB4XDTIyMDMxNTE1NDAzNFoX
DTMyMDMxMjE1NDAzNFowGjEYMBYGA1UEAxMPdmVyaWZ5LnN1bmV0LnNlMIICIjAN
BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA06pxNT6nLpTOet5Irr10nXZiWsDZ
S78kry0aqEsahlWf0lNc3z6GuAJ3NfngzccxohLOVui9AcZDKM/TcbCjIbWdcJTg
YoW5opCmASo2vkGKQCk52m6vBuLr2YijZB7S4Ek38yXpqIW35JfD+d+z23yA2wJ1
+TXEVD/abLzgPTFan8wnB7xINl9SFSYqB5/NAN0GZPFvEB86vh00NYYKQjrlUSI1
KWTTaNUjrmQoqVMHio1qjJnNuqy7vXr6fHY1S5fgOIOrc6Gzzl9hzK135JX/D1IK
bFWJmmIcIo+jeBtq8kGsCOpxgmjJSp0CukS3R5BfuoHSzhtENpl0AkqUoElnuAiu
OSi+2l+hbUxiiP4/R5XtIF2cz5Dmfa2i0E9deTF5UGLuVlF5dQYMmoc4goLubWgQ
CxWPb7VryODMumRFn51nsw5zyon3dJ60umLN1+SSADPkjJuUIA7FH0ze8VHBgE3F
6QBB0yjkZfuLps1ZPbYRSPxgbCpQ+5xUEls7n2tlgsC/joRF/zH0AI17tjcCXWfg
BukctE+rvdnIbTEWJXS/ZozCzDAO9CljIzTFycmJOUr67NFQhX9erDoKSrMF7ibe
6L2xzcyu1lLUYrNkreLz2egc05WrVlTBt/XS9B/oEGzcBNArooAQPtWlnq6fsfWX
Zb/9DBWu1M/JGfMCAwEAAaM9MDswGgYDVR0RBBMwEYIPdmVyaWZ5LnN1bmV0LnNl
MB0GA1UdDgQWBBQD4ApjqNfLK78NvIyZEaZ1JFbmczANBgkqhkiG9w0BAQsFAAOC
AgEAz98RwdRqONUT0S/JTTNI9I6oGS5oWybKP1JGB5SJHlnFTkgi76gdnTZPtoh5
x2v8rREpfpC9ULtDIKU3X4bVNoCWFLs//akBzo1nv88BrfvcQ48OBToXO3875pkv
fdl/DLqUCbvgp+4ah4nsdlYuMf7zdYRRuYYRwvwkBWHc2CmjDfdB2Wqd9NpTqkGK
cHAk//0tzW+hB3NFLb2y19ZLw4fQXABKuU4m3XEAplqj94QTjPIeMkdWAtzcgXGs
VEmgIeDFlXF5ujLocXDIOJPk9krxOEGx2C7G2XtJXuU3ykmbZkWCst1bPkWBmXcW
eb2CffwfXlaqCVgs+bwfttsDZkWHc4YNcDcXjbZCt5R2wo03GGXexoynuJHS/j5s
AWhj85gjiLLLTOt7c0XjLlKRINxWs/gRLNKgLOCP42V92pvUI6fLkKt4cY4ATz/H
jvJpF/djv6sfYgyuqKaStyq2z1RIg9pKRTvNSUGlwQivrqKifFkkJedUmiHENK/v
YrBs/sZMhcXcpnvEEwSqU/Z0iO8h1GrUfcYYeBj9g78keEn9Z/qlNORE7f1S5kvB
mTLq1PBkM+N0pAjIB6WGCgn17EeKa1fqUzfW+4CLNx/erXW32Oja6h0FT+Tnv1XM
kHAi3ZNocmrS+RBFyEEZTZNxLq7Ywwy0g44NCK6mE0Fxk5M=
</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
    </md:KeyDescriptor>
    <md:KeyDescriptor use="encryption">
      <ds:KeyInfo>
        <ds:KeyName>verify.sunet.se</ds:KeyName>
        <ds:X509Data>
          <ds:X509SubjectName>CN=verify.sunet.se</ds:X509SubjectName>
          <ds:X509Certificate>MIIE/zCCAuegAwIBAgIUMEyMWB7rs7lwj9oR3LPty9nOXGUwDQYJKoZIhvcNAQEL
BQAwGjEYMBYGA1UEAxMPdmVyaWZ5LnN1bmV0LnNlMB4XDTIyMDMxNTE1NDAzNFoX
DTMyMDMxMjE1NDAzNFowGjEYMBYGA1UEAxMPdmVyaWZ5LnN1bmV0LnNlMIICIjAN
BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA6t4NsE8q9zw1gA5km5+b+d9KF3w+
KtIfZs7lmeUWKPaoWZv6U0yNLcXLeEtEU51pzFc+I2meIVibWOb9MoA5vWBulWA7
Ir0MriVuswv5BCfu3Xvq+byUC4Yy2sGwI03bJjJwPZSOVTor9x246p36wTMvdj3z
hpf7Pg9T/0lPbUGaQ3qSn0yep6x1pZEhZwp2G+wawhB6hHPHSeZ6bNpadaTNTkVp
h/1qzKzv3vpTYnsEzWvMEVauOjDhq7cLqgwGjLxv7tcok39KcCCASMx6x08Io7St
RZOh9iBaEUJ35kCnVqitKFOq3FJXbu4UQyuLCszOAgrY9QlkBjFUtZIklyAuPuyH
Ivv88UqCir4wi+uPA1qYKvqo1qS/yVJNQ9I96qAy4Zu2dv6M6y46YMIIbeByeoAy
/aAJHiCBsIYvoEpzSTjL7bXynpfH7NVpIhtlrzHXUZSJBmBy9mghEm4LBxMSaKXI
Xu4fil09fVWCqyuP7a2zMSIPGcQHAf21jg/KrktDEZ7N6UerDLvoyM+hGlBcc/b7
m4yT021nvkcXr3egpEw6qcvsaahU00zKYL8Ro3c1HdGws08UhBhU9LK5/8GTQ8ZZ
tosp94NxU0OXhjsDYSnYxiopZxU1POLTm6DNjZhHd8p4+Ae0lYJf5Tj2RHrfySOW
8OurLXUll/e/lakCAwEAAaM9MDswGgYDVR0RBBMwEYIPdmVyaWZ5LnN1bmV0LnNl
MB0GA1UdDgQWBBSr2SVJa39q99BF19O7uPUxZ1FLtTANBgkqhkiG9w0BAQsFAAOC
AgEAbmOpdAURjOSCgpEbcJIu2CHHLlhHVH5vDVFp3Tbw+47DDcmvXpk3Jq1U6hPF
4XdwnpRnWO5kU6QvJiXNtAsPcek5C6u9vHZNW6tctvgFh0vPsSLvN0e4FYcUCoof
eKFPGPWuUu01UfKTEmOz3ws0CTnF8pVASYFvDU4e0wYTxr9rpEtP41bJMttsQuPQ
r9jfI9uQ9+1mz8R85xzud31oBvS0y2bcK9J8t4TDNSDAcJeVtreIdIDgnCEAbKUj
3iDRZU2t7qrP2ZKn4RX3qKn9blRakFIelQ9b/KrcQGUAuUGFOHmPjcRIhZDyTiTt
RNXwkJqh954Q5086ZtCRKq1mZ92elFwRO71LtrTaLsICRa2Pe1MxQvUc2FCo2aaM
4dGOqTokX4GraG5xtr7mhtKbB/vJObMdrADG4cZYBcjo7/nqXjNe9LYW6vLtuWgy
9RYHg0EHADpcTKN3xjkFG/JCho04pDjz5vugVnnnhYHxpJfv1nQQn3shrZ+n4U54
KZ63JP/A3wlhJGDHAyU2YbDE8ytQI2SVwlr8YzamiSM1vdOqLGeTDVyTSHTaxjf5
oL2bH818Ft93Y/h4EFUtHZPG6PQB3dLchU/7yxJGq2+NQEmPEUS6VhHglyla5tUh
4DuozUGO0vTBt0F7pWMIw/PNSeJF7cf5vZ8PogJ7j0TpA9I=
</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
    </md:KeyDescriptor>
    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://verify.sunet.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://verify.sunet.se/Shibboleth.sso/SLO/SOAP"/>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://verify.sunet.se/Shibboleth.sso/SLO/Redirect"/>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://verify.sunet.se/Shibboleth.sso/SLO/POST"/>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://verify.sunet.se/Shibboleth.sso/SLO/Artifact"/>
    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://verify.sunet.se/Shibboleth.sso/SAML2/POST" index="1"/>
    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://verify.sunet.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://verify.sunet.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://verify.sunet.se/Shibboleth.sso/SAML2/ECP" index="4"/>
    <md:AttributeConsumingService index="1">
      <md:ServiceName xml:lang="en">SUNET User verification</md:ServiceName>
      <md:ServiceName xml:lang="sv">SUNET - användare verifiering</md:ServiceName>
      <md:RequestedAttribute FriendlyName="givenName" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
      <md:RequestedAttribute FriendlyName="mail" Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
      <md:RequestedAttribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
      <md:RequestedAttribute FriendlyName="eduPersonAssurance" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.11" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
      <md:RequestedAttribute FriendlyName="eduPersonPrincipalName" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
      <md:RequestedAttribute FriendlyName="displayName" Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
    </md:AttributeConsumingService>
  </md:SPSSODescriptor>
  <md:Organization>
    <md:OrganizationName xml:lang="en">The Swedish Research Council</md:OrganizationName>
    <md:OrganizationName xml:lang="sv">Vetenskapsrådet</md:OrganizationName>
    <md:OrganizationDisplayName xml:lang="en">Sunet</md:OrganizationDisplayName>
    <md:OrganizationDisplayName xml:lang="sv">Sunet</md:OrganizationDisplayName>
    <md:OrganizationURL xml:lang="en">https://www.sunet.se/en</md:OrganizationURL>
    <md:OrganizationURL xml:lang="sv">https://www.sunet.se</md:OrganizationURL>
  </md:Organization>
  <md:ContactPerson contactType="technical">
    <md:GivenName>Sunet NOC</md:GivenName>
    <md:EmailAddress>mailto:noc@sunet.se</md:EmailAddress>
  </md:ContactPerson>
  <md:ContactPerson contactType="support">
    <md:GivenName>Sunet NOC</md:GivenName>
    <md:EmailAddress>mailto:noc@sunet.se</md:EmailAddress>
  </md:ContactPerson>
  <md:ContactPerson xmlns:remd="http://refeds.org/metadata" contactType="other" remd:contactType="http://refeds.org/metadata/contactType/security">
    <md:GivenName>Sunet NOC</md:GivenName>
    <md:EmailAddress>mailto:noc@sunet.se</md:EmailAddress>
  </md:ContactPerson>
  <md:ContactPerson contactType="administrative">
    <md:GivenName>Sunet NOC</md:GivenName>
    <md:EmailAddress>mailto:noc@sunet.se</md:EmailAddress>
  </md:ContactPerson>
</md:EntityDescriptor>